Discover Vulnerabilities Now!

Vulnerabilities
---
Vendors
---
Products
---
Vulnerability Media Exposure
These listed vulnerabilities have been referenced across multiple public sources, indicating high media attention and potential significance.
See more
CVE-2025-5419
Severity
HIGH

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

google:chrome
CVE-2025-21480
Severity
HIGH

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

qualcomm:aqt1000_firmware
qualcomm:fastconnect_6200_firmware
qualcomm:fastconnect_6700_firmware
qualcomm:fastconnect_6800_firmware
qualcomm:fastconnect_6900_firmware
qualcomm:fastconnect_7800_firmware
qualcomm:qca6391_firmware
qualcomm:qcm4490_firmware
qualcomm:qcs4490_firmware
qualcomm:sc8380xp_firmware
qualcomm:sd855_firmware
qualcomm:sm4635_firmware
qualcomm:sm6250_firmware
qualcomm:sm6650_firmware
qualcomm:sm6650p_firmware
qualcomm:sm7325p_firmware
qualcomm:sm7635_firmware
qualcomm:sm7675_firmware
qualcomm:sm7675p_firmware
qualcomm:sm8550p_firmware
qualcomm:sm8635_firmware
qualcomm:sm8635p_firmware
qualcomm:sm8650q_firmware
qualcomm:snapdragon_4_gen_1_mobile_platform_firmware
qualcomm:snapdragon_460_mobile_platform_firmware
qualcomm:snapdragon_480_5g_mobile_platform_firmware
qualcomm:snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware
qualcomm:snapdragon_662_mobile_platform_firmware
qualcomm:snapdragon_680_4g_mobile_platform_firmware
qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware
qualcomm:snapdragon_690_5g_mobile_platform_firmware
qualcomm:snapdragon_695_5g_mobile_platform_firmware
qualcomm:snapdragon_720g_mobile_platform_firmware
qualcomm:snapdragon_778g_5g_mobile_platform_firmware
qualcomm:snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware
qualcomm:snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware
qualcomm:snapdragon_7c\+_gen_3_compute_firmware
qualcomm:snapdragon_8_gen_2_mobile_platform_firmware
qualcomm:snapdragon_8_gen_3_mobile_platform_firmware
qualcomm:snapdragon_8\+_gen_2_mobile_platform_firmware
qualcomm:snapdragon_855_mobile_platform_firmware
qualcomm:snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware
qualcomm:snapdragon_865_5g_mobile_platform_firmware
qualcomm:snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware
qualcomm:snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware
qualcomm:snapdragon_888_5g_mobile_platform_firmware
qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware
qualcomm:snapdragon_ar1_gen_1_firmware
qualcomm:snapdragon_ar1_gen_1_platform_\"luna1\"_firmware
qualcomm:snapdragon_x55_5g_modem-rf_system_firmware
qualcomm:sxr2230p_firmware
qualcomm:sxr2250p_firmware
qualcomm:sxr2330p_firmware
qualcomm:wcd9341_firmware
qualcomm:wcd9370_firmware
qualcomm:wcd9375_firmware
qualcomm:wcd9378_firmware
qualcomm:wcd9380_firmware
qualcomm:wcd9385_firmware
qualcomm:wcd9390_firmware
qualcomm:wcd9395_firmware
qualcomm:wcn3950_firmware
qualcomm:wcn3988_firmware
qualcomm:wcn6450_firmware
qualcomm:wcn6650_firmware
qualcomm:wcn6755_firmware
qualcomm:wcn7861_firmware
qualcomm:wcn7881_firmware
qualcomm:wsa8810_firmware
qualcomm:wsa8815_firmware
qualcomm:wsa8830_firmware
qualcomm:wsa8832_firmware
qualcomm:wsa8835_firmware
qualcomm:wsa8840_firmware
qualcomm:wsa8845_firmware
qualcomm:wsa8845h_firmware
CVE-2025-37093
Severity
CRITICAL

An authentication bypass vulnerabilityexists in HPE StoreOnce Software.

CVE-2025-49113
Severity
CRITICAL

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.

CVE-2025-21479
Severity
HIGH

Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands.

qualcomm:aqt1000_firmware
qualcomm:fastconnect_6200_firmware
qualcomm:fastconnect_6700_firmware
qualcomm:fastconnect_6900_firmware
qualcomm:fastconnect_7800_firmware
qualcomm:fastconnect_6800_firmware
qualcomm:qca6391_firmware
qualcomm:qcm4490_firmware
qualcomm:qcs4490_firmware
qualcomm:sd855_firmware
qualcomm:sm4635_firmware
qualcomm:sm6250_firmware
qualcomm:sm6650_firmware
qualcomm:sm6650p_firmware
qualcomm:sm7325p_firmware
qualcomm:sm7635_firmware
qualcomm:sm7675_firmware
qualcomm:sm7675p_firmware
qualcomm:sm8550p_firmware
qualcomm:sm8635_firmware
qualcomm:sm8635p_firmware
qualcomm:sm8650q_firmware
qualcomm:snapdragon_4_gen_1_mobile_platform_firmware
qualcomm:snapdragon_460_mobile_platform_firmware
qualcomm:snapdragon_480_5g_mobile_platform_firmware
qualcomm:snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmware
qualcomm:snapdragon_662_mobile_platform_firmware
qualcomm:snapdragon_680_4g_mobile_platform_firmware
qualcomm:snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmware
qualcomm:snapdragon_690_5g_mobile_platform_firmware
qualcomm:snapdragon_695_5g_mobile_platform_firmware
qualcomm:snapdragon_720g_mobile_platform_firmware
qualcomm:snapdragon_778g_5g_mobile_platform_firmware
qualcomm:snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmware
qualcomm:snapdragon_782g_mobile_platform_\(sm7325-af\)_firmware
qualcomm:snapdragon_7c\+_gen_3_compute_firmware
qualcomm:snapdragon_8_gen_2_mobile_platform_firmware
qualcomm:snapdragon_8_gen_3_mobile_platform_firmware
qualcomm:snapdragon_8\+_gen_2_mobile_platform_firmware
qualcomm:snapdragon_855_mobile_platform_firmware
qualcomm:snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmware
qualcomm:snapdragon_865_5g_mobile_platform_firmware
qualcomm:snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware
qualcomm:snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware
qualcomm:snapdragon_888_5g_mobile_platform_firmware
qualcomm:snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmware
qualcomm:snapdragon_ar1_gen_1_firmware
qualcomm:snapdragon_ar1_gen_1_platform_\"luna1\"_firmware
qualcomm:snapdragon_x55_5g_modem-rf_system_firmware
qualcomm:sxr2230p_firmware
qualcomm:sxr2250p_firmware
qualcomm:sxr2330p_firmware
qualcomm:wcd9370_firmware
qualcomm:wcd9395_firmware
qualcomm:wcn3950_firmware
qualcomm:wcn3988_firmware
qualcomm:wcn6450_firmware
qualcomm:wcn6650_firmware
qualcomm:wcn6755_firmware
qualcomm:wcn7861_firmware
qualcomm:wcn7881_firmware
qualcomm:wsa8810_firmware
qualcomm:wsa8815_firmware
qualcomm:wsa8830_firmware
qualcomm:wsa8832_firmware
qualcomm:wsa8835_firmware
qualcomm:wsa8840_firmware
qualcomm:wsa8845_firmware
qualcomm:wsa8845h_firmware
Newly recorded security issues per week
Stay up to date! New information is added to our knowledge database every day. Here you can see the history of newly added vulnerabilities that have been added to our CVE DB in recent years.
Vulnerabilities by severity (over the last 7 days)
Information about the vulnerabilities of the last 7 days can be found here. As you can see, critical vulnerabilities are also added on a daily basis. Therefore, validate your current security situation sets on a daily basis to ensure the security of your IT.
CVSS Score Distribution
The CVSS score rates security vulnerabilities from 0 to 10, based on factors like attack vectors and impacts on confidentiality, integrity, and availability.
EPSS Score Distribution
The EPSS score predicts the likelihood of a known vulnerability being exploited, complementing CVSS by assessing real-world exploitability based on threat activity and exploit availability.
Latest Vulnerability Reports
The 10 most recently published CVE reports.

  • CVE-2025-0168

    Severity
    MEDIUM

    A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

    anisha:job_recruitment

  • CVE-2025-22214

    Severity
    MEDIUM

    Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.

  • CVE-2025-0171

    Severity
    MEDIUM

    A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

    code-projects:chat_system

  • CVE-2025-0172

    Severity
    MEDIUM

    A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

    code-projects:chat_system

  • CVE-2025-0173

    Severity
    MEDIUM

    A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /orders/view_order.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

    oretnom23:online_eyewear_shop

  • CVE-2025-0174

    Severity
    MEDIUM

    A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /user/search_result2.php of the component Parameter Handler. The manipulation of the argument search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

    code-projects:point_of_sales_and_inventory_management_system

  • CVE-2025-0175

    Severity
    LOW

    A vulnerability was found in code-projects Online Shop 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /view.php. The manipulation of the argument name/details leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

    anisha:online_shop

  • CVE-2025-0176

    Severity
    MEDIUM

    A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /user/add_cart.php. The manipulation of the argument id/qty leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

    code-projects:point_of_sales_and_inventory_management_system

  • CVE-2025-22275

    Severity
    CRITICAL

    iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.

  • CVE-2025-21609

    Severity
    CRITICAL

    SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19.

    b3log:siyuan