CVE / JVNDB Latest 100

Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Potential SQL injection via _connector keyword argument in QuerySet and Q objects

Mod_cluster/mod_proxy_cluster: stored cross site scripting

Mail Mint <= 1.18.10 - Authenticated (Admin+) Arbitrary File Upload

Alex Reservations: Smart Restaurant Booking <= 2.2.3 - Authenticated (Admin+) Arbitrary File Upload

Gallery Plugin for WordPress – Envira Photo Gallery <= 1.11.0 - Missing Authorization to Authenticated (Contributor+) Gallery Conversion

aThemes Addons for Elementor <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call To Action Widget

Quick Featured Images <= 13.7.3 - Authenticated (Editor+) SQL Injection via delete_orphaned

Saphali LiqPay for donate <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

CYAN Backup <= 2.5.4 - Authenticated (Admin+) Arbitrary File Deletion

Qemu-kvm: information leak in virtio devices

Qemu-kvm: usb: assertion failure in usb_ep_get()

Libnbd: crash or misbehaviour when nbd server returns an unexpected block size

Academy LMS Pro <= 3.3.8 - Unauthenticated Sensitive Information Exposure via 'enqueue_social_login_script'

Academy LMS – WordPress LMS Plugin for Complete eLearning Solution <= 3.3.8 - Authenticated (Administrator+) PHP Object Injection via 'import_all_courses'

Libvirt: off-by-one error in udevlistinterfacesbystatus()

Postgresql: extension script @substitutions@ within quoting allow sql injection

Flexible Refund and Return Order for WooCommerce <= 1.0.42 - Incorrect Authorization to Authenticated (Contributor+) Refund Status Update

Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service

Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service

Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method

Libvirt: crash of virtinterfaced via virconnectlistinterfaces()

Libnbd: nbd server improper certificate validation

Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss

Libvirt: stack use-after-free in virnetclientioeventloop()

Qemu-kvm: virtio-pci: improper release of configure vector leads to guest triggerable crash

Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests

Ovn: insufficient validation of bfd packets may lead to denial of service

Kernel: rsvp: out-of-bounds read in rsvp_classify()

Kernel: netfilter: xtables out-of-bounds read in u32_match_it()

Keycloak: amount of attributes per object is not limited and it may lead to dos

Qemu: vnc: null pointer dereference in qemu_clipboard_request()

Kernel: oob access in smb2_dump_detail

Kernel: out-of-bounds read vulnerability in smbcalcsize

Kernel: marvin vulnerability side-channel leakage in the rsa decryption operation

Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs

Qemu-kvm: net: assertion failure in update_sctp_checksum()

Libvirt: null pointer dereference in udevconnectlistallinterfaces()

Libvirt: negative g_new0 length can lead to unbounded memory allocation

EventPrime – Events Calendar, Bookings and Tickets <= 4.2.0.0 - Missing Authorization to Authenticated (Subscriber+) Booking Note Creation

Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service

Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service

Better Find and Replace <= 1.7.7 - Authenticated (Subscriber+) Limited Code Injection

Samba: command injection in wins server hook script

IBM Db2 privilege escalation

PRT File Parsing Memory Corruption Vulnerability

Rubygem-mqtt: rubygem-mqtt hostname validation

Privilege Escalation Vulnerability

Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the renderer process to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chromium security severity: High)

Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory.

Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library

Qemu-kvm: 'qemu-img info' leads to host file read/write

HTML Forms <= 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting

WPFunnels <= 3.6.2 - Authenticated (Administrator+) Arbitrary File Deletion via Path Traversal

Insert Headers and Footers Code – HT Script <= 1.1.6 - Authenticated (Author+) Stored Cross-Site Scripting

Groups <= 6.7.0 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Group Join

Smart Auto Upload Images <= 1.2.0 - Authenticated (Contributor+) Arbitrary File Upload

Mang Board WP <= 2.3.1 - Reflected Cross-Site Scripting

Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.0 - Authenticated (Editor+) SQL Injection

Ovatheme Events Manager <= 1.8.6 - Missing Authorization

Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export

WPFunnels <= 3.6.2 - Unauthorized User Registration

WP2Social Auto Publish <= 2.4.7 - Reflected Cross-Site Scripting via PostMessage

Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key

Contact Form 7 AWeber Extension <= 0.1.42 - Missing Authorization to Authenticated (Subscriber+) Log Reset

Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root

Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6

Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()

Booth: specially crafted hash can lead to invalid hmac being accepted by booth server

Simple Downloads List <= 1.4.3 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

Asgaros Forum <= 3.1.0 - Unauthenticated SQL Injection

Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events

Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE

Soft Serve does not sanitize ANSI escape sequences in user input

SuiteCRM is Vulnerable to Authenticated Blind SQL Injection via GraphQL

SuiteCRM is Vulnerable to Authenticated Time Based Blind SQL Injection

SuiteCRM is vulnerable to unauthenticated reflected XSS through its Login page

SuiteCRM's Inconsistent RBAC Enforcement Enables Access Control Bypass

SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

CVE-2025-12735

SuiteCRM: Authenticated SQL Injection Possible in Reschedule Call Module

calibre is vulnerable to arbitrary code execution when opening FB2 files

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)

Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)

Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass Mark of the Web via a crafted HTML page. (Chromium security severity: Low)

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

CVAT: Mounted share file overwrite via crafted request

KubeVirt Arbitrary Container File Read

KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes

KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes

KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation

KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing