Search
Search Results (329603 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26470 | 1 Intel | 1 Distribution For Python | 2025-08-15 | 6.7 Medium |
| Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-8747 | 1 Keras | 1 Keras | 2025-08-15 | 7.8 High |
| A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive. | ||||
| CVE-2025-24923 | 1 Intel | 1 Ai For Erg Software | 2025-08-15 | 6.7 Medium |
| Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-24323 | 1 Intel | 1 Pcie Switch Software | 2025-08-15 | 6.5 Medium |
| Improper access control in some firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-32004 | 1 Intel | 2 Edger8r Tool, Sgx Sdk | 2025-08-15 | 3.9 Low |
| Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-55726 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55725 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55724 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55723 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55722 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55721 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55720 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55719 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55718 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2021-20087 | 1 Acemetrix | 1 Jquery-deparam | 2025-08-14 | 8.8 High |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype. | ||||
| CVE-2020-9295 | 1 Fortinet | 4 Antivirus Engine, Forticlient, Fortigate and 1 more | 2025-08-14 | 4.7 Medium |
| FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.00144 and below and FortiClient 6.2 running AV engine version 6.00137 and below may not immediately detect certain types of malformed or non-standard RAR archives, potentially containing malicious files. Based on the samples provided, FortiClient will detect the malicious files upon trying extraction by real-time scanning and FortiGate will detect the malicious archive if Virus Outbreak Prevention is enabled. | ||||
| CVE-2024-54951 | 1 Monicahq | 1 Monica | 2025-08-14 | 5.4 Medium |
| Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS. | ||||
| CVE-2024-57329 | 1 Hortusfox | 1 Hortusfox | 2025-08-14 | 5.4 Medium |
| HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant" function. The name input field does not sanitize or escape user inputs, allowing attackers to inject and execute arbitrary JavaScript payloads. | ||||
| CVE-2025-49321 | 2 Themewinter, Wordpress | 2 Eventin, Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arraytics Eventin allows Reflected XSS. This issue affects Eventin: from n/a through 4.0.28. | ||||
| CVE-2025-36582 | 1 Dell | 1 Networker | 2025-08-14 | 4.8 Medium |
| Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||