Real-time CVE monitoring from CISA Known Exploited Vulnerabilities and National Vulnerability Database. Stay protected with instant security alerts and comprehensive threat intelligence.
CISA KEV Vulnerabilities
8
NVD Recent CVEs
6
Total Tracked
14
OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation ...
OSGeo GeoServer
RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.
RARLAB WinRAR
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
Microsoft Windows
D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (EoL) and/or end-of-service (...
D-Link Routers
Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.
Array Networks ArrayOS AG
Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Serv...
Meta React Server Components
OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
OpenPLC ScadaBR
Android Framework contains an unspecified vulnerability that allows for information disclosure.
Android Framework
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Known Exploited Vulnerabilities catalog maintained by the Cybersecurity and Infrastructure Security Agency (CISA). These vulnerabilities are actively being exploited in the wild and require immediate attention from security teams worldwide.
The NVD provides comprehensive CVE information with CVSS scoring, vulnerability descriptions, and technical details maintained by the National Institute of Standards and Technology (NIST). Essential resource for vulnerability management and security operations.