Common Vulnerabilities and Exposures (CVE)
CVE-2025-33226
NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, inform...
CVE-2022-24489
Cluster Client Failover (CCF) Elevation of Privilege Vulnerability
CVE-2025-33210
NVIDIA Isaac Lab contains a deserialization vulnerability. A successful exploit of this vulnerability might lead to code execution.
CVE-2025-13794
The Auto Featured Image (Auto Post Thumbnail) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulk_action_generate_handler function in all versions up to, and including, 4.2.1...
CVE-2022-24549
Windows AppX Package Manager Elevation of Privilege Vulnerability
CVE-2025-33225
NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names. A successful exploit of this vulnerability may lead to escalation of privileges, code execution, de...
CVE-2025-12809
The Dokan Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `/dokan/v1/wholesale/register` REST API endpoint in all versions up to, and including, 4.1.3. This makes it possible fo...
CVE-2025-66843
grav before v1.7.49.5 has a Stored Cross-Site Scripting (Stored XSS) vulnerability in the page editing functionality. An authenticated low-privileged user with permission to edit content can inject malicious JavaScript payloads into editabl...
CVE-2021-1435
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker...
CVE-2023-5997
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-5633
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest wi...
CVE-2023-29183
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4....
CVE-2023-4804
An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed.
CVE-2023-4474
The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (...