nuget

842 tracked vulnerabilities.

CVE-2025-67290 MEDIUM
Piranha CMS v12.1 - Stored Cross-Site Scripting in Page Settings Excerpt Field
Dec 22, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-67288 CRITICAL
Umbraco CMS 16.3.3 - Arbitrary File Upload via Crafted PDF File
Dec 22, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-68469 LOW
ImageMagick < 7.1.1-14 - Heap-based Buffer Overflow via Crafted TIFF File
Dec 18, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-14759 MEDIUM
Amazon S3 Encryption Client for .NET < 3.2.0 - Use of a Broken or Risky Cryptographic Algorithm
Dec 17, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-65581 MEDIUM
Volosoft ABP Framework 5.1.0-10.0.0-rc.2 - Open Redirect via Account Module ReturnUrl Parameter
Dec 16, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-66628 HIGH
ImageMagick <7.1.9 - Buffer Overflow
Dec 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-66625 MEDIUM
Umbraco CMS 10.0.0-13.12.0 - Authenticated Arbitrary File Existence Enumeration via Dictionary Upload
Dec 09, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-64113 CRITICAL
Emby Server < 4.9.1.81 - Unauthenticated Weak Password Recovery Mechanism
Dec 09, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-66631 CRITICAL
CSLA .NET < 6.0.0 - Remote Code Execution via WcfProxy NetDataContractSerializer Deserialization
Dec 09, 2025
CVSS 9.8
EPSS 0.03
CVE-2025-65955 MEDIUM
ImageMagick <7.1.2-9 & 6.9.13-34 - Memory Corruption
Dec 02, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-64095 CRITICAL NUCLEI
Dnnsoftware Dotnetnuke < 10.1.1 - Unrestricted File Upload
Oct 28, 2025
CVSS 10.0
EPSS 0.20
CVE-2025-64094 MEDIUM
Dnnsoftware Dotnetnuke < 10.1.1 - XSS
Oct 28, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-62802 MEDIUM
DNN <10.1.1 - Info Disclosure
Oct 28, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-62594 MEDIUM
ImageMagick < 7.1.2-8 - Denial of Service via CLAHEImage Function
Oct 27, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-61413 MEDIUM
Piranha CMS v12.0 - Stored Cross-Site Scripting in Markdown Blocks
Oct 23, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-62171 MEDIUM
ImageMagick < 6.9.13-32 - Integer Overflow in BMP Decoder on 32-bit Systems
Oct 17, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-11849 CRITICAL
mammoth < 1.11.0 - Directory Traversal via DOCX Image External Link
Oct 17, 2025
CVSS 9.3
EPSS 0.00
CVE-2025-11842 MEDIUM
Shazwazza Smidge < 4.6.0 - Path Traversal via Bundle Handler Version Argument
Oct 16, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-54539 CRITICAL
Apache ActiveMQ NMS AMQP < 2.4.0 - Remote Code Execution via Untrusted AMQP Server Deserialization
Oct 16, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-55315 CRITICAL
ASP.NET Core 2.3.0-2.3.5 - HTTP Request Smuggling via Inconsistent Request Interpretation
Oct 14, 2025
CVSS 9.9
EPSS 0.02
CVE-2025-55248 MEDIUM
.NET Framework - Inadequate Encryption Strength
Oct 14, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-55247 HIGH
.NET 8.0.0-8.0.20 - Authenticated Privilege Escalation via Improper Link Resolution
Oct 14, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-11573 HIGH
Amazon.IonDotnet < 1.3.2 - Denial of Service via Infinite Loop in Text Input Parser
Oct 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-61778 CRITICAL
Akka.Remote 1.2.0-1.5.51 - Authentication Bypass via Missing Mutual TLS Enforcement
Oct 06, 2025
EPSS 0.00
CVE-2025-55797 MEDIUM
FormCMS < 0.5.5 - Unauthenticated Improper Access Control via Schema History Endpoint
Sep 30, 2025
CVSS 6.5
EPSS 0.00
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV