Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-8587 |
|
SQL Injection in sqli (CVE-2025-8587)
SQL injection in sqli (CVE-2025-8587). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4686 |
|
SQL Injection in sqli (CVE-2025-4686)
SQL injection in sqli (CVE-2025-4686). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-4027 |
|
Vulnerability in dos (CVE-2024-4027)
vulnerability in dos (CVE-2024-4027). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-15549 |
|
Cross-Site Scripting (XSS) in fluentcms (CVE-2025-15549)
cross-site scripting in fluentcms (CVE-2025-15549). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7714 |
|
SQL Injection in sqli (CVE-2025-7714)
SQL injection in sqli (CVE-2025-7714). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7713 |
|
Cross-Site Scripting (XSS) in globalmedya (CVE-2025-7713)
cross-site scripting in globalmedya (CVE-2025-7713). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-37015 |
|
Path Traversal in path-traversal (CVE-2020-37015)
path traversal in path-traversal (CVE-2020-37015). Confidential information can be exposed externally.
|
| CVE-2020-37004 |
|
SQL Injection in sqli (CVE-2020-37004)
SQL injection in sqli (CVE-2020-37004). Confidential information can be exposed externally.
|
| CVE-2020-37002 |
|
OS Command Injection in CVE-2020-37002 (CVE-2020-37002)
OS command injection in CVE-2020-37002 (CVE-2020-37002). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71001 |
|
Out-of-Bounds Read in dos (CVE-2025-71001)
vulnerability in dos (CVE-2025-71001). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-70999 |
|
Vulnerability in dos (CVE-2025-70999)
vulnerability in dos (CVE-2025-70999). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71000 |
|
Vulnerability in dos (CVE-2025-71000)
vulnerability in dos (CVE-2025-71000). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65891 |
|
Vulnerability in dos (CVE-2025-65891)
vulnerability in dos (CVE-2025-65891). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65886 |
|
Vulnerability in dos (CVE-2025-65886)
vulnerability in dos (CVE-2025-65886). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65887 |
|
Vulnerability in dos (CVE-2025-65887)
vulnerability in dos (CVE-2025-65887). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65888 |
|
Vulnerability in dos (CVE-2025-65888)
vulnerability in dos (CVE-2025-65888). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65889 |
|
Vulnerability in dos (CVE-2025-65889)
vulnerability in dos (CVE-2025-65889). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65890 |
|
Vulnerability in dos (CVE-2025-65890)
vulnerability in dos (CVE-2025-65890). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24842 |
|
Path Traversal in path-traversal (CVE-2026-24842)
path traversal in path-traversal (CVE-2026-24842). Confidential information can be exposed externally.
|
| CVE-2026-24779 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-24779)
SSRF in ssrf (CVE-2026-24779). Confidential information can be exposed externally. Exploitable via ``MediaConnector``.
|
| CVE-2026-24881 |
|
Vulnerability in dos (CVE-2026-24881)
vulnerability in dos (CVE-2026-24881). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22795 |
|
Vulnerability in dos (CVE-2026-22795)
vulnerability in dos (CVE-2026-22795). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69421 |
|
Vulnerability in dos (CVE-2025-69421)
vulnerability in dos (CVE-2025-69421). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69420 |
|
Vulnerability in dos (CVE-2025-69420)
vulnerability in dos (CVE-2025-69420). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69419 |
|
Out-of-Bounds Write in dos (CVE-2025-69419)
out-of-bounds write in dos (CVE-2025-69419). Confidential information can be exposed externally.
|
| CVE-2025-68160 |
|
Out-of-Bounds Write in dos (CVE-2025-68160)
out-of-bounds write in dos (CVE-2025-68160). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-15467 |
|
Out-of-Bounds Write in cisa (CVE-2025-15467)
out-of-bounds write in cisa (CVE-2025-15467). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21721 |
|
Authorization Flaw in privilege-escalation (CVE-2026-21721)
vulnerability in privilege-escalation (CVE-2026-21721). Confidential information can be exposed externally.
|
| CVE-2026-24486 |
|
Path Traversal in path-traversal (CVE-2026-24486)
path traversal in path-traversal (CVE-2026-24486). Data can be tampered with by attackers. Exploitable via ``UPLOAD_DIR``.
|
| CVE-2026-24858 KEV |
|
[KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-23864 |
|
Vulnerability in react (CVE-2026-23864)
vulnerability in react (CVE-2026-23864). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9820 |
|
Vulnerability in privilege-escalation (CVE-2025-9820)
vulnerability in privilege-escalation (CVE-2025-9820). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52025 |
|
SQL Injection in sqli (CVE-2025-52025)
SQL injection in sqli (CVE-2025-52025). Confidential information can be exposed externally.
|
| CVE-2026-0994 |
|
Vulnerability in protobuf (CVE-2026-0994)
vulnerability in protobuf (CVE-2026-0994). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.29.6` or later.
|
| CVE-2025-4320 |
|
Vulnerability in CVE-2025-4320 (CVE-2025-4320)
vulnerability in CVE-2025-4320 (CVE-2025-4320). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2204 |
|
Cross-Site Scripting (XSS) in CVE-2025-2204 (CVE-2025-2204)
cross-site scripting in CVE-2025-2204 (CVE-2025-2204). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-0603 |
|
SQL Injection in sqli (CVE-2026-0603)
SQL injection in sqli (CVE-2026-0603). Confidential information can be exposed externally.
|
| CVE-2025-15059 |
|
Vulnerability in gimp (CVE-2025-15059)
vulnerability in gimp (CVE-2025-15059). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0775 |
|
Vulnerability in privilege-escalation (CVE-2026-0775)
vulnerability in privilege-escalation (CVE-2026-0775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0535 |
|
Cross-Site Scripting (XSS) in autodesk (CVE-2026-0535)
cross-site scripting in autodesk (CVE-2026-0535). Confidential information can be exposed externally.
|
| CVE-2026-0534 |
|
Cross-Site Scripting (XSS) in autodesk (CVE-2026-0534)
cross-site scripting in autodesk (CVE-2026-0534). Confidential information can be exposed externally.
|
| CVE-2026-0533 |
|
Cross-Site Scripting (XSS) in autodesk (CVE-2026-0533)
cross-site scripting in autodesk (CVE-2026-0533). Confidential information can be exposed externally.
|
| CVE-2025-68900 |
|
Cross-Site Scripting (XSS) in CVE-2025-68900 (CVE-2025-68900)
cross-site scripting in CVE-2025-68900 (CVE-2025-68900). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56589 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-56589)
SSRF in ssrf (CVE-2025-56589). Confidential information can be exposed externally.
|
| CVE-2025-69612 |
|
Path Traversal in path-traversal (CVE-2025-69612)
path traversal in path-traversal (CVE-2025-69612). Confidential information can be exposed externally.
|
| CVE-2025-4764 |
|
SQL Injection in sqli (CVE-2025-4764)
SQL injection in sqli (CVE-2025-4764). Successful exploitation can lead to full system takeover.
|
| CVE-2025-4763 |
|
Cross-Site Scripting (XSS) in aida (CVE-2025-4763)
cross-site scripting in aida (CVE-2025-4763). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24049 |
|
Path Traversal in privilege-escalation (CVE-2026-24049)
path traversal in privilege-escalation (CVE-2026-24049). Data can be tampered with by attackers.
|
| CVE-2025-71176 |
|
Vulnerability in dos (CVE-2025-71176)
vulnerability in dos (CVE-2025-71176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24046 |
|
Path Traversal in path-traversal (CVE-2026-24046)
path traversal in path-traversal (CVE-2026-24046). Confidential information can be exposed externally.
|