Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-67269 |
|
Vulnerability in c (CVE-2025-67269)
vulnerability in c (CVE-2025-67269). Risk of unauthorized operations or information disclosure. Exploitable via ``ffa1d6f40bca0b035fc7f5e563160ebb67199da7``.
|
| CVE-2025-67268 |
|
Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67158 |
|
Authentication Bypass in revotech (CVE-2025-67158)
authentication bypass in revotech (CVE-2025-67158). Confidential information can be exposed externally.
|
| CVE-2025-67160 |
|
Path Traversal in path-traversal (CVE-2025-67160)
path traversal in path-traversal (CVE-2025-67160). Confidential information can be exposed externally.
|
| CVE-2025-59381 |
|
Path Traversal in path-traversal (CVE-2025-59381)
path traversal in path-traversal (CVE-2025-59381). Confidential information can be exposed externally.
|
| CVE-2025-11157 |
|
Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66737 |
|
Vulnerability in path-traversal (CVE-2025-66737)
vulnerability in path-traversal (CVE-2025-66737). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2307 |
|
Cross-Site Scripting (XSS) in CVE-2025-2307 (CVE-2025-2307)
cross-site scripting in CVE-2025-2307 (CVE-2025-2307). Data can be tampered with by attackers.
|
| CVE-2025-2405 |
|
Cross-Site Scripting (XSS) in CVE-2025-2405 (CVE-2025-2405)
cross-site scripting in CVE-2025-2405 (CVE-2025-2405). Data can be tampered with by attackers.
|
| CVE-2025-2406 |
|
Cross-Site Scripting (XSS) in CVE-2025-2406 (CVE-2025-2406)
cross-site scripting in CVE-2025-2406 (CVE-2025-2406). Data can be tampered with by attackers.
|
| CVE-2025-2515 |
|
Authorization Flaw in privilege-escalation (CVE-2025-2515)
vulnerability in privilege-escalation (CVE-2025-2515). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2155 |
|
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
|
| CVE-2025-2154 |
|
Cross-Site Scripting (XSS) in CVE-2025-2154 (CVE-2025-2154)
cross-site scripting in CVE-2025-2154 (CVE-2025-2154). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65865 |
|
Vulnerability in dos (CVE-2025-65865)
vulnerability in dos (CVE-2025-65865). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13183 |
|
Cross-Site Scripting (XSS) in CVE-2025-13183 (CVE-2025-13183)
cross-site scripting in CVE-2025-13183 (CVE-2025-13183). Confidential information can be exposed externally.
|
| CVE-2025-67291 |
|
Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67291)
cross-site scripting in dotnetfoundation (CVE-2025-67291). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-67290 |
|
Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67290)
cross-site scripting in dotnetfoundation (CVE-2025-67290). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1927 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-1927)
vulnerability in csrf (CVE-2025-1927). Data can be tampered with by attackers.
|
| CVE-2025-14347 |
|
Cross-Site Scripting (XSS) in CVE-2025-14347 (CVE-2025-14347)
cross-site scripting in CVE-2025-14347 (CVE-2025-14347). Confidential information can be exposed externally.
|
| CVE-2023-53888 |
|
Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44599 |
|
FNT Command 13.4.0 is vulnerable to Directory Traversal.
FNT Command 13.4.0 is vulnerable to Directory Traversal.
|
| CVE-2025-67906 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2025-67906)
cross-site scripting in misp-project (CVE-2025-67906). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-14512 |
|
Vulnerability in dos (CVE-2025-14512)
vulnerability in dos (CVE-2025-14512). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65828 |
|
Vulnerability in dos (CVE-2025-65828)
vulnerability in dos (CVE-2025-65828). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63895 |
|
Vulnerability in dos (CVE-2025-63895)
vulnerability in dos (CVE-2025-63895). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13127 |
|
Cross-Site Scripting (XSS) in CVE-2025-13127 (CVE-2025-13127)
cross-site scripting in CVE-2025-13127 (CVE-2025-13127). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7073 |
|
Vulnerability in c (CVE-2025-7073)
vulnerability in c (CVE-2025-7073). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14087 |
|
Vulnerability in dos (CVE-2025-14087)
vulnerability in dos (CVE-2025-14087). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1161 |
|
Vulnerability in privilege-escalation (CVE-2025-1161)
vulnerability in privilege-escalation (CVE-2025-1161). Successful exploitation can lead to full system takeover.
|
| CVE-2025-6924 |
|
Cross-Site Scripting (XSS) in CVE-2025-6924 (CVE-2025-6924)
cross-site scripting in CVE-2025-6924 (CVE-2025-6924). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6923 |
|
Cross-Site Scripting (XSS) in CVE-2025-6923 (CVE-2025-6923)
cross-site scripting in CVE-2025-6923 (CVE-2025-6923). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-12504 |
|
SQL Injection in sqli (CVE-2025-12504)
SQL injection in sqli (CVE-2025-12504). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64666 |
|
Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61078 |
|
Cross-Site Scripting (XSS) in phpipam (CVE-2025-61078)
cross-site scripting in phpipam (CVE-2025-61078). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11022 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
|
| CVE-2025-10876 |
|
Cross-Site Scripting (XSS) in CVE-2025-10876 (CVE-2025-10876)
cross-site scripting in CVE-2025-10876 (CVE-2025-10876). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65799 |
|
Vulnerability in path-traversal (CVE-2025-65799)
vulnerability in path-traversal (CVE-2025-65799). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65797 |
|
Vulnerability in dos (CVE-2025-65797)
vulnerability in dos (CVE-2025-65797). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-34291 KEV |
|
[KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
|
| CVE-2025-64054 |
|
Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64053 |
|
Vulnerability in dos (CVE-2025-64053)
vulnerability in dos (CVE-2025-64053). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64057 |
|
Path Traversal in path-traversal (CVE-2025-64057)
path traversal in path-traversal (CVE-2025-64057). Data can be tampered with by attackers.
|
| CVE-2025-64055 |
|
Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63401 |
|
Cross-Site Scripting (XSS) in hcltech (CVE-2025-63401)
cross-site scripting in hcltech (CVE-2025-63401). Data can be tampered with by attackers.
|
| CVE-2025-57202 |
|
Cross-Site Scripting (XSS) in avtech (CVE-2025-57202)
cross-site scripting in avtech (CVE-2025-57202). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13505 |
|
Cross-Site Scripting (XSS) in datateam (CVE-2025-13505)
cross-site scripting in datateam (CVE-2025-13505). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66412 |
|
Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
|
| CVE-2025-65622 |
|
Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65621 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51683 |
|
SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.
|