Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-67269 Vulnerability in c (CVE-2025-67269)
vulnerability in c (CVE-2025-67269). Risk of unauthorized operations or information disclosure. Exploitable via ``ffa1d6f40bca0b035fc7f5e563160ebb67199da7``.
CVE-2025-67268 Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
CVE-2025-67158 Authentication Bypass in revotech (CVE-2025-67158)
authentication bypass in revotech (CVE-2025-67158). Confidential information can be exposed externally.
CVE-2025-67160 Path Traversal in path-traversal (CVE-2025-67160)
path traversal in path-traversal (CVE-2025-67160). Confidential information can be exposed externally.
CVE-2025-59381 Path Traversal in path-traversal (CVE-2025-59381)
path traversal in path-traversal (CVE-2025-59381). Confidential information can be exposed externally.
CVE-2025-11157 Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
CVE-2025-66737 Vulnerability in path-traversal (CVE-2025-66737)
vulnerability in path-traversal (CVE-2025-66737). Risk of unauthorized operations or information disclosure.
CVE-2025-2307 Cross-Site Scripting (XSS) in CVE-2025-2307 (CVE-2025-2307)
cross-site scripting in CVE-2025-2307 (CVE-2025-2307). Data can be tampered with by attackers.
CVE-2025-2405 Cross-Site Scripting (XSS) in CVE-2025-2405 (CVE-2025-2405)
cross-site scripting in CVE-2025-2405 (CVE-2025-2405). Data can be tampered with by attackers.
CVE-2025-2406 Cross-Site Scripting (XSS) in CVE-2025-2406 (CVE-2025-2406)
cross-site scripting in CVE-2025-2406 (CVE-2025-2406). Data can be tampered with by attackers.
CVE-2025-2515 Authorization Flaw in privilege-escalation (CVE-2025-2515)
vulnerability in privilege-escalation (CVE-2025-2515). Successful exploitation can lead to full system takeover.
CVE-2025-2155 Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
CVE-2025-2154 Cross-Site Scripting (XSS) in CVE-2025-2154 (CVE-2025-2154)
cross-site scripting in CVE-2025-2154 (CVE-2025-2154). Risk of unauthorized operations or information disclosure.
CVE-2025-65865 Vulnerability in dos (CVE-2025-65865)
vulnerability in dos (CVE-2025-65865). Risk of unauthorized operations or information disclosure.
CVE-2025-13183 Cross-Site Scripting (XSS) in CVE-2025-13183 (CVE-2025-13183)
cross-site scripting in CVE-2025-13183 (CVE-2025-13183). Confidential information can be exposed externally.
CVE-2025-67291 Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67291)
cross-site scripting in dotnetfoundation (CVE-2025-67291). Risk of unauthorized operations or information disclosure.
CVE-2025-67290 Cross-Site Scripting (XSS) in dotnetfoundation (CVE-2025-67290)
cross-site scripting in dotnetfoundation (CVE-2025-67290). Risk of unauthorized operations or information disclosure.
CVE-2025-1927 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-1927)
vulnerability in csrf (CVE-2025-1927). Data can be tampered with by attackers.
CVE-2025-14347 Cross-Site Scripting (XSS) in CVE-2025-14347 (CVE-2025-14347)
cross-site scripting in CVE-2025-14347 (CVE-2025-14347). Confidential information can be exposed externally.
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
CVE-2024-44599 FNT Command 13.4.0 is vulnerable to Directory Traversal.
FNT Command 13.4.0 is vulnerable to Directory Traversal.
CVE-2025-67906 Cross-Site Scripting (XSS) in misp-project (CVE-2025-67906)
cross-site scripting in misp-project (CVE-2025-67906). Risk of unauthorized operations or information disclosure.
CVE-2025-14512 Vulnerability in dos (CVE-2025-14512)
vulnerability in dos (CVE-2025-14512). Risk of unauthorized operations or information disclosure.
CVE-2025-65828 Vulnerability in dos (CVE-2025-65828)
vulnerability in dos (CVE-2025-65828). Risk of unauthorized operations or information disclosure.
CVE-2025-63895 Vulnerability in dos (CVE-2025-63895)
vulnerability in dos (CVE-2025-63895). Risk of unauthorized operations or information disclosure.
CVE-2025-13127 Cross-Site Scripting (XSS) in CVE-2025-13127 (CVE-2025-13127)
cross-site scripting in CVE-2025-13127 (CVE-2025-13127). Risk of unauthorized operations or information disclosure.
CVE-2025-7073 Vulnerability in c (CVE-2025-7073)
vulnerability in c (CVE-2025-7073). Successful exploitation can lead to full system takeover.
CVE-2025-14087 Vulnerability in dos (CVE-2025-14087)
vulnerability in dos (CVE-2025-14087). Risk of unauthorized operations or information disclosure.
CVE-2025-1161 Vulnerability in privilege-escalation (CVE-2025-1161)
vulnerability in privilege-escalation (CVE-2025-1161). Successful exploitation can lead to full system takeover.
CVE-2025-6924 Cross-Site Scripting (XSS) in CVE-2025-6924 (CVE-2025-6924)
cross-site scripting in CVE-2025-6924 (CVE-2025-6924). Risk of unauthorized operations or information disclosure.
CVE-2025-6923 Cross-Site Scripting (XSS) in CVE-2025-6923 (CVE-2025-6923)
cross-site scripting in CVE-2025-6923 (CVE-2025-6923). Risk of unauthorized operations or information disclosure.
CVE-2025-12504 SQL Injection in sqli (CVE-2025-12504)
SQL injection in sqli (CVE-2025-12504). Successful exploitation can lead to full system takeover.
CVE-2025-64666 Vulnerability in microsoft (CVE-2025-64666)
vulnerability in microsoft (CVE-2025-64666). Successful exploitation can lead to full system takeover.
CVE-2025-61078 Cross-Site Scripting (XSS) in phpipam (CVE-2025-61078)
cross-site scripting in phpipam (CVE-2025-61078). Risk of unauthorized operations or information disclosure.
CVE-2025-11022 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
CVE-2025-10876 Cross-Site Scripting (XSS) in CVE-2025-10876 (CVE-2025-10876)
cross-site scripting in CVE-2025-10876 (CVE-2025-10876). Risk of unauthorized operations or information disclosure.
CVE-2025-65799 Vulnerability in path-traversal (CVE-2025-65799)
vulnerability in path-traversal (CVE-2025-65799). Risk of unauthorized operations or information disclosure.
CVE-2025-65797 Vulnerability in dos (CVE-2025-65797)
vulnerability in dos (CVE-2025-65797). Risk of unauthorized operations or information disclosure.
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
CVE-2025-64054 Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
CVE-2025-64053 Vulnerability in dos (CVE-2025-64053)
vulnerability in dos (CVE-2025-64053). Risk of unauthorized operations or information disclosure.
CVE-2025-64057 Path Traversal in path-traversal (CVE-2025-64057)
path traversal in path-traversal (CVE-2025-64057). Data can be tampered with by attackers.
CVE-2025-64055 Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
CVE-2025-63401 Cross-Site Scripting (XSS) in hcltech (CVE-2025-63401)
cross-site scripting in hcltech (CVE-2025-63401). Data can be tampered with by attackers.
CVE-2025-57202 Cross-Site Scripting (XSS) in avtech (CVE-2025-57202)
cross-site scripting in avtech (CVE-2025-57202). Risk of unauthorized operations or information disclosure.
CVE-2025-13505 Cross-Site Scripting (XSS) in datateam (CVE-2025-13505)
cross-site scripting in datateam (CVE-2025-13505). Risk of unauthorized operations or information disclosure.
CVE-2025-66412 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
CVE-2025-65622 Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
CVE-2025-65621 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
CVE-2025-51683 SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →