Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-63365 Path Traversal in path-traversal (CVE-2025-63365)
path traversal in path-traversal (CVE-2025-63365). Confidential information can be exposed externally.
CVE-2025-13296 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-13296)
vulnerability in csrf (CVE-2025-13296). Risk of unauthorized operations or information disclosure.
CVE-2025-65676 Cross-Site Scripting (XSS) in classroomio (CVE-2025-65676)
cross-site scripting in classroomio (CVE-2025-65676). Risk of unauthorized operations or information disclosure.
CVE-2025-65675 Cross-Site Scripting (XSS) in classroomio (CVE-2025-65675)
cross-site scripting in classroomio (CVE-2025-65675). Risk of unauthorized operations or information disclosure.
CVE-2025-51741 Vulnerability in dos (CVE-2025-51741)
vulnerability in dos (CVE-2025-51741). Risk of unauthorized operations or information disclosure.
CVE-2025-61167 SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
CVE-2025-13502 Out-of-Bounds Read in dos (CVE-2025-13502)
vulnerability in dos (CVE-2025-13502). Risk of unauthorized operations or information disclosure.
CVE-2025-64048 Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
CVE-2025-64047 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
CVE-2025-56400 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56400)
vulnerability in csrf (CVE-2025-56400). Successful exploitation can lead to full system takeover.
CVE-2025-56401 ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
CVE-2025-0643 Cross-Site Scripting (XSS) in CVE-2025-0643 (CVE-2025-0643)
cross-site scripting in CVE-2025-0643 (CVE-2025-0643). Successful exploitation can lead to full system takeover.
CVE-2025-11963 Cross-Site Scripting (XSS) in CVE-2025-11963 (CVE-2025-11963)
cross-site scripting in CVE-2025-11963 (CVE-2025-11963). Risk of unauthorized operations or information disclosure.
CVE-2025-10437 SQL Injection in sqli (CVE-2025-10437)
SQL injection in sqli (CVE-2025-10437). Successful exploitation can lead to full system takeover.
CVE-2025-61662 Use-After-Free in dos (CVE-2025-61662)
vulnerability in dos (CVE-2025-61662). Successful exploitation can lead to full system takeover.
CVE-2025-61663 Vulnerability in dos (CVE-2025-61663)
vulnerability in dos (CVE-2025-61663). Risk of unauthorized operations or information disclosure.
CVE-2025-54770 Vulnerability in dos (CVE-2025-54770)
vulnerability in dos (CVE-2025-54770). Risk of unauthorized operations or information disclosure.
CVE-2025-54771 Vulnerability in dos (CVE-2025-54771)
vulnerability in dos (CVE-2025-54771). Risk of unauthorized operations or information disclosure.
CVE-2025-61661 Vulnerability in dos (CVE-2025-61661)
vulnerability in dos (CVE-2025-61661). Risk of unauthorized operations or information disclosure.
CVE-2025-63258 Command Injection in CVE-2025-63258 (CVE-2025-63258)
command injection in CVE-2025-63258 (CVE-2025-63258). Risk of unauthorized operations or information disclosure.
CVE-2025-63892 Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
CVE-2025-64046 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
CVE-2025-8855 Vulnerability in CVE-2025-8855 (CVE-2025-8855)
vulnerability in CVE-2025-8855 (CVE-2025-8855). Confidential information can be exposed externally.
CVE-2025-60693 Vulnerability in dos (CVE-2025-60693)
vulnerability in dos (CVE-2025-60693). Risk of unauthorized operations or information disclosure.
CVE-2025-60691 Vulnerability in dos (CVE-2025-60691)
vulnerability in dos (CVE-2025-60691). Successful exploitation can lead to full system takeover.
CVE-2025-60692 Vulnerability in dos (CVE-2025-60692)
vulnerability in dos (CVE-2025-60692). Successful exploitation can lead to full system takeover.
CVE-2025-60694 Vulnerability in dos (CVE-2025-60694)
vulnerability in dos (CVE-2025-60694). Risk of unauthorized operations or information disclosure.
CVE-2025-60695 Vulnerability in dos (CVE-2025-60695)
vulnerability in dos (CVE-2025-60695). Risk of unauthorized operations or information disclosure.
CVE-2025-60696 Vulnerability in dos (CVE-2025-60696)
vulnerability in dos (CVE-2025-60696). Successful exploitation can lead to full system takeover.
CVE-2025-60690 Vulnerability in dos (CVE-2025-60690)
vulnerability in dos (CVE-2025-60690). Successful exploitation can lead to full system takeover.
CVE-2025-60686 Vulnerability in dos (CVE-2025-60686)
vulnerability in dos (CVE-2025-60686). Risk of unauthorized operations or information disclosure.
CVE-2025-56385 SQL Injection in sqli (CVE-2025-56385)
SQL injection in sqli (CVE-2025-56385). Successful exploitation can lead to full system takeover.
CVE-2025-11962 Cross-Site Scripting (XSS) in CVE-2025-11962 (CVE-2025-11962)
cross-site scripting in CVE-2025-11962 (CVE-2025-11962). Confidential information can be exposed externally.
CVE-2025-10161 Vulnerability in CVE-2025-10161 (CVE-2025-10161)
vulnerability in CVE-2025-10161 (CVE-2025-10161). Risk of unauthorized operations or information disclosure.
CVE-2025-11960 Cross-Site Scripting (XSS) in CVE-2025-11960 (CVE-2025-11960)
cross-site scripting in CVE-2025-11960 (CVE-2025-11960). Risk of unauthorized operations or information disclosure.
CVE-2025-10968 SQL Injection in sqli (CVE-2025-10968)
SQL injection in sqli (CVE-2025-10968). Successful exploitation can lead to full system takeover.
CVE-2025-63560 Vulnerability in dos (CVE-2025-63560)
vulnerability in dos (CVE-2025-63560). Risk of unauthorized operations or information disclosure.
CVE-2025-11956 Cross-Site Scripting (XSS) in CVE-2025-11956 (CVE-2025-11956)
cross-site scripting in CVE-2025-11956 (CVE-2025-11956). Confidential information can be exposed externally.
CVE-2025-10955 Cross-Site Scripting (XSS) in CVE-2025-10955 (CVE-2025-10955)
cross-site scripting in CVE-2025-10955 (CVE-2025-10955). Risk of unauthorized operations or information disclosure.
CVE-2025-12464 Vulnerability in dos (CVE-2025-12464)
vulnerability in dos (CVE-2025-12464). Risk of unauthorized operations or information disclosure.
CVE-2025-6520 SQL Injection in sqli (CVE-2025-6520)
SQL injection in sqli (CVE-2025-6520). Successful exploitation can lead to full system takeover.
CVE-2025-61498 Vulnerability in dos (CVE-2025-61498)
vulnerability in dos (CVE-2025-61498). Risk of unauthorized operations or information disclosure.
CVE-2025-60898 SSRF (Server-Side Request Forgery) in c (CVE-2025-60898)
SSRF in c (CVE-2025-60898). Risk of unauthorized operations or information disclosure.
CVE-2025-60349 Vulnerability in dos (CVE-2025-60349)
vulnerability in dos (CVE-2025-60349). Risk of unauthorized operations or information disclosure.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-61795 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.110, 10.1.47, 11.0.12` or later.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2023-49440 AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
CVE-2025-60419 Vulnerability in dos (CVE-2025-60419)
vulnerability in dos (CVE-2025-60419). Risk of unauthorized operations or information disclosure.
CVE-2025-11253 SQL Injection in sqli (CVE-2025-11253)
SQL injection in sqli (CVE-2025-11253). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →