Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-63365 |
|
Path Traversal in path-traversal (CVE-2025-63365)
path traversal in path-traversal (CVE-2025-63365). Confidential information can be exposed externally.
|
| CVE-2025-13296 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-13296)
vulnerability in csrf (CVE-2025-13296). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65676 |
|
Cross-Site Scripting (XSS) in classroomio (CVE-2025-65676)
cross-site scripting in classroomio (CVE-2025-65676). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65675 |
|
Cross-Site Scripting (XSS) in classroomio (CVE-2025-65675)
cross-site scripting in classroomio (CVE-2025-65675). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51741 |
|
Vulnerability in dos (CVE-2025-51741)
vulnerability in dos (CVE-2025-51741). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61167 |
|
SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13502 |
|
Out-of-Bounds Read in dos (CVE-2025-13502)
vulnerability in dos (CVE-2025-13502). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64048 |
|
Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64047 |
|
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
|
| CVE-2025-56400 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56400)
vulnerability in csrf (CVE-2025-56400). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56401 |
|
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName.
|
| CVE-2025-0643 |
|
Cross-Site Scripting (XSS) in CVE-2025-0643 (CVE-2025-0643)
cross-site scripting in CVE-2025-0643 (CVE-2025-0643). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11963 |
|
Cross-Site Scripting (XSS) in CVE-2025-11963 (CVE-2025-11963)
cross-site scripting in CVE-2025-11963 (CVE-2025-11963). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10437 |
|
SQL Injection in sqli (CVE-2025-10437)
SQL injection in sqli (CVE-2025-10437). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61662 |
|
Use-After-Free in dos (CVE-2025-61662)
vulnerability in dos (CVE-2025-61662). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61663 |
|
Vulnerability in dos (CVE-2025-61663)
vulnerability in dos (CVE-2025-61663). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-54770 |
|
Vulnerability in dos (CVE-2025-54770)
vulnerability in dos (CVE-2025-54770). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-54771 |
|
Vulnerability in dos (CVE-2025-54771)
vulnerability in dos (CVE-2025-54771). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61661 |
|
Vulnerability in dos (CVE-2025-61661)
vulnerability in dos (CVE-2025-61661). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63258 |
|
Command Injection in CVE-2025-63258 (CVE-2025-63258)
command injection in CVE-2025-63258 (CVE-2025-63258). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63892 |
|
Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64046 |
|
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
|
| CVE-2025-8855 |
|
Vulnerability in CVE-2025-8855 (CVE-2025-8855)
vulnerability in CVE-2025-8855 (CVE-2025-8855). Confidential information can be exposed externally.
|
| CVE-2025-60693 |
|
Vulnerability in dos (CVE-2025-60693)
vulnerability in dos (CVE-2025-60693). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60691 |
|
Vulnerability in dos (CVE-2025-60691)
vulnerability in dos (CVE-2025-60691). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60692 |
|
Vulnerability in dos (CVE-2025-60692)
vulnerability in dos (CVE-2025-60692). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60694 |
|
Vulnerability in dos (CVE-2025-60694)
vulnerability in dos (CVE-2025-60694). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60695 |
|
Vulnerability in dos (CVE-2025-60695)
vulnerability in dos (CVE-2025-60695). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60696 |
|
Vulnerability in dos (CVE-2025-60696)
vulnerability in dos (CVE-2025-60696). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60690 |
|
Vulnerability in dos (CVE-2025-60690)
vulnerability in dos (CVE-2025-60690). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60686 |
|
Vulnerability in dos (CVE-2025-60686)
vulnerability in dos (CVE-2025-60686). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56385 |
|
SQL Injection in sqli (CVE-2025-56385)
SQL injection in sqli (CVE-2025-56385). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11962 |
|
Cross-Site Scripting (XSS) in CVE-2025-11962 (CVE-2025-11962)
cross-site scripting in CVE-2025-11962 (CVE-2025-11962). Confidential information can be exposed externally.
|
| CVE-2025-10161 |
|
Vulnerability in CVE-2025-10161 (CVE-2025-10161)
vulnerability in CVE-2025-10161 (CVE-2025-10161). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11960 |
|
Cross-Site Scripting (XSS) in CVE-2025-11960 (CVE-2025-11960)
cross-site scripting in CVE-2025-11960 (CVE-2025-11960). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10968 |
|
SQL Injection in sqli (CVE-2025-10968)
SQL injection in sqli (CVE-2025-10968). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63560 |
|
Vulnerability in dos (CVE-2025-63560)
vulnerability in dos (CVE-2025-63560). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11956 |
|
Cross-Site Scripting (XSS) in CVE-2025-11956 (CVE-2025-11956)
cross-site scripting in CVE-2025-11956 (CVE-2025-11956). Confidential information can be exposed externally.
|
| CVE-2025-10955 |
|
Cross-Site Scripting (XSS) in CVE-2025-10955 (CVE-2025-10955)
cross-site scripting in CVE-2025-10955 (CVE-2025-10955). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-12464 |
|
Vulnerability in dos (CVE-2025-12464)
vulnerability in dos (CVE-2025-12464). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6520 |
|
SQL Injection in sqli (CVE-2025-6520)
SQL injection in sqli (CVE-2025-6520). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61498 |
|
Vulnerability in dos (CVE-2025-61498)
vulnerability in dos (CVE-2025-61498). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60898 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2025-60898)
SSRF in c (CVE-2025-60898). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60349 |
|
Vulnerability in dos (CVE-2025-60349)
vulnerability in dos (CVE-2025-60349). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56399 |
|
Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
|
| CVE-2025-61795 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.110, 10.1.47, 11.0.12` or later.
|
| CVE-2025-55752 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2023-49440 |
|
AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
AhnLab EPP 1.0.15 is vulnerable to SQL Injection via the "preview parameter."
|
| CVE-2025-60419 |
|
Vulnerability in dos (CVE-2025-60419)
vulnerability in dos (CVE-2025-60419). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11253 |
|
SQL Injection in sqli (CVE-2025-11253)
SQL injection in sqli (CVE-2025-11253). Successful exploitation can lead to full system takeover.
|