Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-40796 |
|
Out-of-Bounds Read in dos (CVE-2025-40796)
vulnerability in dos (CVE-2025-40796). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40797 |
|
Out-of-Bounds Read in dos (CVE-2025-40797)
vulnerability in dos (CVE-2025-40797). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55849 |
|
SQL Injection in sqli (CVE-2025-55849)
SQL injection in sqli (CVE-2025-55849). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52161 |
|
Cross-Site Scripting (XSS) in scholl (CVE-2025-52161)
cross-site scripting in scholl (CVE-2025-52161). Successful exploitation can lead to full system takeover.
|
| CVE-2025-8695 |
|
Cross-Site Scripting (XSS) in CVE-2025-8695 (CVE-2025-8695)
cross-site scripting in CVE-2025-8695 (CVE-2025-8695). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2417 |
|
Vulnerability in CVE-2025-2417 (CVE-2025-2417)
vulnerability in CVE-2025-2417 (CVE-2025-2417). Confidential information can be exposed externally.
|
| CVE-2025-2411 |
|
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
|
| CVE-2024-13073 |
|
Cross-Site Scripting (XSS) in CVE-2024-13073 (CVE-2024-13073)
cross-site scripting in CVE-2024-13073 (CVE-2024-13073). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-13071 |
|
Cross-Site Scripting (XSS) in CVE-2024-13071 (CVE-2024-13071)
cross-site scripting in CVE-2024-13071 (CVE-2024-13071). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2416 |
|
Vulnerability in CVE-2025-2416 (CVE-2025-2416)
vulnerability in CVE-2025-2416 (CVE-2025-2416). Confidential information can be exposed externally.
|
| CVE-2025-0878 |
|
Cross-Site Scripting (XSS) in CVE-2025-0878 (CVE-2025-0878)
cross-site scripting in CVE-2025-0878 (CVE-2025-0878). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1740 |
|
Vulnerability in CVE-2025-1740 (CVE-2025-1740)
vulnerability in CVE-2025-1740 (CVE-2025-1740). Successful exploitation can lead to full system takeover.
|
| CVE-2024-13064 |
|
Cross-Site Scripting (XSS) in CVE-2024-13064 (CVE-2024-13064)
cross-site scripting in CVE-2024-13064 (CVE-2024-13064). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7039 |
|
Path Traversal in path-traversal (CVE-2025-7039)
path traversal in path-traversal (CVE-2025-7039). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9784 |
|
Vulnerability in io.undertow:undertow-core (CVE-2025-9784)
vulnerability in io.undertow:undertow-core (CVE-2025-9784). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.20.Final` or later.
|
| CVE-2025-2413 |
|
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
|
| CVE-2024-12974 |
|
Cross-Site Scripting (XSS) in CVE-2024-12974 (CVE-2024-12974)
cross-site scripting in CVE-2024-12974 (CVE-2024-12974). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-12972 |
|
Cross-Site Scripting (XSS) in CVE-2024-12972 (CVE-2024-12972)
cross-site scripting in CVE-2024-12972 (CVE-2024-12972). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2412 |
|
Vulnerability in CVE-2025-2412 (CVE-2025-2412)
vulnerability in CVE-2025-2412 (CVE-2025-2412). Confidential information can be exposed externally.
|
| CVE-2025-0610 |
|
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
|
| CVE-2025-57819 KEV |
|
[KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-8067 |
|
Out-of-Bounds Read in privilege-escalation (CVE-2025-8067)
vulnerability in privilege-escalation (CVE-2025-8067). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-34523 |
|
Vulnerability in dos (CVE-2025-34523)
vulnerability in dos (CVE-2025-34523). Successful exploitation can lead to full system takeover.
|
| CVE-2025-34162 |
|
SQL Injection in sqli (CVE-2025-34162)
SQL injection in sqli (CVE-2025-34162). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-34163 |
|
Unrestricted File Upload in CVE-2025-34163 (CVE-2025-34163)
vulnerability in CVE-2025-34163 (CVE-2025-34163). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-55422 |
|
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
|
| CVE-2025-71344 |
|
Unsafe Deserialization in picklescan (CVE-2025-71344)
vulnerability in picklescan (CVE-2025-71344). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.30` or later.
|
| CVE-2025-71361 |
|
Vulnerability in picklescan (CVE-2025-71361)
vulnerability in picklescan (CVE-2025-71361). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.29` or later.
|
| CVE-2025-56432 |
|
Cross-Site Scripting (XSS) in nagios (CVE-2025-56432)
cross-site scripting in nagios (CVE-2025-56432). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50383 |
|
SQL Injection in sqli (CVE-2025-50383)
SQL injection in sqli (CVE-2025-50383). Confidential information can be exposed externally.
|
| CVE-2025-55409 |
|
Cross-Site Scripting (XSS) in foxcms (CVE-2025-55409)
cross-site scripting in foxcms (CVE-2025-55409). Successful exploitation can lead to full system takeover.
|
| CVE-2025-55366 |
|
Vulnerability in privilege-escalation (CVE-2025-55366)
vulnerability in privilege-escalation (CVE-2025-55366). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5260 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5260)
SSRF in ssrf (CVE-2025-5260). Confidential information can be exposed externally.
|
| CVE-2025-51529 |
|
Vulnerability in dos (CVE-2025-51529)
vulnerability in dos (CVE-2025-51529). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1929 |
|
SQL Injection in sqli (CVE-2025-1929)
SQL injection in sqli (CVE-2025-1929). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51965 |
|
Cross-Site Scripting (XSS) in CVE-2025-51965 (CVE-2025-51965)
cross-site scripting in CVE-2025-51965 (CVE-2025-51965). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50861 |
|
Vulnerability in dos (CVE-2025-50861)
vulnerability in dos (CVE-2025-50861). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52335 |
|
Cross-Site Scripting (XSS) in eyoucms (CVE-2025-52335)
cross-site scripting in eyoucms (CVE-2025-52335). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10060 |
|
Vulnerability in sysax (CVE-2012-10060)
vulnerability in sysax (CVE-2012-10060). Successful exploitation can lead to full system takeover.
|
| CVE-2025-45313 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45313)
cross-site scripting in hortusfox (CVE-2025-45313). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45315 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45315)
cross-site scripting in hortusfox (CVE-2025-45315). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45314 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45314)
cross-site scripting in hortusfox (CVE-2025-45314). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10047 |
|
SQL Injection in sqli (CVE-2012-10047)
SQL injection in sqli (CVE-2012-10047). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51629 |
|
Cross-Site Scripting (XSS) in CVE-2025-51629 (CVE-2025-51629)
cross-site scripting in CVE-2025-51629 (CVE-2025-51629). Successful exploitation can lead to full system takeover.
|
| CVE-2024-55401 |
|
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
|
| CVE-2024-52680 |
|
Cross-Site Scripting (XSS) in c (CVE-2024-52680)
cross-site scripting in c (CVE-2024-52680). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51056 |
|
Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
|
| CVE-2025-51058 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-51058)
SSRF in ssrf (CVE-2025-51058). Confidential information can be exposed externally.
|
| CVE-2025-51052 |
|
Vulnerability in path-traversal (CVE-2025-51052)
vulnerability in path-traversal (CVE-2025-51052). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51053 |
|
Cross-Site Scripting (XSS) in vedo-suite-project (CVE-2025-51053)
cross-site scripting in vedo-suite-project (CVE-2025-51053). Risk of unauthorized operations or information disclosure.
|