Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-40796 Out-of-Bounds Read in dos (CVE-2025-40796)
vulnerability in dos (CVE-2025-40796). Risk of unauthorized operations or information disclosure.
CVE-2025-40797 Out-of-Bounds Read in dos (CVE-2025-40797)
vulnerability in dos (CVE-2025-40797). Risk of unauthorized operations or information disclosure.
CVE-2025-55849 SQL Injection in sqli (CVE-2025-55849)
SQL injection in sqli (CVE-2025-55849). Successful exploitation can lead to full system takeover.
CVE-2025-52161 Cross-Site Scripting (XSS) in scholl (CVE-2025-52161)
cross-site scripting in scholl (CVE-2025-52161). Successful exploitation can lead to full system takeover.
CVE-2025-8695 Cross-Site Scripting (XSS) in CVE-2025-8695 (CVE-2025-8695)
cross-site scripting in CVE-2025-8695 (CVE-2025-8695). Risk of unauthorized operations or information disclosure.
CVE-2025-2417 Vulnerability in CVE-2025-2417 (CVE-2025-2417)
vulnerability in CVE-2025-2417 (CVE-2025-2417). Confidential information can be exposed externally.
CVE-2025-2411 Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
CVE-2024-13073 Cross-Site Scripting (XSS) in CVE-2024-13073 (CVE-2024-13073)
cross-site scripting in CVE-2024-13073 (CVE-2024-13073). Risk of unauthorized operations or information disclosure.
CVE-2024-13071 Cross-Site Scripting (XSS) in CVE-2024-13071 (CVE-2024-13071)
cross-site scripting in CVE-2024-13071 (CVE-2024-13071). Risk of unauthorized operations or information disclosure.
CVE-2025-2416 Vulnerability in CVE-2025-2416 (CVE-2025-2416)
vulnerability in CVE-2025-2416 (CVE-2025-2416). Confidential information can be exposed externally.
CVE-2025-0878 Cross-Site Scripting (XSS) in CVE-2025-0878 (CVE-2025-0878)
cross-site scripting in CVE-2025-0878 (CVE-2025-0878). Risk of unauthorized operations or information disclosure.
CVE-2025-1740 Vulnerability in CVE-2025-1740 (CVE-2025-1740)
vulnerability in CVE-2025-1740 (CVE-2025-1740). Successful exploitation can lead to full system takeover.
CVE-2024-13064 Cross-Site Scripting (XSS) in CVE-2024-13064 (CVE-2024-13064)
cross-site scripting in CVE-2024-13064 (CVE-2024-13064). Risk of unauthorized operations or information disclosure.
CVE-2025-7039 Path Traversal in path-traversal (CVE-2025-7039)
path traversal in path-traversal (CVE-2025-7039). Risk of unauthorized operations or information disclosure.
CVE-2025-9784 Vulnerability in io.undertow:undertow-core (CVE-2025-9784)
vulnerability in io.undertow:undertow-core (CVE-2025-9784). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.20.Final` or later.
CVE-2025-2413 Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
CVE-2024-12974 Cross-Site Scripting (XSS) in CVE-2024-12974 (CVE-2024-12974)
cross-site scripting in CVE-2024-12974 (CVE-2024-12974). Risk of unauthorized operations or information disclosure.
CVE-2024-12972 Cross-Site Scripting (XSS) in CVE-2024-12972 (CVE-2024-12972)
cross-site scripting in CVE-2024-12972 (CVE-2024-12972). Risk of unauthorized operations or information disclosure.
CVE-2025-2412 Vulnerability in CVE-2025-2412 (CVE-2025-2412)
vulnerability in CVE-2025-2412 (CVE-2025-2412). Confidential information can be exposed externally.
CVE-2025-0610 Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-8067 Out-of-Bounds Read in privilege-escalation (CVE-2025-8067)
vulnerability in privilege-escalation (CVE-2025-8067). Risk of unauthorized operations or information disclosure.
CVE-2025-34523 Vulnerability in dos (CVE-2025-34523)
vulnerability in dos (CVE-2025-34523). Successful exploitation can lead to full system takeover.
CVE-2025-34162 SQL Injection in sqli (CVE-2025-34162)
SQL injection in sqli (CVE-2025-34162). Risk of unauthorized operations or information disclosure.
CVE-2025-34163 Unrestricted File Upload in CVE-2025-34163 (CVE-2025-34163)
vulnerability in CVE-2025-34163 (CVE-2025-34163). Risk of unauthorized operations or information disclosure.
CVE-2025-55422 In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
CVE-2025-71344 Unsafe Deserialization in picklescan (CVE-2025-71344)
vulnerability in picklescan (CVE-2025-71344). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.30` or later.
CVE-2025-71361 Vulnerability in picklescan (CVE-2025-71361)
vulnerability in picklescan (CVE-2025-71361). Confidential information can be exposed externally. Mitigation: upgrade to `0.0.29` or later.
CVE-2025-56432 Cross-Site Scripting (XSS) in nagios (CVE-2025-56432)
cross-site scripting in nagios (CVE-2025-56432). Risk of unauthorized operations or information disclosure.
CVE-2025-50383 SQL Injection in sqli (CVE-2025-50383)
SQL injection in sqli (CVE-2025-50383). Confidential information can be exposed externally.
CVE-2025-55409 Cross-Site Scripting (XSS) in foxcms (CVE-2025-55409)
cross-site scripting in foxcms (CVE-2025-55409). Successful exploitation can lead to full system takeover.
CVE-2025-55366 Vulnerability in privilege-escalation (CVE-2025-55366)
vulnerability in privilege-escalation (CVE-2025-55366). Risk of unauthorized operations or information disclosure.
CVE-2025-5260 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5260)
SSRF in ssrf (CVE-2025-5260). Confidential information can be exposed externally.
CVE-2025-51529 Vulnerability in dos (CVE-2025-51529)
vulnerability in dos (CVE-2025-51529). Risk of unauthorized operations or information disclosure.
CVE-2025-1929 SQL Injection in sqli (CVE-2025-1929)
SQL injection in sqli (CVE-2025-1929). Successful exploitation can lead to full system takeover.
CVE-2025-51965 Cross-Site Scripting (XSS) in CVE-2025-51965 (CVE-2025-51965)
cross-site scripting in CVE-2025-51965 (CVE-2025-51965). Risk of unauthorized operations or information disclosure.
CVE-2025-50861 Vulnerability in dos (CVE-2025-50861)
vulnerability in dos (CVE-2025-50861). Risk of unauthorized operations or information disclosure.
CVE-2025-52335 Cross-Site Scripting (XSS) in eyoucms (CVE-2025-52335)
cross-site scripting in eyoucms (CVE-2025-52335). Risk of unauthorized operations or information disclosure.
CVE-2012-10060 Vulnerability in sysax (CVE-2012-10060)
vulnerability in sysax (CVE-2012-10060). Successful exploitation can lead to full system takeover.
CVE-2025-45313 Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45313)
cross-site scripting in hortusfox (CVE-2025-45313). Risk of unauthorized operations or information disclosure.
CVE-2025-45315 Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45315)
cross-site scripting in hortusfox (CVE-2025-45315). Risk of unauthorized operations or information disclosure.
CVE-2025-45314 Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45314)
cross-site scripting in hortusfox (CVE-2025-45314). Risk of unauthorized operations or information disclosure.
CVE-2012-10047 SQL Injection in sqli (CVE-2012-10047)
SQL injection in sqli (CVE-2012-10047). Risk of unauthorized operations or information disclosure.
CVE-2025-51629 Cross-Site Scripting (XSS) in CVE-2025-51629 (CVE-2025-51629)
cross-site scripting in CVE-2025-51629 (CVE-2025-51629). Successful exploitation can lead to full system takeover.
CVE-2024-55401 An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
CVE-2024-52680 Cross-Site Scripting (XSS) in c (CVE-2024-52680)
cross-site scripting in c (CVE-2024-52680). Risk of unauthorized operations or information disclosure.
CVE-2025-51056 Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
CVE-2025-51058 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-51058)
SSRF in ssrf (CVE-2025-51058). Confidential information can be exposed externally.
CVE-2025-51052 Vulnerability in path-traversal (CVE-2025-51052)
vulnerability in path-traversal (CVE-2025-51052). Risk of unauthorized operations or information disclosure.
CVE-2025-51053 Cross-Site Scripting (XSS) in vedo-suite-project (CVE-2025-51053)
cross-site scripting in vedo-suite-project (CVE-2025-51053). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →