Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-6035 Vulnerability in dos (CVE-2025-6035)
vulnerability in dos (CVE-2025-6035). Risk of unauthorized operations or information disclosure.
CVE-2025-46035 Vulnerability in dos (CVE-2025-46035)
vulnerability in dos (CVE-2025-46035). Confidential information can be exposed externally.
CVE-2025-6021 Out-of-Bounds Write in java (CVE-2025-6021)
out-of-bounds write in java (CVE-2025-6021). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2024-41502 Cross-Site Scripting (XSS) in jetimob (CVE-2024-41502)
cross-site scripting in jetimob (CVE-2024-41502). Risk of unauthorized operations or information disclosure.
CVE-2024-41503 Cross-Site Scripting (XSS) in jetimob (CVE-2024-41503)
cross-site scripting in jetimob (CVE-2024-41503). Risk of unauthorized operations or information disclosure.
CVE-2024-41504 Cross-Site Scripting (XSS) in jetimob (CVE-2024-41504)
cross-site scripting in jetimob (CVE-2024-41504). Risk of unauthorized operations or information disclosure.
CVE-2024-41505 Cross-Site Scripting (XSS) in jetimob (CVE-2024-41505)
cross-site scripting in jetimob (CVE-2024-41505). Risk of unauthorized operations or information disclosure.
CVE-2025-5915 Vulnerability in dos (CVE-2025-5915)
vulnerability in dos (CVE-2025-5915). Confidential information can be exposed externally.
CVE-2025-46041 Cross-Site Scripting (XSS) in anchorcms (CVE-2025-46041)
cross-site scripting in anchorcms (CVE-2025-46041). Risk of unauthorized operations or information disclosure.
CVE-2025-47712 Vulnerability in dos (CVE-2025-47712)
vulnerability in dos (CVE-2025-47712). Risk of unauthorized operations or information disclosure.
CVE-2025-44148 Cross-Site Scripting (XSS) in mailenable (CVE-2025-44148)
cross-site scripting in mailenable (CVE-2025-44148). Successful exploitation can lead to full system takeover.
CVE-2025-5276 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5276)
SSRF in ssrf (CVE-2025-5276). Confidential information can be exposed externally.
CVE-2024-57529 Cross-Site Scripting (XSS) in jeppesen (CVE-2024-57529)
cross-site scripting in jeppesen (CVE-2024-57529). Risk of unauthorized operations or information disclosure.
CVE-2025-4948 Vulnerability in dos (CVE-2025-4948)
vulnerability in dos (CVE-2025-4948). Risk of unauthorized operations or information disclosure.
CVE-2023-38950 KEV [KEV] Path Traversal in Zkteco biotime (CVE-2023-38950)
path traversal in Zkteco biotime (CVE-2023-38950). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-4478 Vulnerability in dos (CVE-2025-4478)
vulnerability in dos (CVE-2025-4478). Risk of unauthorized operations or information disclosure.
CVE-2025-46836 Vulnerability in c (CVE-2025-46836)
vulnerability in c (CVE-2025-46836). Risk of unauthorized operations or information disclosure. Exploitable via ``interface.c``.
CVE-2024-57273 Cross-Site Scripting (XSS) in netgate (CVE-2024-57273)
cross-site scripting in netgate (CVE-2024-57273). Risk of unauthorized operations or information disclosure.
CVE-2025-0984 Cross-Site Scripting (XSS) in CVE-2025-0984 (CVE-2025-0984)
cross-site scripting in CVE-2025-0984 (CVE-2025-0984). Data can be tampered with by attackers.
CVE-2025-45236 Cross-Site Scripting (XSS) in dbsyncer-project (CVE-2025-45236)
cross-site scripting in dbsyncer-project (CVE-2025-45236). Risk of unauthorized operations or information disclosure.
CVE-2025-26241 SQL Injection in sqli (CVE-2025-26241)
SQL injection in sqli (CVE-2025-26241). Risk of unauthorized operations or information disclosure.
CVE-2025-2488 Cross-Site Scripting (XSS) in felisify (CVE-2025-2488)
cross-site scripting in felisify (CVE-2025-2488). Risk of unauthorized operations or information disclosure.
CVE-2025-1301 Cross-Site Scripting (XSS) in yordam (CVE-2025-1301)
cross-site scripting in yordam (CVE-2025-1301). Risk of unauthorized operations or information disclosure.
CVE-2025-2812 SQL Injection in sqli (CVE-2025-2812)
SQL injection in sqli (CVE-2025-2812). Successful exploitation can lead to full system takeover.
CVE-2024-11142 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
CVE-2025-3891 Vulnerability in apache (CVE-2025-3891)
vulnerability in apache (CVE-2025-3891). Risk of unauthorized operations or information disclosure.
CVE-2024-41446 Cross-Site Scripting (XSS) in c (CVE-2024-41446)
cross-site scripting in c (CVE-2024-41446). Risk of unauthorized operations or information disclosure.
CVE-2025-29512 Cross-Site Scripting (XSS) in nodebb (CVE-2025-29512)
cross-site scripting in nodebb (CVE-2025-29512). Risk of unauthorized operations or information disclosure.
CVE-2025-29513 Cross-Site Scripting (XSS) in nodebb (CVE-2025-29513)
cross-site scripting in nodebb (CVE-2025-29513). Risk of unauthorized operations or information disclosure.
CVE-2025-32907 Vulnerability in dos (CVE-2025-32907)
vulnerability in dos (CVE-2025-32907). Risk of unauthorized operations or information disclosure.
CVE-2025-32908 Vulnerability in dos (CVE-2025-32908)
vulnerability in dos (CVE-2025-32908). Risk of unauthorized operations or information disclosure.
CVE-2025-27441 Cross-Site Scripting (XSS) in zoom (CVE-2025-27441)
cross-site scripting in zoom (CVE-2025-27441). Risk of unauthorized operations or information disclosure.
CVE-2025-27442 Cross-Site Scripting (XSS) in zoom (CVE-2025-27442)
cross-site scripting in zoom (CVE-2025-27442). Risk of unauthorized operations or information disclosure.
CVE-2025-71332 SQL Injection in flowise (CVE-2025-71332)
SQL injection in flowise (CVE-2025-71332). Confidential information can be exposed externally.
CVE-2025-2251 Unsafe Deserialization in deserialization (CVE-2025-2251)
vulnerability in deserialization (CVE-2025-2251). Data can be tampered with by attackers.
CVE-2025-32051 Vulnerability in dos (CVE-2025-32051)
vulnerability in dos (CVE-2025-32051). Risk of unauthorized operations or information disclosure.
CVE-2025-32049 Vulnerability in dos (CVE-2025-32049)
vulnerability in dos (CVE-2025-32049). Risk of unauthorized operations or information disclosure.
CVE-2025-71319 Vulnerability in image-size (CVE-2025-71319)
vulnerability in image-size (CVE-2025-71319). Risk of unauthorized operations or information disclosure. Exploitable via ``findBox``. Mitigation: upgrade to `2.0.2` or later.
CVE-2025-24170 A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
CVE-2024-58128 Cross-Site Scripting (XSS) in misp-project (CVE-2024-58128)
cross-site scripting in misp-project (CVE-2024-58128). Risk of unauthorized operations or information disclosure.
CVE-2024-58129 Cross-Site Scripting (XSS) in misp-project (CVE-2024-58129)
cross-site scripting in misp-project (CVE-2024-58129). Risk of unauthorized operations or information disclosure.
CVE-2025-29217 Vulnerability in dos (CVE-2025-29217)
vulnerability in dos (CVE-2025-29217). Risk of unauthorized operations or information disclosure.
CVE-2025-2311 Vulnerability in CVE-2025-2311 (CVE-2025-2311)
vulnerability in CVE-2025-2311 (CVE-2025-2311). Successful exploitation can lead to full system takeover.
CVE-2024-12016 SQL Injection in sqli (CVE-2024-12016)
SQL injection in sqli (CVE-2024-12016). Successful exploitation can lead to full system takeover.
CVE-2024-12137 Vulnerability in CVE-2024-12137 (CVE-2024-12137)
vulnerability in CVE-2024-12137 (CVE-2024-12137). Data can be tampered with by attackers.
CVE-2024-12136 Vulnerability in elfatek (CVE-2024-12136)
vulnerability in elfatek (CVE-2024-12136). Successful exploitation can lead to full system takeover.
CVE-2025-2487 Vulnerability in dos (CVE-2025-2487)
vulnerability in dos (CVE-2025-2487). Risk of unauthorized operations or information disclosure.
CVE-2024-8997 SQL Injection in sqli (CVE-2024-8997)
SQL injection in sqli (CVE-2024-8997). Successful exploitation can lead to full system takeover.
CVE-2025-24472 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-25612 Cross-Site Scripting (XSS) in CVE-2025-25612 (CVE-2025-25612)
cross-site scripting in CVE-2025-25612 (CVE-2025-25612). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →