Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-6035 |
|
Vulnerability in dos (CVE-2025-6035)
vulnerability in dos (CVE-2025-6035). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46035 |
|
Vulnerability in dos (CVE-2025-46035)
vulnerability in dos (CVE-2025-46035). Confidential information can be exposed externally.
|
| CVE-2025-6021 |
|
Out-of-Bounds Write in java (CVE-2025-6021)
out-of-bounds write in java (CVE-2025-6021). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
|
| CVE-2024-41502 |
|
Cross-Site Scripting (XSS) in jetimob (CVE-2024-41502)
cross-site scripting in jetimob (CVE-2024-41502). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-41503 |
|
Cross-Site Scripting (XSS) in jetimob (CVE-2024-41503)
cross-site scripting in jetimob (CVE-2024-41503). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-41504 |
|
Cross-Site Scripting (XSS) in jetimob (CVE-2024-41504)
cross-site scripting in jetimob (CVE-2024-41504). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-41505 |
|
Cross-Site Scripting (XSS) in jetimob (CVE-2024-41505)
cross-site scripting in jetimob (CVE-2024-41505). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-5915 |
|
Vulnerability in dos (CVE-2025-5915)
vulnerability in dos (CVE-2025-5915). Confidential information can be exposed externally.
|
| CVE-2025-46041 |
|
Cross-Site Scripting (XSS) in anchorcms (CVE-2025-46041)
cross-site scripting in anchorcms (CVE-2025-46041). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-47712 |
|
Vulnerability in dos (CVE-2025-47712)
vulnerability in dos (CVE-2025-47712). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44148 |
|
Cross-Site Scripting (XSS) in mailenable (CVE-2025-44148)
cross-site scripting in mailenable (CVE-2025-44148). Successful exploitation can lead to full system takeover.
|
| CVE-2025-5276 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-5276)
SSRF in ssrf (CVE-2025-5276). Confidential information can be exposed externally.
|
| CVE-2024-57529 |
|
Cross-Site Scripting (XSS) in jeppesen (CVE-2024-57529)
cross-site scripting in jeppesen (CVE-2024-57529). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4948 |
|
Vulnerability in dos (CVE-2025-4948)
vulnerability in dos (CVE-2025-4948). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-38950 KEV |
|
[KEV] Path Traversal in Zkteco biotime (CVE-2023-38950)
path traversal in Zkteco biotime (CVE-2023-38950). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2025-4478 |
|
Vulnerability in dos (CVE-2025-4478)
vulnerability in dos (CVE-2025-4478). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46836 |
|
Vulnerability in c (CVE-2025-46836)
vulnerability in c (CVE-2025-46836). Risk of unauthorized operations or information disclosure. Exploitable via ``interface.c``.
|
| CVE-2024-57273 |
|
Cross-Site Scripting (XSS) in netgate (CVE-2024-57273)
cross-site scripting in netgate (CVE-2024-57273). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-0984 |
|
Cross-Site Scripting (XSS) in CVE-2025-0984 (CVE-2025-0984)
cross-site scripting in CVE-2025-0984 (CVE-2025-0984). Data can be tampered with by attackers.
|
| CVE-2025-45236 |
|
Cross-Site Scripting (XSS) in dbsyncer-project (CVE-2025-45236)
cross-site scripting in dbsyncer-project (CVE-2025-45236). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-26241 |
|
SQL Injection in sqli (CVE-2025-26241)
SQL injection in sqli (CVE-2025-26241). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2488 |
|
Cross-Site Scripting (XSS) in felisify (CVE-2025-2488)
cross-site scripting in felisify (CVE-2025-2488). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-1301 |
|
Cross-Site Scripting (XSS) in yordam (CVE-2025-1301)
cross-site scripting in yordam (CVE-2025-1301). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2812 |
|
SQL Injection in sqli (CVE-2025-2812)
SQL injection in sqli (CVE-2025-2812). Successful exploitation can lead to full system takeover.
|
| CVE-2024-11142 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
|
| CVE-2025-3891 |
|
Vulnerability in apache (CVE-2025-3891)
vulnerability in apache (CVE-2025-3891). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-41446 |
|
Cross-Site Scripting (XSS) in c (CVE-2024-41446)
cross-site scripting in c (CVE-2024-41446). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-29512 |
|
Cross-Site Scripting (XSS) in nodebb (CVE-2025-29512)
cross-site scripting in nodebb (CVE-2025-29512). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-29513 |
|
Cross-Site Scripting (XSS) in nodebb (CVE-2025-29513)
cross-site scripting in nodebb (CVE-2025-29513). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32907 |
|
Vulnerability in dos (CVE-2025-32907)
vulnerability in dos (CVE-2025-32907). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32908 |
|
Vulnerability in dos (CVE-2025-32908)
vulnerability in dos (CVE-2025-32908). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-27441 |
|
Cross-Site Scripting (XSS) in zoom (CVE-2025-27441)
cross-site scripting in zoom (CVE-2025-27441). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-27442 |
|
Cross-Site Scripting (XSS) in zoom (CVE-2025-27442)
cross-site scripting in zoom (CVE-2025-27442). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71332 |
|
SQL Injection in flowise (CVE-2025-71332)
SQL injection in flowise (CVE-2025-71332). Confidential information can be exposed externally.
|
| CVE-2025-2251 |
|
Unsafe Deserialization in deserialization (CVE-2025-2251)
vulnerability in deserialization (CVE-2025-2251). Data can be tampered with by attackers.
|
| CVE-2025-32051 |
|
Vulnerability in dos (CVE-2025-32051)
vulnerability in dos (CVE-2025-32051). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32049 |
|
Vulnerability in dos (CVE-2025-32049)
vulnerability in dos (CVE-2025-32049). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-71319 |
|
Vulnerability in image-size (CVE-2025-71319)
vulnerability in image-size (CVE-2025-71319). Risk of unauthorized operations or information disclosure. Exploitable via ``findBox``. Mitigation: upgrade to `2.0.2` or later.
|
| CVE-2025-24170 |
|
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13...
|
| CVE-2024-58128 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2024-58128)
cross-site scripting in misp-project (CVE-2024-58128). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-58129 |
|
Cross-Site Scripting (XSS) in misp-project (CVE-2024-58129)
cross-site scripting in misp-project (CVE-2024-58129). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-29217 |
|
Vulnerability in dos (CVE-2025-29217)
vulnerability in dos (CVE-2025-29217). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2311 |
|
Vulnerability in CVE-2025-2311 (CVE-2025-2311)
vulnerability in CVE-2025-2311 (CVE-2025-2311). Successful exploitation can lead to full system takeover.
|
| CVE-2024-12016 |
|
SQL Injection in sqli (CVE-2024-12016)
SQL injection in sqli (CVE-2024-12016). Successful exploitation can lead to full system takeover.
|
| CVE-2024-12137 |
|
Vulnerability in CVE-2024-12137 (CVE-2024-12137)
vulnerability in CVE-2024-12137 (CVE-2024-12137). Data can be tampered with by attackers.
|
| CVE-2024-12136 |
|
Vulnerability in elfatek (CVE-2024-12136)
vulnerability in elfatek (CVE-2024-12136). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2487 |
|
Vulnerability in dos (CVE-2025-2487)
vulnerability in dos (CVE-2025-2487). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-8997 |
|
SQL Injection in sqli (CVE-2024-8997)
SQL injection in sqli (CVE-2024-8997). Successful exploitation can lead to full system takeover.
|
| CVE-2025-24472 KEV |
|
[KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-25612 |
|
Cross-Site Scripting (XSS) in CVE-2025-25612 (CVE-2025-25612)
cross-site scripting in CVE-2025-25612 (CVE-2025-25612). Successful exploitation can lead to full system takeover.
|