Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2022-37055 KEV [KEV] Vulnerability in D-link routers (CVE-2022-37055)
vulnerability in D-link routers (CVE-2022-37055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66644 KEV [KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644)
OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-14104 Out-of-Bounds Read in CVE-2025-14104 (CVE-2025-14104)
vulnerability in CVE-2025-14104 (CVE-2025-14104). Risk of unauthorized operations or information disclosure.
CVE-2025-64052 Command Injection in fanvil (CVE-2025-64052)
command injection in fanvil (CVE-2025-64052). Risk of unauthorized operations or information disclosure.
CVE-2025-64054 Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
CVE-2025-64056 Vulnerability in fanvil (CVE-2025-64056)
vulnerability in fanvil (CVE-2025-64056). Risk of unauthorized operations or information disclosure.
CVE-2025-64053 Vulnerability in dos (CVE-2025-64053)
vulnerability in dos (CVE-2025-64053). Risk of unauthorized operations or information disclosure.
CVE-2025-64057 Path Traversal in path-traversal (CVE-2025-64057)
path traversal in path-traversal (CVE-2025-64057). Data can be tampered with by attackers.
CVE-2025-66572 OS Command Injection in CVE-2025-66572 (CVE-2025-66572)
OS command injection in CVE-2025-66572 (CVE-2025-66572). Risk of unauthorized operations or information disclosure.
CVE-2025-63896 Vulnerability in jxlindia (CVE-2025-63896)
vulnerability in jxlindia (CVE-2025-63896). Data can be tampered with by attackers.
CVE-2025-29268 ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
CVE-2025-29269 OS Command Injection in allnet (CVE-2025-29269)
OS command injection in allnet (CVE-2025-29269). Successful exploitation can lead to full system takeover.
CVE-2025-66287 Vulnerability in CVE-2025-66287 (CVE-2025-66287)
vulnerability in CVE-2025-66287 (CVE-2025-66287). Successful exploitation can lead to full system takeover.
CVE-2025-40251 Vulnerability in c (CVE-2025-40251)
vulnerability in c (CVE-2025-40251). Risk of unauthorized operations or information disclosure. Exploitable via ``rate_leaf_parent_set``.
CVE-2025-14010 Vulnerability in redhat (CVE-2025-14010)
vulnerability in redhat (CVE-2025-14010). Confidential information can be exposed externally.
CVE-2025-64055 Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
CVE-2025-63402 Vulnerability in hcltech (CVE-2025-63402)
vulnerability in hcltech (CVE-2025-63402). Data can be tampered with by attackers.
CVE-2025-63401 Cross-Site Scripting (XSS) in hcltech (CVE-2025-63401)
cross-site scripting in hcltech (CVE-2025-63401). Data can be tampered with by attackers.
CVE-2025-65841 Vulnerability in acustica-audio (CVE-2025-65841)
vulnerability in acustica-audio (CVE-2025-65841). Risk of unauthorized operations or information disclosure.
CVE-2025-57201 Command Injection in avtech (CVE-2025-57201)
command injection in avtech (CVE-2025-57201). Successful exploitation can lead to full system takeover.
CVE-2025-57202 Cross-Site Scripting (XSS) in avtech (CVE-2025-57202)
cross-site scripting in avtech (CVE-2025-57202). Risk of unauthorized operations or information disclosure.
CVE-2025-57198 Command Injection in avtech (CVE-2025-57198)
command injection in avtech (CVE-2025-57198). Successful exploitation can lead to full system takeover.
CVE-2025-57199 Command Injection in avtech (CVE-2025-57199)
command injection in avtech (CVE-2025-57199). Successful exploitation can lead to full system takeover.
CVE-2025-57200 Command Injection in avtech (CVE-2025-57200)
command injection in avtech (CVE-2025-57200). Risk of unauthorized operations or information disclosure.
CVE-2021-26828 KEV [KEV] Unrestricted File Upload in Openplc scadabr (CVE-2021-26828)
vulnerability in Openplc scadabr (CVE-2021-26828). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65955 Vulnerability in imagemagick (CVE-2025-65955)
vulnerability in imagemagick (CVE-2025-65955). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2-9` or later.
CVE-2025-13505 Cross-Site Scripting (XSS) in datateam (CVE-2025-13505)
cross-site scripting in datateam (CVE-2025-13505). Risk of unauthorized operations or information disclosure.
CVE-2025-66412 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
CVE-2025-65622 Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
CVE-2025-65621 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
CVE-2025-51683 SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.
CVE-2025-63365 Path Traversal in path-traversal (CVE-2025-63365)
path traversal in path-traversal (CVE-2025-63365). Confidential information can be exposed externally.
CVE-2025-10101 Out-of-Bounds Read in CVE-2025-10101 (CVE-2025-10101)
vulnerability in CVE-2025-10101 (CVE-2025-10101). Successful exploitation can lead to full system takeover.
CVE-2025-8351 Vulnerability in CVE-2025-8351 (CVE-2025-8351)
vulnerability in CVE-2025-8351 (CVE-2025-8351). Successful exploitation can lead to full system takeover.
CVE-2025-61229 Vulnerability in shirt-pocket (CVE-2025-61229)
vulnerability in shirt-pocket (CVE-2025-61229). Successful exploitation can lead to full system takeover.
CVE-2025-61228 Vulnerability in shirt-pocket (CVE-2025-61228)
vulnerability in shirt-pocket (CVE-2025-61228). Successful exploitation can lead to full system takeover.
CVE-2025-57489 Vulnerability in shirt-pocket (CVE-2025-57489)
vulnerability in shirt-pocket (CVE-2025-57489). Successful exploitation can lead to full system takeover.
CVE-2025-13296 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-13296)
vulnerability in csrf (CVE-2025-13296). Risk of unauthorized operations or information disclosure.
CVE-2021-26829 KEV [KEV] Cross-Site Scripting (XSS) in Openplc scadabr (CVE-2021-26829)
cross-site scripting in Openplc scadabr (CVE-2021-26829). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65675 Cross-Site Scripting (XSS) in classroomio (CVE-2025-65675)
cross-site scripting in classroomio (CVE-2025-65675). Risk of unauthorized operations or information disclosure.
CVE-2025-65676 Cross-Site Scripting (XSS) in classroomio (CVE-2025-65676)
cross-site scripting in classroomio (CVE-2025-65676). Risk of unauthorized operations or information disclosure.
CVE-2025-65669 Vulnerability in classroomio (CVE-2025-65669)
vulnerability in classroomio (CVE-2025-65669). Data can be tampered with by attackers.
CVE-2025-13601 Vulnerability in redhat (CVE-2025-13601)
vulnerability in redhat (CVE-2025-13601). Data can be tampered with by attackers.
CVE-2025-51741 Vulnerability in dos (CVE-2025-51741)
vulnerability in dos (CVE-2025-51741). Risk of unauthorized operations or information disclosure.
CVE-2025-61168 Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
CVE-2025-61167 SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
CVE-2025-65085 Vulnerability in ashlar (CVE-2025-65085)
vulnerability in ashlar (CVE-2025-65085). Successful exploitation can lead to full system takeover.
CVE-2025-65084 Out-of-Bounds Write in ashlar (CVE-2025-65084)
out-of-bounds write in ashlar (CVE-2025-65084). Successful exploitation can lead to full system takeover.
CVE-2025-13502 Out-of-Bounds Read in dos (CVE-2025-13502)
vulnerability in dos (CVE-2025-13502). Risk of unauthorized operations or information disclosure.
CVE-2025-63674 Command Injection in blurams (CVE-2025-63674)
command injection in blurams (CVE-2025-63674). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →