Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2025-51629 Cross-Site Scripting (XSS) in CVE-2025-51629 (CVE-2025-51629)
cross-site scripting in CVE-2025-51629 (CVE-2025-51629). Successful exploitation can lead to full system takeover.
CVE-2024-52680 Cross-Site Scripting (XSS) in c (CVE-2024-52680)
cross-site scripting in c (CVE-2024-52680). Risk of unauthorized operations or information disclosure.
CVE-2024-55401 An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
CVE-2025-51058 SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-51058)
SSRF in ssrf (CVE-2025-51058). Confidential information can be exposed externally.
CVE-2025-51055 Vulnerability in vedo-suite-project (CVE-2025-51055)
vulnerability in vedo-suite-project (CVE-2025-51055). Confidential information can be exposed externally.
CVE-2025-51056 Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
CVE-2025-51057 Vulnerability in vedo-suite-project (CVE-2025-51057)
vulnerability in vedo-suite-project (CVE-2025-51057). Confidential information can be exposed externally.
CVE-2025-51052 Vulnerability in path-traversal (CVE-2025-51052)
vulnerability in path-traversal (CVE-2025-51052). Risk of unauthorized operations or information disclosure.
CVE-2025-51054 Vulnerability in vedo-suite-project (CVE-2025-51054)
vulnerability in vedo-suite-project (CVE-2025-51054). Risk of unauthorized operations or information disclosure.
CVE-2025-51053 Cross-Site Scripting (XSS) in vedo-suite-project (CVE-2025-51053)
cross-site scripting in vedo-suite-project (CVE-2025-51053). Risk of unauthorized operations or information disclosure.
CVE-2024-55399 SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-55399)
SSRF in ssrf (CVE-2024-55399). Risk of unauthorized operations or information disclosure.
CVE-2024-55402 4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
CVE-2024-55398 4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
CVE-2025-51624 Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
CVE-2025-53786 Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
CVE-2025-52237 Vulnerability in path-traversal (CVE-2025-52237)
vulnerability in path-traversal (CVE-2025-52237). Risk of unauthorized operations or information disclosure.
CVE-2025-52078 Unrestricted File Upload in react (CVE-2025-52078)
vulnerability in react (CVE-2025-52078). Risk of unauthorized operations or information disclosure.
CVE-2025-50592 Cross-Site Scripting (XSS) in seacms (CVE-2025-50592)
cross-site scripting in seacms (CVE-2025-50592). Risk of unauthorized operations or information disclosure.
CVE-2013-10068 Vulnerability in CVE-2013-10068 (CVE-2013-10068)
vulnerability in CVE-2013-10068 (CVE-2013-10068). Risk of unauthorized operations or information disclosure.
CVE-2012-10032 Cross-Site Scripting (XSS) in CVE-2012-10032 (CVE-2012-10032)
cross-site scripting in CVE-2012-10032 (CVE-2012-10032). Risk of unauthorized operations or information disclosure.
CVE-2012-10024 Path Traversal in path-traversal (CVE-2012-10024)
path traversal in path-traversal (CVE-2012-10024). Risk of unauthorized operations or information disclosure.
CVE-2012-10027 Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
CVE-2025-51857 Cross-Site Scripting (XSS) in CVE-2025-51857 (CVE-2025-51857)
cross-site scripting in CVE-2025-51857 (CVE-2025-51857). Risk of unauthorized operations or information disclosure.
CVE-2025-51627 Vulnerability in CVE-2025-51627 (CVE-2025-51627)
vulnerability in CVE-2025-51627 (CVE-2025-51627). Risk of unauthorized operations or information disclosure.
CVE-2025-51060 Vulnerability in cpuid (CVE-2025-51060)
vulnerability in cpuid (CVE-2025-51060). Risk of unauthorized operations or information disclosure.
CVE-2025-44964 Vulnerability in bluestacks (CVE-2025-44964)
vulnerability in bluestacks (CVE-2025-44964). Risk of unauthorized operations or information disclosure.
CVE-2022-40799 KEV [KEV] Vulnerability in D-link dnr-322l (CVE-2022-40799)
vulnerability in D-link dnr-322l (CVE-2022-40799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-25079 KEV [KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-50341 SQL Injection in sqli (CVE-2025-50341)
SQL injection in sqli (CVE-2025-50341). Successful exploitation can lead to full system takeover.
CVE-2025-52239 Unrestricted File Upload in zkea (CVE-2025-52239)
vulnerability in zkea (CVE-2025-52239). Successful exploitation can lead to full system takeover.
CVE-2025-51390 OS Command Injection in totolink (CVE-2025-51390)
OS command injection in totolink (CVE-2025-51390). Successful exploitation can lead to full system takeover.
CVE-2025-44643 Vulnerability in CVE-2025-44643 (CVE-2025-44643)
vulnerability in CVE-2025-44643 (CVE-2025-44643). Risk of unauthorized operations or information disclosure.
CVE-2025-20701 Authorization Flaw in CVE-2025-20701 (CVE-2025-20701)
vulnerability in CVE-2025-20701 (CVE-2025-20701). Successful exploitation can lead to full system takeover.
CVE-2023-32255 Vulnerability in CVE-2023-32255 (CVE-2023-32255)
vulnerability in CVE-2023-32255 (CVE-2023-32255). Risk of unauthorized operations or information disclosure.
CVE-2013-10050 OS Command Injection in dlink (CVE-2013-10050)
OS command injection in dlink (CVE-2013-10050). Successful exploitation can lead to full system takeover.
CVE-2025-45150 Vulnerability in x-d-lab (CVE-2025-45150)
vulnerability in x-d-lab (CVE-2025-45150). Successful exploitation can lead to full system takeover.
CVE-2025-44139 Unrestricted File Upload in emlog (CVE-2025-44139)
vulnerability in emlog (CVE-2025-44139). Successful exploitation can lead to full system takeover.
CVE-2025-52327 SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
CVE-2025-50850 Vulnerability in cs-cart (CVE-2025-50850)
vulnerability in cs-cart (CVE-2025-50850). Risk of unauthorized operations or information disclosure.
CVE-2025-50847 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
CVE-2025-50848 Cross-Site Scripting (XSS) in cs-cart (CVE-2025-50848)
cross-site scripting in cs-cart (CVE-2025-50848). Risk of unauthorized operations or information disclosure.
CVE-2025-50777 Vulnerability in aziot (CVE-2025-50777)
vulnerability in aziot (CVE-2025-50777). Successful exploitation can lead to full system takeover.
CVE-2025-25691 Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
CVE-2025-25692 Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
CVE-2025-45619 Command Injection in averusa (CVE-2025-45619)
command injection in averusa (CVE-2025-45619). Risk of unauthorized operations or information disclosure.
CVE-2025-45620 Information Disclosure in averusa (CVE-2025-45620)
vulnerability in averusa (CVE-2025-45620). Confidential information can be exposed externally.
CVE-2024-45955 Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
CVE-2023-2593 Vulnerability in dos (CVE-2023-2593)
vulnerability in dos (CVE-2023-2593). Risk of unauthorized operations or information disclosure.
CVE-2025-43213 Buffer Overflow in c (CVE-2025-43213)
vulnerability in c (CVE-2025-43213). Risk of unauthorized operations or information disclosure.
CVE-2025-43214 Buffer Overflow in c (CVE-2025-43214)
vulnerability in c (CVE-2025-43214). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →