Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-51629 |
|
Cross-Site Scripting (XSS) in CVE-2025-51629 (CVE-2025-51629)
cross-site scripting in CVE-2025-51629 (CVE-2025-51629). Successful exploitation can lead to full system takeover.
|
| CVE-2024-52680 |
|
Cross-Site Scripting (XSS) in c (CVE-2024-52680)
cross-site scripting in c (CVE-2024-52680). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55401 |
|
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
|
| CVE-2025-51058 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-51058)
SSRF in ssrf (CVE-2025-51058). Confidential information can be exposed externally.
|
| CVE-2025-51055 |
|
Vulnerability in vedo-suite-project (CVE-2025-51055)
vulnerability in vedo-suite-project (CVE-2025-51055). Confidential information can be exposed externally.
|
| CVE-2025-51056 |
|
Unrestricted File Upload in vedo-suite-project (CVE-2025-51056)
vulnerability in vedo-suite-project (CVE-2025-51056). Confidential information can be exposed externally.
|
| CVE-2025-51057 |
|
Vulnerability in vedo-suite-project (CVE-2025-51057)
vulnerability in vedo-suite-project (CVE-2025-51057). Confidential information can be exposed externally.
|
| CVE-2025-51052 |
|
Vulnerability in path-traversal (CVE-2025-51052)
vulnerability in path-traversal (CVE-2025-51052). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51054 |
|
Vulnerability in vedo-suite-project (CVE-2025-51054)
vulnerability in vedo-suite-project (CVE-2025-51054). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51053 |
|
Cross-Site Scripting (XSS) in vedo-suite-project (CVE-2025-51053)
cross-site scripting in vedo-suite-project (CVE-2025-51053). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55399 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2024-55399)
SSRF in ssrf (CVE-2024-55399). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-55402 |
|
4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
|
| CVE-2024-55398 |
|
4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
|
| CVE-2025-51624 |
|
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
|
| CVE-2025-53786 |
|
Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52237 |
|
Vulnerability in path-traversal (CVE-2025-52237)
vulnerability in path-traversal (CVE-2025-52237). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52078 |
|
Unrestricted File Upload in react (CVE-2025-52078)
vulnerability in react (CVE-2025-52078). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50592 |
|
Cross-Site Scripting (XSS) in seacms (CVE-2025-50592)
cross-site scripting in seacms (CVE-2025-50592). Risk of unauthorized operations or information disclosure.
|
| CVE-2013-10068 |
|
Vulnerability in CVE-2013-10068 (CVE-2013-10068)
vulnerability in CVE-2013-10068 (CVE-2013-10068). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10032 |
|
Cross-Site Scripting (XSS) in CVE-2012-10032 (CVE-2012-10032)
cross-site scripting in CVE-2012-10032 (CVE-2012-10032). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10024 |
|
Path Traversal in path-traversal (CVE-2012-10024)
path traversal in path-traversal (CVE-2012-10024). Risk of unauthorized operations or information disclosure.
|
| CVE-2012-10027 |
|
Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
|
| CVE-2025-51857 |
|
Cross-Site Scripting (XSS) in CVE-2025-51857 (CVE-2025-51857)
cross-site scripting in CVE-2025-51857 (CVE-2025-51857). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51627 |
|
Vulnerability in CVE-2025-51627 (CVE-2025-51627)
vulnerability in CVE-2025-51627 (CVE-2025-51627). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51060 |
|
Vulnerability in cpuid (CVE-2025-51060)
vulnerability in cpuid (CVE-2025-51060). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44964 |
|
Vulnerability in bluestacks (CVE-2025-44964)
vulnerability in bluestacks (CVE-2025-44964). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40799 KEV |
|
[KEV] Vulnerability in D-link dnr-322l (CVE-2022-40799)
vulnerability in D-link dnr-322l (CVE-2022-40799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25079 KEV |
|
[KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-50341 |
|
SQL Injection in sqli (CVE-2025-50341)
SQL injection in sqli (CVE-2025-50341). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52239 |
|
Unrestricted File Upload in zkea (CVE-2025-52239)
vulnerability in zkea (CVE-2025-52239). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51390 |
|
OS Command Injection in totolink (CVE-2025-51390)
OS command injection in totolink (CVE-2025-51390). Successful exploitation can lead to full system takeover.
|
| CVE-2025-44643 |
|
Vulnerability in CVE-2025-44643 (CVE-2025-44643)
vulnerability in CVE-2025-44643 (CVE-2025-44643). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-20701 |
|
Authorization Flaw in CVE-2025-20701 (CVE-2025-20701)
vulnerability in CVE-2025-20701 (CVE-2025-20701). Successful exploitation can lead to full system takeover.
|
| CVE-2023-32255 |
|
Vulnerability in CVE-2023-32255 (CVE-2023-32255)
vulnerability in CVE-2023-32255 (CVE-2023-32255). Risk of unauthorized operations or information disclosure.
|
| CVE-2013-10050 |
|
OS Command Injection in dlink (CVE-2013-10050)
OS command injection in dlink (CVE-2013-10050). Successful exploitation can lead to full system takeover.
|
| CVE-2025-45150 |
|
Vulnerability in x-d-lab (CVE-2025-45150)
vulnerability in x-d-lab (CVE-2025-45150). Successful exploitation can lead to full system takeover.
|
| CVE-2025-44139 |
|
Unrestricted File Upload in emlog (CVE-2025-44139)
vulnerability in emlog (CVE-2025-44139). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52327 |
|
SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50850 |
|
Vulnerability in cs-cart (CVE-2025-50850)
vulnerability in cs-cart (CVE-2025-50850). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50847 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50848 |
|
Cross-Site Scripting (XSS) in cs-cart (CVE-2025-50848)
cross-site scripting in cs-cart (CVE-2025-50848). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50777 |
|
Vulnerability in aziot (CVE-2025-50777)
vulnerability in aziot (CVE-2025-50777). Successful exploitation can lead to full system takeover.
|
| CVE-2025-25691 |
|
Command Injection in deserialization (CVE-2025-25691)
command injection in deserialization (CVE-2025-25691). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25692 |
|
Command Injection in deserialization (CVE-2025-25692)
command injection in deserialization (CVE-2025-25692). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45619 |
|
Command Injection in averusa (CVE-2025-45619)
command injection in averusa (CVE-2025-45619). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45620 |
|
Information Disclosure in averusa (CVE-2025-45620)
vulnerability in averusa (CVE-2025-45620). Confidential information can be exposed externally.
|
| CVE-2024-45955 |
|
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL Injection via the filter parameter.
|
| CVE-2023-2593 |
|
Vulnerability in dos (CVE-2023-2593)
vulnerability in dos (CVE-2023-2593). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43213 |
|
Buffer Overflow in c (CVE-2025-43213)
vulnerability in c (CVE-2025-43213). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43214 |
|
Buffer Overflow in c (CVE-2025-43214)
vulnerability in c (CVE-2025-43214). Risk of unauthorized operations or information disclosure.
|