Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-2776 KEV |
|
[KEV] XXE (XML External Entity) in sysaid (CVE-2025-2776)
vulnerability in sysaid (CVE-2025-2776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-54309 KEV |
|
[KEV] Vulnerability in crushftp (CVE-2025-54309)
vulnerability in crushftp (CVE-2025-54309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-49704 KEV |
|
[KEV] Code Injection in Microsoft sharepoint (CVE-2025-49704)
code injection in Microsoft sharepoint (CVE-2025-49704). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-49706 KEV |
|
[KEV] Authentication Bypass in Microsoft sharepoint (CVE-2025-49706)
authentication bypass in Microsoft sharepoint (CVE-2025-49706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44654 |
|
Vulnerability in privilege-escalation (CVE-2025-44654)
vulnerability in privilege-escalation (CVE-2025-44654). Successful exploitation can lead to full system takeover.
|
| CVE-2025-44653 |
|
Vulnerability in dos (CVE-2025-44653)
vulnerability in dos (CVE-2025-44653). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44649 |
|
Vulnerability in trendnet (CVE-2025-44649)
vulnerability in trendnet (CVE-2025-44649). Confidential information can be exposed externally.
|
| CVE-2025-44651 |
|
Vulnerability in dos (CVE-2025-44651)
vulnerability in dos (CVE-2025-44651). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44657 |
|
Vulnerability in privilege-escalation (CVE-2025-44657)
vulnerability in privilege-escalation (CVE-2025-44657). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-44647 |
|
Vulnerability in trendnet (CVE-2025-44647)
vulnerability in trendnet (CVE-2025-44647). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4130 |
|
Vulnerability in CVE-2025-4130 (CVE-2025-4130)
vulnerability in CVE-2025-4130 (CVE-2025-4130). Confidential information can be exposed externally.
|
| CVE-2025-53770 KEV |
|
[KEV] Unsafe Deserialization in Microsoft sharepoint (CVE-2025-53770)
vulnerability in Microsoft sharepoint (CVE-2025-53770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-38350 |
|
Use-After-Free in linux (CVE-2025-38350)
vulnerability in linux (CVE-2025-38350). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50583 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50583)
cross-site scripting in daycloud (CVE-2025-50583). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50582 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50582)
cross-site scripting in daycloud (CVE-2025-50582). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50581 |
|
Cross-Site Scripting (XSS) in mrcms (CVE-2025-50581)
cross-site scripting in mrcms (CVE-2025-50581). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50584 |
|
Cross-Site Scripting (XSS) in daycloud (CVE-2025-50584)
cross-site scripting in daycloud (CVE-2025-50584). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52169 |
|
Cross-Site Scripting (XSS) in CVE-2025-52169 (CVE-2025-52169)
cross-site scripting in CVE-2025-52169 (CVE-2025-52169). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52163 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-52163)
SSRF in ssrf (CVE-2025-52163). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50585 |
|
SQL Injection in sqli (CVE-2025-50585)
SQL injection in sqli (CVE-2025-50585). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52166 |
|
Vulnerability in CVE-2025-52166 (CVE-2025-52166)
vulnerability in CVE-2025-52166 (CVE-2025-52166). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52168 |
|
Vulnerability in CVE-2025-52168 (CVE-2025-52168)
vulnerability in CVE-2025-52168 (CVE-2025-52168). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-52162 |
|
XXE (XML External Entity) in CVE-2025-52162 (CVE-2025-52162)
vulnerability in CVE-2025-52162 (CVE-2025-52162). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50586 |
|
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
|
| CVE-2025-45157 |
|
Vulnerability in splashin (CVE-2025-45157)
vulnerability in splashin (CVE-2025-45157). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25257 KEV |
|
[KEV] SQL Injection in Fortinet fortiweb (CVE-2025-25257)
SQL injection in Fortinet fortiweb (CVE-2025-25257). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53816 |
|
Vulnerability in dos (CVE-2025-53816)
vulnerability in dos (CVE-2025-53816). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46102 |
|
Cross-Site Scripting (XSS) in beakon (CVE-2025-46102)
cross-site scripting in beakon (CVE-2025-46102). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53867 |
|
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.
|
| CVE-2025-20272 |
|
SQL Injection in sqli (CVE-2025-20272)
SQL injection in sqli (CVE-2025-20272). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-6965 |
|
Vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965)
vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965). Data can be tampered with by attackers.
|
| CVE-2025-51655 |
|
SQL Injection in sqli (CVE-2025-51655)
SQL injection in sqli (CVE-2025-51655). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51656 |
|
SQL Injection in sqli (CVE-2025-51656)
SQL injection in sqli (CVE-2025-51656). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51657 |
|
SQL Injection in sqli (CVE-2025-51657)
SQL injection in sqli (CVE-2025-51657). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51658 |
|
SQL Injection in sqli (CVE-2025-51658)
SQL injection in sqli (CVE-2025-51658). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51659 |
|
SQL Injection in sqli (CVE-2025-51659)
SQL injection in sqli (CVE-2025-51659). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51660 |
|
SQL Injection in sqli (CVE-2025-51660)
SQL injection in sqli (CVE-2025-51660). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51652 |
|
SQL Injection in sqli (CVE-2025-51652)
SQL injection in sqli (CVE-2025-51652). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51653 |
|
SQL Injection in sqli (CVE-2025-51653)
SQL injection in sqli (CVE-2025-51653). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51654 |
|
SQL Injection in sqli (CVE-2025-51654)
SQL injection in sqli (CVE-2025-51654). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7519 |
|
Out-of-Bounds Write in redhat (CVE-2025-7519)
out-of-bounds write in redhat (CVE-2025-7519). Successful exploitation can lead to full system takeover.
|
| CVE-2025-47812 KEV |
|
[KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-7546 |
|
Buffer Overflow in c (CVE-2025-7546)
vulnerability in c (CVE-2025-7546). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-7545 |
|
Buffer Overflow in c (CVE-2025-7545)
vulnerability in c (CVE-2025-7545). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-51591 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2025-51591)
SSRF in ssrf (CVE-2025-51591). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53471 |
|
Vulnerability in CVE-2025-53471 (CVE-2025-53471)
vulnerability in CVE-2025-53471 (CVE-2025-53471). Data can be tampered with by attackers.
|
| CVE-2025-6395 |
|
Vulnerability in CVE-2025-6395 (CVE-2025-6395)
vulnerability in CVE-2025-6395 (CVE-2025-6395). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-36697 |
|
Cross-Site Scripting (XSS) in CVE-2024-36697 (CVE-2024-36697)
cross-site scripting in CVE-2024-36697 (CVE-2024-36697). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-32990 |
|
Vulnerability in dos (CVE-2025-32990)
vulnerability in dos (CVE-2025-32990). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-38342 |
|
Out-of-Bounds Read in linux (CVE-2025-38342)
vulnerability in linux (CVE-2025-38342). Confidential information can be exposed externally.
|