Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2025-67268 Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
CVE-2025-67269 Vulnerability in c (CVE-2025-67269)
vulnerability in c (CVE-2025-67269). Risk of unauthorized operations or information disclosure. Exploitable via ``ffa1d6f40bca0b035fc7f5e563160ebb67199da7``.
CVE-2025-11157 Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
CVE-2025-71339 Unsafe Deserialization in picklescan (CVE-2025-71339)
vulnerability in picklescan (CVE-2025-71339). Confidential information can be exposed externally. Exploitable via ``numpy.f2py.crackfortran._eval_length``. Mitigation: upgrade to `0.0.33` or later.
CVE-2023-54322 Vulnerability in c (CVE-2023-54322)
vulnerability in c (CVE-2023-54322). Risk of unauthorized operations or information disclosure.
CVE-2023-54271 Vulnerability in c (CVE-2023-54271)
vulnerability in c (CVE-2023-54271). Risk of unauthorized operations or information disclosure.
CVE-2025-67288 Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
CVE-2025-68065 Vulnerability in CVE-2025-68065 (CVE-2025-68065)
vulnerability in CVE-2025-68065 (CVE-2025-68065). Successful exploitation can lead to full system takeover.
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
CVE-2024-44598 FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
CVE-2025-7073 Vulnerability in c (CVE-2025-7073)
vulnerability in c (CVE-2025-7073). Successful exploitation can lead to full system takeover.
CVE-2025-65882 OS Command Injection in c (CVE-2025-65882)
OS command injection in c (CVE-2025-65882). Successful exploitation can lead to full system takeover.
CVE-2025-65594 Vulnerability in os4ed (CVE-2025-65594)
vulnerability in os4ed (CVE-2025-65594). Confidential information can be exposed externally.
CVE-2025-61078 Cross-Site Scripting (XSS) in phpipam (CVE-2025-61078)
cross-site scripting in phpipam (CVE-2025-61078). Risk of unauthorized operations or information disclosure.
CVE-2025-56704 Unrestricted File Upload in lepton-cms (CVE-2025-56704)
vulnerability in lepton-cms (CVE-2025-56704). Successful exploitation can lead to full system takeover.
CVE-2025-48615 Vulnerability in google (CVE-2025-48615)
vulnerability in google (CVE-2025-48615). Successful exploitation can lead to full system takeover.
CVE-2025-48612 Vulnerability in google (CVE-2025-48612)
vulnerability in google (CVE-2025-48612). Successful exploitation can lead to full system takeover.
CVE-2025-40281 Vulnerability in c (CVE-2025-40281)
vulnerability in c (CVE-2025-40281). Risk of unauthorized operations or information disclosure.
CVE-2025-40280 Vulnerability in c (CVE-2025-40280)
vulnerability in c (CVE-2025-40280). Risk of unauthorized operations or information disclosure.
CVE-2025-40261 Vulnerability in c (CVE-2025-40261)
vulnerability in c (CVE-2025-40261). Risk of unauthorized operations or information disclosure.
CVE-2025-40258 Vulnerability in c (CVE-2025-40258)
vulnerability in c (CVE-2025-40258). Risk of unauthorized operations or information disclosure.
CVE-2025-40257 Vulnerability in Kernel (CVE-2025-40257)
vulnerability in Kernel (CVE-2025-40257). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.247, 5.15.197, 6.1.159, 6.6.118, 6.12.60, 6.17.10` or later.
CVE-2025-40251 Vulnerability in c (CVE-2025-40251)
vulnerability in c (CVE-2025-40251). Risk of unauthorized operations or information disclosure. Exploitable via ``rate_leaf_parent_set``.
CVE-2025-40214 Vulnerability in c (CVE-2025-40214)
vulnerability in c (CVE-2025-40214). Risk of unauthorized operations or information disclosure.
CVE-2025-66412 Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
CVE-2025-65622 Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
CVE-2025-65621 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
CVE-2025-66035 Vulnerability in @angular/common (CVE-2025-66035)
vulnerability in @angular/common (CVE-2025-66035). Risk of unauthorized operations or information disclosure. Exploitable via ``POST``. Mitigation: upgrade to `19.2.16` or later.
CVE-2025-61167 SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
CVE-2025-61168 Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
CVE-2025-64047 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
CVE-2025-64048 Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
CVE-2025-63892 Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
CVE-2025-63748 Unrestricted File Upload in testmanagement (CVE-2025-63748)
vulnerability in testmanagement (CVE-2025-63748). Successful exploitation can lead to full system takeover.
CVE-2025-64046 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
CVE-2025-64308 Vulnerability in CVE-2025-64308 (CVE-2025-64308)
vulnerability in CVE-2025-64308 (CVE-2025-64308). Confidential information can be exposed externally.
CVE-2025-40164 Vulnerability in c (CVE-2025-40164)
vulnerability in c (CVE-2025-40164). Risk of unauthorized operations or information disclosure.
CVE-2025-40163 Vulnerability in c (CVE-2025-40163)
vulnerability in c (CVE-2025-40163). Risk of unauthorized operations or information disclosure.
CVE-2025-63397 Vulnerability in oneflow (CVE-2025-63397)
vulnerability in oneflow (CVE-2025-63397). Risk of unauthorized operations or information disclosure.
CVE-2025-0987 Vulnerability in c (CVE-2025-0987)
vulnerability in c (CVE-2025-0987). Confidential information can be exposed externally.
CVE-2025-60898 SSRF (Server-Side Request Forgery) in c (CVE-2025-60898)
SSRF in c (CVE-2025-60898). Risk of unauthorized operations or information disclosure.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-40022 Vulnerability in c (CVE-2025-40022)
vulnerability in c (CVE-2025-40022). Risk of unauthorized operations or information disclosure.
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-60837 Cross-Site Scripting (XSS) in mingsoft (CVE-2025-60837)
cross-site scripting in mingsoft (CVE-2025-60837). Risk of unauthorized operations or information disclosure.
CVE-2025-11023 Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
CVE-2025-60511 Vulnerability in CVE-2025-60511 (CVE-2025-60511)
vulnerability in CVE-2025-60511 (CVE-2025-60511). Risk of unauthorized operations or information disclosure.
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
CVE-2025-60641 SQL Injection in sqli (CVE-2025-60641)
SQL injection in sqli (CVE-2025-60641). Risk of unauthorized operations or information disclosure.
CVE-2025-34512 Cross-Site Scripting (XSS) in ilevia (CVE-2025-34512)
cross-site scripting in ilevia (CVE-2025-34512). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →