Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-67268 |
|
Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67269 |
|
Vulnerability in c (CVE-2025-67269)
vulnerability in c (CVE-2025-67269). Risk of unauthorized operations or information disclosure. Exploitable via ``ffa1d6f40bca0b035fc7f5e563160ebb67199da7``.
|
| CVE-2025-11157 |
|
Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-71339 |
|
Unsafe Deserialization in picklescan (CVE-2025-71339)
vulnerability in picklescan (CVE-2025-71339). Confidential information can be exposed externally. Exploitable via ``numpy.f2py.crackfortran._eval_length``. Mitigation: upgrade to `0.0.33` or later.
|
| CVE-2023-54322 |
|
Vulnerability in c (CVE-2023-54322)
vulnerability in c (CVE-2023-54322). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54271 |
|
Vulnerability in c (CVE-2023-54271)
vulnerability in c (CVE-2023-54271). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-67288 |
|
Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
|
| CVE-2025-68065 |
|
Vulnerability in CVE-2025-68065 (CVE-2025-68065)
vulnerability in CVE-2025-68065 (CVE-2025-68065). Successful exploitation can lead to full system takeover.
|
| CVE-2023-53888 |
|
Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
|
| CVE-2024-44598 |
|
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
FNT Command 13.4.0 is vulnerable to Code Execution via the C Base Module.
|
| CVE-2025-7073 |
|
Vulnerability in c (CVE-2025-7073)
vulnerability in c (CVE-2025-7073). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65882 |
|
OS Command Injection in c (CVE-2025-65882)
OS command injection in c (CVE-2025-65882). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65594 |
|
Vulnerability in os4ed (CVE-2025-65594)
vulnerability in os4ed (CVE-2025-65594). Confidential information can be exposed externally.
|
| CVE-2025-61078 |
|
Cross-Site Scripting (XSS) in phpipam (CVE-2025-61078)
cross-site scripting in phpipam (CVE-2025-61078). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56704 |
|
Unrestricted File Upload in lepton-cms (CVE-2025-56704)
vulnerability in lepton-cms (CVE-2025-56704). Successful exploitation can lead to full system takeover.
|
| CVE-2025-48615 |
|
Vulnerability in google (CVE-2025-48615)
vulnerability in google (CVE-2025-48615). Successful exploitation can lead to full system takeover.
|
| CVE-2025-48612 |
|
Vulnerability in google (CVE-2025-48612)
vulnerability in google (CVE-2025-48612). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40281 |
|
Vulnerability in c (CVE-2025-40281)
vulnerability in c (CVE-2025-40281). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40280 |
|
Vulnerability in c (CVE-2025-40280)
vulnerability in c (CVE-2025-40280). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40261 |
|
Vulnerability in c (CVE-2025-40261)
vulnerability in c (CVE-2025-40261). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40258 |
|
Vulnerability in c (CVE-2025-40258)
vulnerability in c (CVE-2025-40258). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40257 |
|
Vulnerability in Kernel (CVE-2025-40257)
vulnerability in Kernel (CVE-2025-40257). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.10.247, 5.15.197, 6.1.159, 6.6.118, 6.12.60, 6.17.10` or later.
|
| CVE-2025-40251 |
|
Vulnerability in c (CVE-2025-40251)
vulnerability in c (CVE-2025-40251). Risk of unauthorized operations or information disclosure. Exploitable via ``rate_leaf_parent_set``.
|
| CVE-2025-40214 |
|
Vulnerability in c (CVE-2025-40214)
vulnerability in c (CVE-2025-40214). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66412 |
|
Cross-Site Scripting (XSS) in @angular/compiler (CVE-2025-66412)
cross-site scripting in @angular/compiler (CVE-2025-66412). Risk of unauthorized operations or information disclosure. Exploitable via ``attributeName``.
|
| CVE-2025-65622 |
|
Cross-Site Scripting (XSS) in snipeitapp (CVE-2025-65622)
cross-site scripting in snipeitapp (CVE-2025-65622). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-65621 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2025-65621)
cross-site scripting in privilege-escalation (CVE-2025-65621). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66035 |
|
Vulnerability in @angular/common (CVE-2025-66035)
vulnerability in @angular/common (CVE-2025-66035). Risk of unauthorized operations or information disclosure. Exploitable via ``POST``. Mitigation: upgrade to `19.2.16` or later.
|
| CVE-2025-61167 |
|
SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-61168 |
|
Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64047 |
|
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
|
| CVE-2025-64048 |
|
Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63892 |
|
Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63748 |
|
Unrestricted File Upload in testmanagement (CVE-2025-63748)
vulnerability in testmanagement (CVE-2025-63748). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64046 |
|
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
|
| CVE-2025-64308 |
|
Vulnerability in CVE-2025-64308 (CVE-2025-64308)
vulnerability in CVE-2025-64308 (CVE-2025-64308). Confidential information can be exposed externally.
|
| CVE-2025-40164 |
|
Vulnerability in c (CVE-2025-40164)
vulnerability in c (CVE-2025-40164). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-40163 |
|
Vulnerability in c (CVE-2025-40163)
vulnerability in c (CVE-2025-40163). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-63397 |
|
Vulnerability in oneflow (CVE-2025-63397)
vulnerability in oneflow (CVE-2025-63397). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-0987 |
|
Vulnerability in c (CVE-2025-0987)
vulnerability in c (CVE-2025-0987). Confidential information can be exposed externally.
|
| CVE-2025-60898 |
|
SSRF (Server-Side Request Forgery) in c (CVE-2025-60898)
SSRF in c (CVE-2025-60898). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56399 |
|
Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
|
| CVE-2025-40022 |
|
Vulnerability in c (CVE-2025-40022)
vulnerability in c (CVE-2025-40022). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2025-60837 |
|
Cross-Site Scripting (XSS) in mingsoft (CVE-2025-60837)
cross-site scripting in mingsoft (CVE-2025-60837). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-11023 |
|
Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60511 |
|
Vulnerability in CVE-2025-60511 (CVE-2025-60511)
vulnerability in CVE-2025-60511 (CVE-2025-60511). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-57567 |
|
Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60641 |
|
SQL Injection in sqli (CVE-2025-60641)
SQL injection in sqli (CVE-2025-60641). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-34512 |
|
Cross-Site Scripting (XSS) in ilevia (CVE-2025-34512)
cross-site scripting in ilevia (CVE-2025-34512). Risk of unauthorized operations or information disclosure.
|