Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2024-8068 KEV |
|
[KEV] Privilege Escalation in Citrix session-recording (CVE-2024-8068)
vulnerability in Citrix session-recording (CVE-2024-8068). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-8069 KEV |
|
[KEV] Unsafe Deserialization in Citrix session-recording (CVE-2024-8069)
vulnerability in Citrix session-recording (CVE-2024-8069). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-50674 |
|
Vulnerability in openmediavault (CVE-2025-50674)
vulnerability in openmediavault (CVE-2025-50674). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43300 KEV |
|
[KEV] Out-of-Bounds Write in Apple ios (CVE-2025-43300)
out-of-bounds write in Apple ios (CVE-2025-43300). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-50567 |
|
SQL Injection in CVE-2025-50567 (CVE-2025-50567)
SQL injection in CVE-2025-50567 (CVE-2025-50567). Successful exploitation can lead to full system takeover.
|
| CVE-2025-54948 KEV |
|
[KEV] OS Command Injection in Trend micro trend-micro (CVE-2025-54948)
OS command injection in Trend micro trend-micro (CVE-2025-54948). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-52335 |
|
Cross-Site Scripting (XSS) in eyoucms (CVE-2025-52335)
cross-site scripting in eyoucms (CVE-2025-52335). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-45315 |
|
Cross-Site Scripting (XSS) in hortusfox (CVE-2025-45315)
cross-site scripting in hortusfox (CVE-2025-45315). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-48989 |
|
Vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989)
vulnerability in org.apache.tomcat:tomcat-coyote (CVE-2025-48989). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.108` or later.
|
| CVE-2025-8876 KEV |
|
[KEV] Vulnerability in N-able n-central (CVE-2025-8876)
vulnerability in N-able n-central (CVE-2025-8876). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-8875 KEV |
|
[KEV] Vulnerability in N-able n-central (CVE-2025-8875)
vulnerability in N-able n-central (CVE-2025-8875). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-53744 |
|
Vulnerability in fortinet (CVE-2025-53744)
vulnerability in fortinet (CVE-2025-53744). Successful exploitation can lead to full system takeover.
|
| CVE-2025-25248 |
|
Vulnerability in fortinet (CVE-2025-25248)
vulnerability in fortinet (CVE-2025-25248). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53766 |
|
Vulnerability in microsoft (CVE-2025-53766)
vulnerability in microsoft (CVE-2025-53766). Successful exploitation can lead to full system takeover.
|
| CVE-2025-53732 |
|
Vulnerability in microsoft (CVE-2025-53732)
vulnerability in microsoft (CVE-2025-53732). Successful exploitation can lead to full system takeover.
|
| CVE-2025-33051 |
|
Information Disclosure in microsoft (CVE-2025-33051)
vulnerability in microsoft (CVE-2025-33051). Confidential information can be exposed externally.
|
| CVE-2025-25007 |
|
Vulnerability in microsoft (CVE-2025-25007)
vulnerability in microsoft (CVE-2025-25007). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25006 |
|
Vulnerability in microsoft (CVE-2025-25006)
vulnerability in microsoft (CVE-2025-25006). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-25005 |
|
Vulnerability in microsoft (CVE-2025-25005)
vulnerability in microsoft (CVE-2025-25005). Confidential information can be exposed externally.
|
| CVE-2007-0671 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2007-0671)
vulnerability in Microsoft office (CVE-2007-0671). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-8088 KEV |
|
[KEV] Vulnerability in Rarlab winrar (CVE-2025-8088)
vulnerability in Rarlab winrar (CVE-2025-8088). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3893 KEV |
|
[KEV] Vulnerability in Microsoft internet-explorer (CVE-2013-3893)
vulnerability in Microsoft internet-explorer (CVE-2013-3893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-10047 |
|
SQL Injection in sqli (CVE-2012-10047)
SQL injection in sqli (CVE-2012-10047). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-52680 |
|
Cross-Site Scripting (XSS) in c (CVE-2024-52680)
cross-site scripting in c (CVE-2024-52680). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53786 |
|
Authentication Bypass in microsoft (CVE-2025-53786)
authentication bypass in microsoft (CVE-2025-53786). Successful exploitation can lead to full system takeover.
|
| CVE-2012-10027 |
|
Unrestricted File Upload in wordpress (CVE-2012-10027)
vulnerability in wordpress (CVE-2012-10027). Risk of unauthorized operations or information disclosure. Exploitable via ``uploadify.php``.
|
| CVE-2020-25078 KEV |
|
[KEV] Vulnerability in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25078)
vulnerability in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25078). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-25079 KEV |
|
[KEV] Command Injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079)
command injection in D-link dcs-2530l-and-dcs-2670l-devices (CVE-2020-25079). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-40799 KEV |
|
[KEV] Vulnerability in D-link dnr-322l (CVE-2022-40799)
vulnerability in D-link dnr-322l (CVE-2022-40799). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44139 |
|
Unrestricted File Upload in emlog (CVE-2025-44139)
vulnerability in emlog (CVE-2025-44139). Successful exploitation can lead to full system takeover.
|
| CVE-2025-52327 |
|
SQL Injection in sqli (CVE-2025-52327)
SQL injection in sqli (CVE-2025-52327). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43214 |
|
Buffer Overflow in c (CVE-2025-43214)
vulnerability in c (CVE-2025-43214). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43213 |
|
Buffer Overflow in c (CVE-2025-43213)
vulnerability in c (CVE-2025-43213). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50485 |
|
Vulnerability in phpgurukul (CVE-2025-50485)
vulnerability in phpgurukul (CVE-2025-50485). Confidential information can be exposed externally.
|
| CVE-2025-50486 |
|
Vulnerability in phpgurukul (CVE-2025-50486)
vulnerability in phpgurukul (CVE-2025-50486). Confidential information can be exposed externally.
|
| CVE-2025-50484 |
|
Vulnerability in phpgurukul (CVE-2025-50484)
vulnerability in phpgurukul (CVE-2025-50484). Confidential information can be exposed externally.
|
| CVE-2025-50487 |
|
Vulnerability in phpgurukul (CVE-2025-50487)
vulnerability in phpgurukul (CVE-2025-50487). Confidential information can be exposed externally.
|
| CVE-2025-50491 |
|
Vulnerability in phpgurukul (CVE-2025-50491)
vulnerability in phpgurukul (CVE-2025-50491). Confidential information can be exposed externally.
|
| CVE-2025-50492 |
|
Vulnerability in phpgurukul (CVE-2025-50492)
vulnerability in phpgurukul (CVE-2025-50492). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50488 |
|
Vulnerability in phpgurukul (CVE-2025-50488)
vulnerability in phpgurukul (CVE-2025-50488). Confidential information can be exposed externally.
|
| CVE-2025-50489 |
|
Vulnerability in phpgurukul (CVE-2025-50489)
vulnerability in phpgurukul (CVE-2025-50489). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50490 |
|
Vulnerability in phpgurukul (CVE-2025-50490)
vulnerability in phpgurukul (CVE-2025-50490). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50493 |
|
Vulnerability in phpgurukul (CVE-2025-50493)
vulnerability in phpgurukul (CVE-2025-50493). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50494 |
|
Vulnerability in phpgurukul (CVE-2025-50494)
vulnerability in phpgurukul (CVE-2025-50494). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4056 |
|
Code Injection in dos (CVE-2025-4056)
code injection in dos (CVE-2025-4056). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-20281 KEV |
|
[KEV] Vulnerability in Cisco identity-services-engine (CVE-2025-20281)
vulnerability in Cisco identity-services-engine (CVE-2025-20281). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2533 KEV |
|
[KEV] Cross-Site Request Forgery (CSRF) in Papercut ngmf (CVE-2023-2533)
vulnerability in Papercut ngmf (CVE-2023-2533). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-20337 KEV |
|
[KEV] Vulnerability in Cisco identity-services-engine (CVE-2025-20337)
vulnerability in Cisco identity-services-engine (CVE-2025-20337). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-44608 |
|
SQL Injection in sqli (CVE-2025-44608)
SQL injection in sqli (CVE-2025-44608). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-46171 |
|
Vulnerability in vbulletin (CVE-2025-46171)
vulnerability in vbulletin (CVE-2025-46171). Risk of unauthorized operations or information disclosure.
|