Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2025-46099 Unrestricted File Upload in pluck-cms (CVE-2025-46099)
vulnerability in pluck-cms (CVE-2025-46099). Successful exploitation can lead to full system takeover.
CVE-2025-49704 KEV [KEV] Code Injection in Microsoft sharepoint (CVE-2025-49704)
code injection in Microsoft sharepoint (CVE-2025-49704). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-49706 KEV [KEV] Authentication Bypass in Microsoft sharepoint (CVE-2025-49706)
authentication bypass in Microsoft sharepoint (CVE-2025-49706). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6558 KEV [KEV] Vulnerability in Google chromium (CVE-2025-6558)
vulnerability in Google chromium (CVE-2025-6558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2775 KEV [KEV] XXE (XML External Entity) in sysaid (CVE-2025-2775)
vulnerability in sysaid (CVE-2025-2775). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2776 KEV [KEV] XXE (XML External Entity) in sysaid (CVE-2025-2776)
vulnerability in sysaid (CVE-2025-2776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-54309 KEV [KEV] Vulnerability in crushftp (CVE-2025-54309)
vulnerability in crushftp (CVE-2025-54309). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-53770 KEV [KEV] Unsafe Deserialization in Microsoft sharepoint (CVE-2025-53770)
vulnerability in Microsoft sharepoint (CVE-2025-53770). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-25257 KEV [KEV] SQL Injection in Fortinet fortiweb (CVE-2025-25257)
SQL injection in Fortinet fortiweb (CVE-2025-25257). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-53816 Vulnerability in dos (CVE-2025-53816)
vulnerability in dos (CVE-2025-53816). Risk of unauthorized operations or information disclosure.
CVE-2025-6965 Vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965)
vulnerability in SQLitePCLRaw.lib.e_sqlite3 (CVE-2025-6965). Data can be tampered with by attackers.
CVE-2025-51655 SQL Injection in sqli (CVE-2025-51655)
SQL injection in sqli (CVE-2025-51655). Risk of unauthorized operations or information disclosure.
CVE-2025-51656 SQL Injection in sqli (CVE-2025-51656)
SQL injection in sqli (CVE-2025-51656). Risk of unauthorized operations or information disclosure.
CVE-2025-51657 SQL Injection in sqli (CVE-2025-51657)
SQL injection in sqli (CVE-2025-51657). Risk of unauthorized operations or information disclosure.
CVE-2025-51658 SQL Injection in sqli (CVE-2025-51658)
SQL injection in sqli (CVE-2025-51658). Risk of unauthorized operations or information disclosure.
CVE-2025-51659 SQL Injection in sqli (CVE-2025-51659)
SQL injection in sqli (CVE-2025-51659). Risk of unauthorized operations or information disclosure.
CVE-2025-51660 SQL Injection in sqli (CVE-2025-51660)
SQL injection in sqli (CVE-2025-51660). Risk of unauthorized operations or information disclosure.
CVE-2025-51652 SQL Injection in sqli (CVE-2025-51652)
SQL injection in sqli (CVE-2025-51652). Risk of unauthorized operations or information disclosure.
CVE-2025-51653 SQL Injection in sqli (CVE-2025-51653)
SQL injection in sqli (CVE-2025-51653). Risk of unauthorized operations or information disclosure.
CVE-2025-51654 SQL Injection in sqli (CVE-2025-51654)
SQL injection in sqli (CVE-2025-51654). Risk of unauthorized operations or information disclosure.
CVE-2025-47812 KEV [KEV] Vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812)
vulnerability in Wing ftp server wing-ftp-server (CVE-2025-47812). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-5777 KEV [KEV] Out-of-Bounds Read in Citrix netscaler-adc-and-gateway (CVE-2025-5777)
vulnerability in Citrix netscaler-adc-and-gateway (CVE-2025-5777). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-49702 Vulnerability in microsoft (CVE-2025-49702)
vulnerability in microsoft (CVE-2025-49702). Successful exploitation can lead to full system takeover.
CVE-2025-49697 Vulnerability in microsoft (CVE-2025-49697)
vulnerability in microsoft (CVE-2025-49697). Successful exploitation can lead to full system takeover.
CVE-2025-49696 Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-49695 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2024-55599 Vulnerability in fortinet (CVE-2024-55599)
vulnerability in fortinet (CVE-2024-55599). Risk of unauthorized operations or information disclosure.
CVE-2019-9621 KEV [KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621)
SSRF in Synacor zimbra-collaboration-suite-zcs (CVE-2019-9621). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2016-10033 KEV [KEV] Command Injection in php (CVE-2016-10033)
command injection in php (CVE-2016-10033). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-5418 KEV [KEV] Path Traversal in rails (CVE-2019-5418)
path traversal in rails (CVE-2019-5418). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2014-3931 KEV [KEV] Buffer Overflow in Looking glass looking-glass (CVE-2014-3931)
vulnerability in Looking glass looking-glass (CVE-2014-3931). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6554 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2025-6554)
vulnerability in Google chromium-v8 (CVE-2025-6554). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48928 KEV [KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-48928)
vulnerability in Telemessage tm-sgnl (CVE-2025-48928). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48927 KEV [KEV] Vulnerability in Telemessage tm-sgnl (CVE-2025-48927)
vulnerability in Telemessage tm-sgnl (CVE-2025-48927). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6543 KEV [KEV] Buffer Overflow in Citrix netscaler-adc-and-gateway (CVE-2025-6543)
vulnerability in Citrix netscaler-adc-and-gateway (CVE-2025-6543). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-44915 Cross-Site Scripting (XSS) in CVE-2023-44915 (CVE-2023-44915)
cross-site scripting in CVE-2023-44915 (CVE-2023-44915). Confidential information can be exposed externally.
CVE-2024-0769 KEV [KEV] Path Traversal in D-link dir-859-router (CVE-2024-0769)
path traversal in D-link dir-859-router (CVE-2024-0769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-54085 KEV [KEV] Vulnerability in Ami megarac-spx (CVE-2024-54085)
vulnerability in Ami megarac-spx (CVE-2024-54085). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-6693 KEV [KEV] Vulnerability in Fortinet fortios (CVE-2019-6693)
vulnerability in Fortinet fortios (CVE-2019-6693). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-44203 Vulnerability in dos (CVE-2025-44203)
vulnerability in dos (CVE-2025-44203). Risk of unauthorized operations or information disclosure.
CVE-2023-0386 KEV [KEV] Vulnerability in Linux kernel (CVE-2023-0386)
vulnerability in Linux kernel (CVE-2023-0386). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-33538 KEV [KEV] Command Injection in Tp-link multiple-routers (CVE-2023-33538)
command injection in Tp-link multiple-routers (CVE-2023-33538). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43200 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2025-43200)
vulnerability in Apple multiple-products (CVE-2025-43200). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-47953 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47167 Vulnerability in microsoft (CVE-2025-47167)
vulnerability in microsoft (CVE-2025-47167). Successful exploitation can lead to full system takeover.
CVE-2025-47164 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-47162 Vulnerability in microsoft (CVE-2025-47162)
vulnerability in microsoft (CVE-2025-47162). Successful exploitation can lead to full system takeover.
CVE-2025-25250 Information Disclosure in fortinet (CVE-2025-25250)
vulnerability in fortinet (CVE-2025-25250). Risk of unauthorized operations or information disclosure.
CVE-2025-24471 Vulnerability in fortinet (CVE-2025-24471)
vulnerability in fortinet (CVE-2025-24471). Data can be tampered with by attackers.
CVE-2024-50562 Vulnerability in fortinet (CVE-2024-50562)
vulnerability in fortinet (CVE-2024-50562). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →