Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2025-12543 Vulnerability in redhat (CVE-2025-12543)
vulnerability in redhat (CVE-2025-12543). Confidential information can be exposed externally. Exploitable via `Host header`.
CVE-2025-60534 Authentication Bypass in blueaccesstech (CVE-2025-60534)
authentication bypass in blueaccesstech (CVE-2025-60534). Successful exploitation can lead to full system takeover.
CVE-2025-67268 Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
CVE-2025-66848 Code Injection in jdcloud (CVE-2025-66848)
code injection in jdcloud (CVE-2025-66848). Successful exploitation can lead to full system takeover.
CVE-2025-67109 Vulnerability in eclipse (CVE-2025-67109)
vulnerability in eclipse (CVE-2025-67109). Successful exploitation can lead to full system takeover.
CVE-2025-67108 Vulnerability in eprosima (CVE-2025-67108)
vulnerability in eprosima (CVE-2025-67108). Confidential information can be exposed externally.
CVE-2025-67418 Vulnerability in oxygenz (CVE-2025-67418)
vulnerability in oxygenz (CVE-2025-67418). Successful exploitation can lead to full system takeover.
CVE-2025-67288 Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
CVE-2025-67289 Cross-Site Scripting (XSS) in frappe (CVE-2025-67289)
cross-site scripting in frappe (CVE-2025-67289). Successful exploitation can lead to full system takeover.
CVE-2025-1928 Vulnerability in restajet (CVE-2025-1928)
vulnerability in restajet (CVE-2025-1928). Confidential information can be exposed externally.
CVE-2025-56157 Vulnerability in langgenius (CVE-2025-56157)
vulnerability in langgenius (CVE-2025-56157). Successful exploitation can lead to full system takeover.
CVE-2025-65318 Vulnerability in canarymail (CVE-2025-65318)
vulnerability in canarymail (CVE-2025-65318). Confidential information can be exposed externally.
CVE-2025-65319 Vulnerability in blixhq (CVE-2025-65319)
vulnerability in blixhq (CVE-2025-65319). Confidential information can be exposed externally.
CVE-2025-59718 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2025-59718)
vulnerability in Fortinet multiple-products (CVE-2025-59718). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-65854 Code Injection in mineadmin (CVE-2025-65854)
code injection in mineadmin (CVE-2025-65854). Successful exploitation can lead to full system takeover.
CVE-2025-65882 OS Command Injection in c (CVE-2025-65882)
OS command injection in c (CVE-2025-65882). Successful exploitation can lead to full system takeover.
CVE-2025-12504 SQL Injection in sqli (CVE-2025-12504)
SQL injection in sqli (CVE-2025-12504). Successful exploitation can lead to full system takeover.
CVE-2025-59719 Vulnerability in fortinet (CVE-2025-59719)
vulnerability in fortinet (CVE-2025-59719). Successful exploitation can lead to full system takeover.
CVE-2025-11022 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
CVE-2025-64054 Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
CVE-2025-29268 ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
CVE-2025-29269 OS Command Injection in allnet (CVE-2025-29269)
OS command injection in allnet (CVE-2025-29269). Successful exploitation can lead to full system takeover.
CVE-2025-64055 Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
CVE-2025-51682 Vulnerability in mjobtime (CVE-2025-51682)
vulnerability in mjobtime (CVE-2025-51682). Successful exploitation can lead to full system takeover.
CVE-2025-51683 SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.
CVE-2025-50433 Vulnerability in monnit (CVE-2025-50433)
vulnerability in monnit (CVE-2025-50433). Successful exploitation can lead to full system takeover.
CVE-2025-65669 Vulnerability in classroomio (CVE-2025-65669)
vulnerability in classroomio (CVE-2025-65669). Data can be tampered with by attackers.
CVE-2025-61168 Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
CVE-2025-65084 Out-of-Bounds Write in ashlar (CVE-2025-65084)
out-of-bounds write in ashlar (CVE-2025-65084). Successful exploitation can lead to full system takeover.
CVE-2025-65085 Vulnerability in ashlar (CVE-2025-65085)
vulnerability in ashlar (CVE-2025-65085). Successful exploitation can lead to full system takeover.
CVE-2025-10437 SQL Injection in sqli (CVE-2025-10437)
SQL injection in sqli (CVE-2025-10437). Successful exploitation can lead to full system takeover.
CVE-2025-63747 Vulnerability in testmanagement (CVE-2025-63747)
vulnerability in testmanagement (CVE-2025-63747). Successful exploitation can lead to full system takeover.
CVE-2025-56385 SQL Injection in sqli (CVE-2025-56385)
SQL injection in sqli (CVE-2025-56385). Successful exploitation can lead to full system takeover.
CVE-2025-60724 Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
CVE-2025-10230 OS Command Injection in CVE-2025-10230 (CVE-2025-10230)
OS command injection in CVE-2025-10230 (CVE-2025-10230). Successful exploitation can lead to full system takeover.
CVE-2025-56231 Vulnerability in tonec (CVE-2025-56231)
vulnerability in tonec (CVE-2025-56231). Confidential information can be exposed externally.
CVE-2025-0987 Vulnerability in c (CVE-2025-0987)
vulnerability in c (CVE-2025-0987). Confidential information can be exposed externally.
CVE-2025-6520 SQL Injection in sqli (CVE-2025-6520)
SQL injection in sqli (CVE-2025-6520). Successful exploitation can lead to full system takeover.
CVE-2025-55754 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2025-11253 SQL Injection in sqli (CVE-2025-11253)
SQL injection in sqli (CVE-2025-11253). Successful exploitation can lead to full system takeover.
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
CVE-2025-11023 Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
CVE-2025-56447 TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
CVE-2025-56218 Unrestricted File Upload in ascertia (CVE-2025-56218)
vulnerability in ascertia (CVE-2025-56218). Successful exploitation can lead to full system takeover.
CVE-2025-57567 Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
CVE-2025-10610 SQL Injection in sqli (CVE-2025-10610)
SQL injection in sqli (CVE-2025-10610). Successful exploitation can lead to full system takeover.
CVE-2025-6919 SQL Injection in sqli (CVE-2025-6919)
SQL injection in sqli (CVE-2025-6919). Successful exploitation can lead to full system takeover.
CVE-2025-60306 Vulnerability in code-projects (CVE-2025-60306)
vulnerability in code-projects (CVE-2025-60306). Successful exploitation can lead to full system takeover.
CVE-2025-60307 SQL Injection in sqli (CVE-2025-60307)
SQL injection in sqli (CVE-2025-60307). Successful exploitation can lead to full system takeover.
CVE-2025-0603 SQL Injection in sqli (CVE-2025-0603)
SQL injection in sqli (CVE-2025-0603). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →