Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-12543 |
|
Vulnerability in redhat (CVE-2025-12543)
vulnerability in redhat (CVE-2025-12543). Confidential information can be exposed externally. Exploitable via `Host header`.
|
| CVE-2025-60534 |
|
Authentication Bypass in blueaccesstech (CVE-2025-60534)
authentication bypass in blueaccesstech (CVE-2025-60534). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67268 |
|
Vulnerability in c (CVE-2025-67268)
vulnerability in c (CVE-2025-67268). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66848 |
|
Code Injection in jdcloud (CVE-2025-66848)
code injection in jdcloud (CVE-2025-66848). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67109 |
|
Vulnerability in eclipse (CVE-2025-67109)
vulnerability in eclipse (CVE-2025-67109). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67108 |
|
Vulnerability in eprosima (CVE-2025-67108)
vulnerability in eprosima (CVE-2025-67108). Confidential information can be exposed externally.
|
| CVE-2025-67418 |
|
Vulnerability in oxygenz (CVE-2025-67418)
vulnerability in oxygenz (CVE-2025-67418). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67288 |
|
Unrestricted File Upload in umbraco (CVE-2025-67288)
vulnerability in umbraco (CVE-2025-67288). Successful exploitation can lead to full system takeover.
|
| CVE-2025-67289 |
|
Cross-Site Scripting (XSS) in frappe (CVE-2025-67289)
cross-site scripting in frappe (CVE-2025-67289). Successful exploitation can lead to full system takeover.
|
| CVE-2025-1928 |
|
Vulnerability in restajet (CVE-2025-1928)
vulnerability in restajet (CVE-2025-1928). Confidential information can be exposed externally.
|
| CVE-2025-56157 |
|
Vulnerability in langgenius (CVE-2025-56157)
vulnerability in langgenius (CVE-2025-56157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65318 |
|
Vulnerability in canarymail (CVE-2025-65318)
vulnerability in canarymail (CVE-2025-65318). Confidential information can be exposed externally.
|
| CVE-2025-65319 |
|
Vulnerability in blixhq (CVE-2025-65319)
vulnerability in blixhq (CVE-2025-65319). Confidential information can be exposed externally.
|
| CVE-2025-59718 KEV |
|
[KEV] Vulnerability in Fortinet multiple-products (CVE-2025-59718)
vulnerability in Fortinet multiple-products (CVE-2025-59718). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-65854 |
|
Code Injection in mineadmin (CVE-2025-65854)
code injection in mineadmin (CVE-2025-65854). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65882 |
|
OS Command Injection in c (CVE-2025-65882)
OS command injection in c (CVE-2025-65882). Successful exploitation can lead to full system takeover.
|
| CVE-2025-12504 |
|
SQL Injection in sqli (CVE-2025-12504)
SQL injection in sqli (CVE-2025-12504). Successful exploitation can lead to full system takeover.
|
| CVE-2025-59719 |
|
Vulnerability in fortinet (CVE-2025-59719)
vulnerability in fortinet (CVE-2025-59719). Successful exploitation can lead to full system takeover.
|
| CVE-2025-11022 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64054 |
|
Cross-Site Scripting (XSS) in dos (CVE-2025-64054)
cross-site scripting in dos (CVE-2025-64054). Successful exploitation can lead to full system takeover.
|
| CVE-2025-29268 |
|
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library.
|
| CVE-2025-29269 |
|
OS Command Injection in allnet (CVE-2025-29269)
OS command injection in allnet (CVE-2025-29269). Successful exploitation can lead to full system takeover.
|
| CVE-2025-64055 |
|
Authentication Bypass in fanvil (CVE-2025-64055)
authentication bypass in fanvil (CVE-2025-64055). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51682 |
|
Vulnerability in mjobtime (CVE-2025-51682)
vulnerability in mjobtime (CVE-2025-51682). Successful exploitation can lead to full system takeover.
|
| CVE-2025-51683 |
|
SQL Injection in sqli (CVE-2025-51683)
SQL injection in sqli (CVE-2025-51683). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50433 |
|
Vulnerability in monnit (CVE-2025-50433)
vulnerability in monnit (CVE-2025-50433). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65669 |
|
Vulnerability in classroomio (CVE-2025-65669)
vulnerability in classroomio (CVE-2025-65669). Data can be tampered with by attackers.
|
| CVE-2025-61168 |
|
Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65084 |
|
Out-of-Bounds Write in ashlar (CVE-2025-65084)
out-of-bounds write in ashlar (CVE-2025-65084). Successful exploitation can lead to full system takeover.
|
| CVE-2025-65085 |
|
Vulnerability in ashlar (CVE-2025-65085)
vulnerability in ashlar (CVE-2025-65085). Successful exploitation can lead to full system takeover.
|
| CVE-2025-10437 |
|
SQL Injection in sqli (CVE-2025-10437)
SQL injection in sqli (CVE-2025-10437). Successful exploitation can lead to full system takeover.
|
| CVE-2025-63747 |
|
Vulnerability in testmanagement (CVE-2025-63747)
vulnerability in testmanagement (CVE-2025-63747). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56385 |
|
SQL Injection in sqli (CVE-2025-56385)
SQL injection in sqli (CVE-2025-56385). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60724 |
|
Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
|
| CVE-2025-10230 |
|
OS Command Injection in CVE-2025-10230 (CVE-2025-10230)
OS command injection in CVE-2025-10230 (CVE-2025-10230). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56231 |
|
Vulnerability in tonec (CVE-2025-56231)
vulnerability in tonec (CVE-2025-56231). Confidential information can be exposed externally.
|
| CVE-2025-0987 |
|
Vulnerability in c (CVE-2025-0987)
vulnerability in c (CVE-2025-0987). Confidential information can be exposed externally.
|
| CVE-2025-6520 |
|
SQL Injection in sqli (CVE-2025-6520)
SQL injection in sqli (CVE-2025-6520). Successful exploitation can lead to full system takeover.
|
| CVE-2025-55754 |
|
Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55754). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
|
| CVE-2025-11253 |
|
SQL Injection in sqli (CVE-2025-11253)
SQL injection in sqli (CVE-2025-11253). Successful exploitation can lead to full system takeover.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11023 |
|
Vulnerability in CVE-2025-11023 (CVE-2025-11023)
vulnerability in CVE-2025-11023 (CVE-2025-11023). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56447 |
|
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
|
| CVE-2025-56218 |
|
Unrestricted File Upload in ascertia (CVE-2025-56218)
vulnerability in ascertia (CVE-2025-56218). Successful exploitation can lead to full system takeover.
|
| CVE-2025-57567 |
|
Code Injection in CVE-2025-57567 (CVE-2025-57567)
code injection in CVE-2025-57567 (CVE-2025-57567). Successful exploitation can lead to full system takeover.
|
| CVE-2025-10610 |
|
SQL Injection in sqli (CVE-2025-10610)
SQL injection in sqli (CVE-2025-10610). Successful exploitation can lead to full system takeover.
|
| CVE-2025-6919 |
|
SQL Injection in sqli (CVE-2025-6919)
SQL injection in sqli (CVE-2025-6919). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60306 |
|
Vulnerability in code-projects (CVE-2025-60306)
vulnerability in code-projects (CVE-2025-60306). Successful exploitation can lead to full system takeover.
|
| CVE-2025-60307 |
|
SQL Injection in sqli (CVE-2025-60307)
SQL injection in sqli (CVE-2025-60307). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0603 |
|
SQL Injection in sqli (CVE-2025-0603)
SQL injection in sqli (CVE-2025-0603). Successful exploitation can lead to full system takeover.
|