32,086 indexed
CVECVE vulnerabilities
32,086 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 5,401–5,450 of 8,314 in Critical · page 109 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-43595 | CVE-2025-43595 CVSS 9.8 | An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a low privileged user to execute commands with root privileges in the 'Onli… |
| CVE-2025-4359 | CVE-2025-4359 CVSS 9.8 | A vulnerability classified as critical was found in itsourcecode Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the f… |
| CVE-2025-4358 | CVE-2025-4358 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-p… |
| CVE-2025-4357 | CVE-2025-4357 CVSS 9.8 | A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet.… |
| CVE-2025-43567 | CVE-2025-43567 CVSS 9.3 | Adobe Connect versions 12.8 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject mali… |
| CVE-2025-43564 | CVE-2025-43564 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system re… |
| CVE-2025-43563 | CVE-2025-43563 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system re… |
| CVE-2025-43562 | CVE-2025-43562 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Inje… |
| CVE-2025-43561 | CVE-2025-43561 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution… |
| CVE-2025-43560 | CVE-2025-43560 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code executi… |
| CVE-2025-4356 | CVE-2025-4356 CVSS 9.8 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handle… |
| CVE-2025-43559 | CVE-2025-43559 CVSS 9.1 | ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code executi… |
| CVE-2025-4355 | CVE-2025-4355 CVSS 9.8 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. … |
| CVE-2025-4354 | CVE-2025-4354 CVSS 9.8 | A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /sto… |
| CVE-2025-4353 | CVE-2025-4353 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Brilliance Golden Link Secondary System up to 20250424. Affected is an unknown function of the … |
| CVE-2025-43526 | CVE-2025-43526 CVSS 9.8 | This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content o… |
| CVE-2025-4352 | CVE-2025-4352 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Brilliance Golden Link Secondary System up to 20250424. This issue affects some unknown pr… |
| CVE-2025-4350 | CVE-2025-4350 CVSS 9.8 | A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This vulnerability affects the function wake_on_lan. The manipulation of the… |
| CVE-2025-43491 | CVE-2025-43491 CVSS 9.8 | A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow modifications to the filesystem, which might lead to SYSTEM le… |
| CVE-2025-4349 | CVE-2025-4349 CVSS 9.8 | A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This affects the function formSysCmd. The manipulation of the argument … |
| CVE-2025-4348 | CVE-2025-4348 CVSS 9.8 | A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulat… |
| CVE-2025-4347 | CVE-2025-4347 CVSS 9.8 | A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. … |
| CVE-2025-4346 | CVE-2025-4346 CVSS 9.8 | A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation… |
| CVE-2025-4345 | CVE-2025-4345 CVSS 9.8 | A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argu… |
| CVE-2025-4344 | CVE-2025-4344 CVSS 9.8 | A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the arg… |
| CVE-2025-4343 | CVE-2025-4343 CVSS 9.8 | A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The ma… |
| CVE-2025-43428 | CVE-2025-43428 CVSS 9.8 | A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in t… |
| CVE-2025-4342 | CVE-2025-4342 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3… |
| CVE-2025-4341 | CVE-2025-4341 CVSS 9.8 | A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdoc… |
| CVE-2025-4340 | CVE-2025-4340 CVSS 9.8 | A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /h… |
| CVE-2025-43362 | CVE-2025-43362 CVSS 9.8 | The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes w… |
| CVE-2025-4336 | CVE-2025-4336 CVSS 9.8 | The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() … |
| CVE-2025-43359 | CVE-2025-43359 CVSS 9.8 | A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS So… |
| CVE-2025-43347 | CVE-2025-43347 CVSS 9.8 | This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An inp… |
| CVE-2025-43343 | CVE-2025-43343 CVSS 9.8 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26… |
| CVE-2025-43342 | CVE-2025-43342 CVSS 9.8 | A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS … |
| CVE-2025-4334 | CVE-2025-4334 CVSS 9.8 | The Simple User Registration plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3. This is due to insufficient … |
| CVE-2025-4332 | CVE-2025-4332 CVSS 9.8 | A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality … |
| CVE-2025-4331 | CVE-2025-4331 CVSS 9.8 | A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Ad… |
| CVE-2025-43300 | Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability KEVCVSS 10.0Apple | Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework. |
| CVE-2025-43275 | CVE-2025-43275 CVSS 9.8 | A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be … |
| CVE-2025-43273 | CVE-2025-43273 CVSS 9.1 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.8. A sandboxed process may b… |
| CVE-2025-43261 | CVE-2025-43261 CVSS 9.8 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to b… |
| CVE-2025-43253 | CVE-2025-43253 CVSS 9.8 | This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch … |
| CVE-2025-43245 | CVE-2025-43245 CVSS 9.8 | A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7… |
| CVE-2025-43244 | CVE-2025-43244 CVSS 9.8 | A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may b… |
| CVE-2025-43243 | CVE-2025-43243 CVSS 9.8 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app ma… |
| CVE-2025-43237 | CVE-2025-43237 CVSS 9.8 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected sys… |
| CVE-2025-43234 | CVE-2025-43234 CVSS 9.8 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6… |
| CVE-2025-43233 | CVE-2025-43233 CVSS 9.8 | This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious a… |