32,772 indexed
CVECVE vulnerabilities
32,772 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 5,651–5,700 of 8,314 in Critical · page 114 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-4071 | CVE-2025-4071 CVSS 9.8 | A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the f… |
| CVE-2025-4070 | CVE-2025-4070 CVSS 9.8 | A vulnerability, which was classified as critical, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /admin/cha… |
| CVE-2025-40692 | CVE-2025-40692 CVSS 9.8 | SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via '… |
| CVE-2025-40691 | CVE-2025-40691 CVSS 9.8 | SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via '… |
| CVE-2025-40690 | CVE-2025-40690 CVSS 9.8 | SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via 'te… |
| CVE-2025-40689 | CVE-2025-40689 CVSS 9.8 | SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via '… |
| CVE-2025-40687 | CVE-2025-40687 CVSS 9.8 | SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This vulnerability allows an attacker to retrieve, create, update and delete database via '… |
| CVE-2025-40682 | CVE-2025-40682 CVSS 9.8 | SQL injection vulnerability in Human Resource Management System version 1.0, which allows an attacker to retrieve, create, update and delete databases via the … |
| CVE-2025-40666 | CVE-2025-40666 CVSS 9.8 | Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID par… |
| CVE-2025-40665 | CVE-2025-40665 CVSS 9.8 | Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID par… |
| CVE-2025-40664 | CVE-2025-40664 CVSS 9.1 | Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestio… |
| CVE-2025-4066 | CVE-2025-4066 CVSS 9.8 | A vulnerability was found in ScriptAndTools Online-Travling-System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /… |
| CVE-2025-40657 | CVE-2025-40657 CVSS 9.8 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases thro… |
| CVE-2025-40656 | CVE-2025-40656 CVSS 9.8 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases thro… |
| CVE-2025-40655 | CVE-2025-40655 CVSS 9.8 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases thro… |
| CVE-2025-40654 | CVE-2025-40654 CVSS 9.8 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases thro… |
| CVE-2025-40639 | CVE-2025-40639 CVSS 9.8 | A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the '… |
| CVE-2025-40625 | CVE-2025-40625 CVSS 9.8 | Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file … |
| CVE-2025-40624 | CVE-2025-40624 CVSS 9.8 | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information… |
| CVE-2025-40623 | CVE-2025-40623 CVSS 9.8 | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information… |
| CVE-2025-40622 | CVE-2025-40622 CVSS 9.8 | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information… |
| CVE-2025-40621 | CVE-2025-40621 CVSS 9.8 | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information… |
| CVE-2025-40620 | CVE-2025-40620 CVSS 9.8 | SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information… |
| CVE-2025-40618 | CVE-2025-40618 CVSS 9.8 | SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request t… |
| CVE-2025-40617 | CVE-2025-40617 CVSS 9.8 | SQL injection vulnerability in Bookgy. This vulnerability could allow an attacker to retrieve, create, update and delete databases by sending an HTTP request t… |
| CVE-2025-40604 | CVE-2025-40604 CVSS 9.8 | Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, all… |
| CVE-2025-40600 | CVE-2025-40600 CVSS 9.8 | Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. |
| CVE-2025-4060 | CVE-2025-4060 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file… |
| CVE-2025-40599 | CVE-2025-40599 CVSS 9.1 | An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges ca… |
| CVE-2025-40594 | CVE-2025-40594 CVSS 9.8 | A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions < V6.4 HF7), SINAMICS S210 V6.4 (All vers… |
| CVE-2025-40585 | CVE-2025-40585 CVSS 9.9 | A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow … |
| CVE-2025-4058 | CVE-2025-4058 CVSS 9.8 | A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of the file /Bloodgroop_proc… |
| CVE-2025-40566 | CVE-2025-40566 CVSS 9.8 | A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1). Affected produ… |
| CVE-2025-40554 | CVE-2025-40554 CVSS 9.8 | SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific a… |
| CVE-2025-40553 | CVE-2025-40553 CVSS 9.8 | SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would a… |
| CVE-2025-40552 | CVE-2025-40552 CVSS 9.8 | SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute acti… |
| CVE-2025-40551 | SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability KEVCVSS 9.8SolarWinds | SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to … |
| CVE-2025-40549 | CVE-2025-40549 CVSS 9.1 | A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute … |
| CVE-2025-40548 | CVE-2025-40548 CVSS 9.1 | A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This iss… |
| CVE-2025-40547 | CVE-2025-40547 CVSS 9.1 | A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This… |
| CVE-2025-40536 | SolarWinds Web Help Desk Security Control Bypass Vulnerability KEVCVSS 9.8SolarWinds | SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted fun… |
| CVE-2025-4052 | CVE-2025-4052 CVSS 9.8 | Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestur… |
| CVE-2025-4039 | CVE-2025-4039 CVSS 9.8 | A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of… |
| CVE-2025-4036 | CVE-2025-4036 CVSS 9.8 | A vulnerability was found in 201206030 Novel 3.5.0 and classified as critical. This issue affects the function updateBookChapter of the file src/main/java/io/g… |
| CVE-2025-4034 | CVE-2025-4034 CVSS 9.8 | A vulnerability classified as critical was found in projectworlds Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of … |
| CVE-2025-4033 | CVE-2025-4033 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. Affected is an unknown function of the file /pat… |
| CVE-2025-4031 | CVE-2025-4031 CVSS 9.8 | A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file… |
| CVE-2025-4030 | CVE-2025-4030 CVSS 9.8 | A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been classified as critical. This affects an unknown part of the file /se… |
| CVE-2025-4028 | CVE-2025-4028 CVSS 9.8 | A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown fun… |
| CVE-2025-4027 | CVE-2025-4027 CVSS 9.8 | A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /adm… |