32,772 indexed
CVECVE vulnerabilities
32,772 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 6,101–6,150 of 8,314 in Critical · page 123 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-32303 | CVE-2025-32303 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue a… |
| CVE-2025-32292 | CVE-2025-32292 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in AncoraThemes Jarvis – Night Club, Concert, Festival WordPress jarvis allows Object Injection.This issue affe… |
| CVE-2025-32291 | CVE-2025-32291 CVSS 10.0 | Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Using Malicious Files.This issue affects SUMO… |
| CVE-2025-32222 | CVE-2025-32222 CVSS 9.9 | Improper Control of Generation of Code ('Code Injection') vulnerability in Widgetlogic.org Widget Logic widget-logic allows Code Injection.This issue affects W… |
| CVE-2025-32206 | CVE-2025-32206 CVSS 9.1 | Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects processing-projects allows Upload a Web Shell to a Web Server.This … |
| CVE-2025-32202 | CVE-2025-32202 CVSS 9.1 | Unrestricted Upload of File with Dangerous Type vulnerability in Brian Batt - elearningfreak.com Insert or Embed Articulate Content into WordPress insert-or-em… |
| CVE-2025-3220 | CVE-2025-3220 CVSS 9.8 | A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functiona… |
| CVE-2025-3217 | CVE-2025-3217 CVSS 9.8 | A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /r… |
| CVE-2025-3216 | CVE-2025-3216 CVSS 9.8 | A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been classified as critical. This affects an unknown part of the file /password-r… |
| CVE-2025-32140 | CVE-2025-32140 CVSS 9.9 | Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail wp-remote-thumbnail allows Upload a Web Shell to a Web Se… |
| CVE-2025-3213 | CVE-2025-3213 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.ph… |
| CVE-2025-32118 | CVE-2025-32118 CVSS 9.1 | Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP – Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious… |
| CVE-2025-32106 | CVE-2025-32106 CVSS 9.8 | In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's ability to execute unauthor… |
| CVE-2025-32105 | CVE-2025-32105 CVSS 9.8 | A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution. |
| CVE-2025-3209 | CVE-2025-3209 CVSS 9.8 | A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown… |
| CVE-2025-32058 | CVE-2025-32058 CVSS 9.3 | The Infotainment ECU manufactured by Bosch uses a RH850 module for CAN communication. RH850 is connected to infotainment over the INC interface through a custo… |
| CVE-2025-3204 | CVE-2025-3204 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in CodeAstro Car Rental System 1.0. Affected by this issue is some unknown functionality of t… |
| CVE-2025-32028 | CVE-2025-32028 CVSS 9.9 | HAX CMS PHP allows you to manage your microsite universe with PHP backend. Multiple file upload functions within the HAX CMS PHP application call a ’save’ func… |
| CVE-2025-3202 | CVE-2025-3202 CVSS 9.1 | A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/s… |
| CVE-2025-32011 | CVE-2025-32011 CVSS 9.8 | KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication bypass vulnerability where a remote attacker can bypass authentication to get access due to… |
| CVE-2025-32010 | CVE-2025-32010 CVSS 9.8 | A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead t… |
| CVE-2025-32002 | CVE-2025-32002 CVSS 9.8 | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in I-O DATA network attached hard disk 'HDL-T Series' f… |
| CVE-2025-3200 | CVE-2025-3200 CVSS 9.1 | An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between … |
| CVE-2025-31998 | CVE-2025-31998 CVSS 9.8 | HCL Unica Centralized Offer Management is vulnerable to poor unhandled exceptions which exposes sensitive information. An attacker can exploit use this inform… |
| CVE-2025-31993 | CVE-2025-31993 CVSS 9.8 | HCL Unica Centralized Offer Management is vulnerable to a potential Server-Side Request Forgery (SSRF). An attacker can exploit improper input validation by su… |
| CVE-2025-3199 | CVE-2025-3199 CVSS 9.8 | A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-mo… |
| CVE-2025-31973 | CVE-2025-31973 CVSS 9.8 | HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introd… |
| CVE-2025-3195 | CVE-2025-3195 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown proc… |
| CVE-2025-31927 | CVE-2025-31927 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This issue affects Acerola: from n/a through 1.6.5. |
| CVE-2025-31919 | CVE-2025-31919 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7. |
| CVE-2025-31918 | CVE-2025-31918 CVSS 9.8 | Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue… |
| CVE-2025-31916 | CVE-2025-31916 CVSS 9.0 | Unrestricted Upload of File with Dangerous Type vulnerability in joy2012bd JP Students Result Management System Premium allows Upload a Web Shell to a Web Serv… |
| CVE-2025-31914 | CVE-2025-31914 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Pixel WordPress Form BuilderPlugin & Autores… |
| CVE-2025-31911 | CVE-2025-31911 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems Social Share And Social Locker social-s… |
| CVE-2025-3188 | CVE-2025-3188 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul e-Diary Management System 1.0. This affects an unknown part of the file /add-notes.php. The… |
| CVE-2025-3187 | CVE-2025-3187 CVSS 9.8 | A vulnerability was found in PHPGurukul e-Diary Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of t… |
| CVE-2025-3186 | CVE-2025-3186 CVSS 9.8 | A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an… |
| CVE-2025-3185 | CVE-2025-3185 CVSS 9.8 | A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been classified as critical. Affected is an unknown function of… |
| CVE-2025-3184 | CVE-2025-3184 CVSS 9.8 | A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing … |
| CVE-2025-3183 | CVE-2025-3183 CVSS 9.8 | A vulnerability has been found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This vulnerability affects unknown cod… |
| CVE-2025-3182 | CVE-2025-3182 CVSS 9.8 | A vulnerability, which was classified as critical, was found in projectworlds Online Doctor Appointment Booking System 1.0. This affects an unknown part of the… |
| CVE-2025-3181 | CVE-2025-3181 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this issue is some… |
| CVE-2025-3180 | CVE-2025-3180 CVSS 9.8 | A vulnerability classified as critical was found in projectworlds Online Doctor Appointment Booking System 1.0. Affected by this vulnerability is an unknown fu… |
| CVE-2025-3179 | CVE-2025-3179 CVSS 9.8 | A vulnerability classified as critical has been found in projectworlds Online Doctor Appointment Booking System 1.0. Affected is an unknown function of the fil… |
| CVE-2025-3178 | CVE-2025-3178 CVSS 9.8 | A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been rated as critical. This issue affects some unknown process… |
| CVE-2025-3176 | CVE-2025-3176 CVSS 9.8 | A vulnerability was found in Project Worlds Online Lawyer Management System 1.0. It has been classified as critical. This affects an unknown part of the file /… |
| CVE-2025-3175 | CVE-2025-3175 CVSS 9.8 | A vulnerability was found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this issue is some unknown functionalit… |
| CVE-2025-3174 | CVE-2025-3174 CVSS 9.8 | A vulnerability has been found in Project Worlds Online Lawyer Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown f… |
| CVE-2025-3173 | CVE-2025-3173 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the file… |
| CVE-2025-3172 | CVE-2025-3172 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Project Worlds Online Lawyer Management System 1.0. This issue affects some unknown proces… |