33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 6,901–6,950 of 8,314 in Critical · page 139 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-2395 | CVE-2025-2395 CVSS 9.8 | The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter … |
| CVE-2025-23942 | CVE-2025-23942 CVSS 9.1 | Unrestricted Upload of File with Dangerous Type vulnerability in ngocuct0912 WP Load Gallery wp-load-gallery allows Upload a Web Shell to a Web Server.This iss… |
| CVE-2025-23932 | CVE-2025-23932 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through <= … |
| CVE-2025-23931 | CVE-2025-23931 CVSS 9.3 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows B… |
| CVE-2025-23922 | CVE-2025-23922 CVSS 10.0 | Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Em… |
| CVE-2025-23921 | CVE-2025-23921 CVSS 9.0 | Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web S… |
| CVE-2025-23918 | CVE-2025-23918 CVSS 9.9 | Unrestricted Upload of File with Dangerous Type vulnerability in Enrico Sandoli Smallerik File Browser smallerik-file-browser allows Upload a Web Shell to a We… |
| CVE-2025-23914 | CVE-2025-23914 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in muzaara Muzaara Google Ads Report muzaara-adwords-optimize-dashboard allows Object Injection.This issue affe… |
| CVE-2025-2391 | CVE-2025-2391 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Blood Bank Management System 1.0. This vulnerability affects unknown code of the file /admin/… |
| CVE-2025-2387 | CVE-2025-2387 CVSS 9.8 | A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been classified as critical. Affected is an unknown function of the file /a… |
| CVE-2025-2386 | CVE-2025-2386 CVSS 9.8 | A vulnerability was found in PHPGurukul Local Services Search Engine Management System 1.0 and classified as critical. This issue affects some unknown processi… |
| CVE-2025-2385 | CVE-2025-2385 CVSS 9.8 | A vulnerability has been found in code-projects Modern Bag 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The … |
| CVE-2025-2383 | CVE-2025-2383 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Appointment Management System 1.0. Affected by this issue is some unknow… |
| CVE-2025-2382 | CVE-2025-2382 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of… |
| CVE-2025-2381 | CVE-2025-2381 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Affected is an unknown function of the file /admin/sea… |
| CVE-2025-2380 | CVE-2025-2380 CVSS 9.8 | A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of … |
| CVE-2025-23797 | CVE-2025-23797 CVSS 9.8 | Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor wp-options-editor allows Privilege Escalation.This issue affects WP Options … |
| CVE-2025-2379 | CVE-2025-2379 CVSS 9.8 | A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of … |
| CVE-2025-2372 | CVE-2025-2372 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This affects an unknown part of the fi… |
| CVE-2025-2370 | CVE-2025-2370 CVSS 9.8 | A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function se… |
| CVE-2025-2369 | CVE-2025-2369 CVSS 9.8 | A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the … |
| CVE-2025-2363 | CVE-2025-2363 CVSS 9.8 | A vulnerability classified as critical has been found in lenve VBlog up to 1.0.0. Affected is the function uploadImg of the file blogserver/src/main/java/org/s… |
| CVE-2025-2362 | CVE-2025-2362 CVSS 9.8 | A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file… |
| CVE-2025-2360 | CVE-2025-2360 CVSS 9.8 | A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the fi… |
| CVE-2025-2359 | CVE-2025-2359 CVSS 9.8 | A vulnerability classified as critical has been found in D-Link DIR-823G 1.0.2B05_20181207. Affected is the function SetDDNSSettings of the file /HNAP1/ of the… |
| CVE-2025-23504 | CVE-2025-23504 CVSS 9.8 | Authentication Bypass Using an Alternate Path or Channel vulnerability in RiceTheme Felan Framework felan-framework allows Authentication Abuse.This issue affe… |
| CVE-2025-2345 | CVE-2025-2345 CVSS 9.8 | A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipu… |
| CVE-2025-23410 | CVE-2025-23410 CVSS 9.8 | When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and inspect the files and will not check for path traversal in supp… |
| CVE-2025-23394 | CVE-2025-23394 CVSS 9.8 | A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumb… |
| CVE-2025-23391 | CVE-2025-23391 CVSS 9.1 | A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their a… |
| CVE-2025-23360 | CVE-2025-23360 CVSS 9.8 | NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this v… |
| CVE-2025-23344 | CVE-2025-23344 CVSS 9.8 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the platform host as a non-privileged user. A successful exploit of thi… |
| CVE-2025-23343 | CVE-2025-23343 CVSS 9.8 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of this vulnerability ma… |
| CVE-2025-23342 | CVE-2025-23342 CVSS 9.8 | The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a privileged account . A successful exploit of this vulnerability ma… |
| CVE-2025-2334 | CVE-2025-2334 CVSS 9.1 | A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/… |
| CVE-2025-23327 | CVE-2025-23327 CVSS 9.1 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted input… |
| CVE-2025-2332 | CVE-2025-2332 CVSS 9.8 | The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 v… |
| CVE-2025-23319 | CVE-2025-23319 CVSS 9.8 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by se… |
| CVE-2025-23318 | CVE-2025-23318 CVSS 9.8 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A su… |
| CVE-2025-23317 | CVE-2025-23317 CVSS 9.8 | NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP r… |
| CVE-2025-23316 | CVE-2025-23316 CVSS 9.8 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause a remote code execution by m… |
| CVE-2025-23311 | CVE-2025-23311 CVSS 9.8 | NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful ex… |
| CVE-2025-23310 | CVE-2025-23310 CVSS 9.8 | NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. … |
| CVE-2025-23304 | CVE-2025-23304 CVSS 9.8 | NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo fi… |
| CVE-2025-23303 | CVE-2025-23303 CVSS 9.8 | NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A succe… |
| CVE-2025-23268 | CVE-2025-23268 CVSS 9.8 | NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may cause an improper input validation issue. A successful exploi… |
| CVE-2025-23266 | CVE-2025-23266 CVSS 9.0 | NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary c… |
| CVE-2025-23251 | CVE-2025-23251 CVSS 9.8 | NVIDIA NeMo Framework contains a vulnerability where a user could cause an improper control of generation of code by remote code execution. A successful exploi… |
| CVE-2025-23250 | CVE-2025-23250 CVSS 9.8 | NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper limitation of a pathname to a restricted directory by an arbitrary fil… |
| CVE-2025-23249 | CVE-2025-23249 CVSS 9.8 | NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of t… |