33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,051–7,100 of 8,314 in Critical · page 142 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-22133 | CVE-2025-22133 CVSS 9.9 | WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/control… |
| CVE-2025-2188 | CVE-2025-2188 CVSS 9.1 | There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity. |
| CVE-2025-21624 | CVE-2025-21624 CVSS 9.8 | ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the… |
| CVE-2025-21622 | CVE-2025-21622 CVSS 9.1 | ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any t… |
| CVE-2025-21619 | CVE-2025-21619 CVSS 9.8 | GLPI is a free asset and IT management software package. An administrator user can perfom a SQL injection through the rules configuration forms. This vulnerabi… |
| CVE-2025-21613 | CVE-2025-21613 CVSS 9.8 | go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.… |
| CVE-2025-21609 | CVE-2025-21609 CVSS 9.1 | SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnera… |
| CVE-2025-21589 | CVE-2025-21589 CVSS 9.8 | An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allows a network-based attacker to bypas… |
| CVE-2025-21556 | CVE-2025-21556 CVSS 9.9 | Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Integration Services). The supported version that is affecte… |
| CVE-2025-21547 | CVE-2025-21547 CVSS 9.1 | Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Supported versions that are affected ar… |
| CVE-2025-21535 | CVE-2025-21535 CVSS 9.8 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14… |
| CVE-2025-21524 | CVE-2025-21524 CVSS 9.8 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Supported versions that are affe… |
| CVE-2025-2152 | CVE-2025-2152 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImport… |
| CVE-2025-21483 | CVE-2025-21483 CVSS 9.8 | Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. |
| CVE-2025-2146 | CVE-2025-2146 CVSS 9.8 | Buffer overflow in WebService Authentication processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network… |
| CVE-2025-21450 | CVE-2025-21450 CVSS 9.1 | Cryptographic issue occurs due to use of insecure connection method while downloading. |
| CVE-2025-21355 | CVE-2025-21355 CVSS 9.8 | Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network |
| CVE-2025-21311 | CVE-2025-21311 CVSS 9.8 | Windows NTLM V1 Elevation of Privilege Vulnerability |
| CVE-2025-21307 | CVE-2025-21307 CVSS 9.8 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability |
| CVE-2025-21298 | CVE-2025-21298 CVSS 9.8 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2025-21198 | CVE-2025-21198 CVSS 9.0 | Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability |
| CVE-2025-2115 | CVE-2025-2115 CVSS 9.8 | A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement Management System 3.1. Affected is the function ProcessRequest of t… |
| CVE-2025-2113 | CVE-2025-2113 CVSS 9.8 | A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of th… |
| CVE-2025-2112 | CVE-2025-2112 CVSS 9.8 | A vulnerability was found in user-xiangpeng yaoqishan up to a47fec4a31cbd13698c592dfdc938c8824dd25e4. It has been declared as critical. Affected by this vulner… |
| CVE-2025-21043 | Samsung Mobile Devices Out-of-Bounds Write Vulnerability KEVCVSS 9.8Samsung | Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code. |
| CVE-2025-21042 | Samsung Mobile Devices Out-of-Bounds Write Vulnerability KEVCVSS 9.8Samsung | Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbit… |
| CVE-2025-2097 | CVE-2025-2097 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg o… |
| CVE-2025-20968 | CVE-2025-20968 CVSS 9.1 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows r… |
| CVE-2025-20967 | CVE-2025-20967 CVSS 9.1 | Improper access control in Samsung Gallery prior to version 14.5.10.3 in Global Android 13, 14.5.09.3 in China Android 13, and 15.5.04.5 in Android 14 allows a… |
| CVE-2025-2096 | CVE-2025-2096 CVSS 9.8 | A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This vulnerability affects the function setRebootScheCfg of the fi… |
| CVE-2025-2095 | CVE-2025-2095 CVSS 9.8 | A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This affects the function setDmzCfg of the file /cgi-bin/cste… |
| CVE-2025-20949 | CVE-2025-20949 CVSS 9.1 | Path traversal vulnerability in Samsung Members prior to version 5.0.00.11 allows attackers to read and write arbitrary file with the privilege of Samsung Memb… |
| CVE-2025-2094 | CVE-2025-2094 CVSS 9.8 | A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConf… |
| CVE-2025-2088 | CVE-2025-2088 CVSS 9.8 | A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System up to 1.0. Affected is an unknown function of the file … |
| CVE-2025-20684 | CVE-2025-20684 CVSS 9.8 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User executi… |
| CVE-2025-20683 | CVE-2025-20683 CVSS 9.8 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User executi… |
| CVE-2025-20682 | CVE-2025-20682 CVSS 9.8 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User executi… |
| CVE-2025-20681 | CVE-2025-20681 CVSS 9.8 | In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User executi… |
| CVE-2025-20680 | CVE-2025-20680 CVSS 9.8 | In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execu… |
| CVE-2025-20674 | CVE-2025-20674 CVSS 9.8 | In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission check. This could lead to remote escalation of privilege with… |
| CVE-2025-20672 | CVE-2025-20672 CVSS 9.8 | In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execu… |
| CVE-2025-2067 | CVE-2025-2067 CVSS 9.8 | A vulnerability was found in projectworlds Life Insurance Management System 1.0 and classified as critical. This issue affects some unknown processing of the f… |
| CVE-2025-2066 | CVE-2025-2066 CVSS 9.8 | A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the… |
| CVE-2025-20654 | CVE-2025-20654 CVSS 9.8 | In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional executio… |
| CVE-2025-2065 | CVE-2025-2065 CVSS 9.8 | A vulnerability, which was classified as critical, was found in projectworlds Life Insurance Management System 1.0. This affects an unknown part of the file /e… |
| CVE-2025-20646 | CVE-2025-20646 CVSS 9.8 | In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional e… |
| CVE-2025-2064 | CVE-2025-2064 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in projectworlds Life Insurance Management System 1.0. Affected by this issue is some unknown… |
| CVE-2025-20634 | CVE-2025-20634 CVSS 9.8 | In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue bas… |
| CVE-2025-2063 | CVE-2025-2063 CVSS 9.8 | A vulnerability classified as critical was found in projectworlds Life Insurance Management System 1.0. Affected by this vulnerability is an unknown functional… |
| CVE-2025-2062 | CVE-2025-2062 CVSS 9.8 | A vulnerability classified as critical has been found in projectworlds Life Insurance Management System 1.0. Affected is an unknown function of the file /clien… |