33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,101–7,150 of 8,314 in Critical · page 143 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-2060 | CVE-2025-2060 CVSS 9.8 | A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as critical. This affects an unknown part of the file /ad… |
| CVE-2025-2059 | CVE-2025-2059 CVSS 9.8 | A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality … |
| CVE-2025-2058 | CVE-2025-2058 CVSS 9.8 | A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as critical. Affected by this vulnerability is an unknown fun… |
| CVE-2025-2057 | CVE-2025-2057 CVSS 9.8 | A vulnerability, which was classified as critical, was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /… |
| CVE-2025-2050 | CVE-2025-2050 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an u… |
| CVE-2025-2046 | CVE-2025-2046 CVSS 9.8 | A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionalit… |
| CVE-2025-2041 | CVE-2025-2041 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functional… |
| CVE-2025-20393 | Cisco Multiple Products Improper Input Validation Vulnerability KEVCVSS 10.0Cisco | Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat a… |
| CVE-2025-20363 | CVE-2025-20363 CVSS 9.0 | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, C… |
| CVE-2025-2036 | CVE-2025-2036 CVSS 9.8 | A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0. It has been classified as critical. This affects an unknown part of the file details.php.… |
| CVE-2025-20358 | CVE-2025-20358 CVSS 9.8 | A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentic… |
| CVE-2025-20354 | CVE-2025-20354 CVSS 9.8 | A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary fil… |
| CVE-2025-2035 | CVE-2025-2035 CVSS 9.8 | A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. Affected by this issue is some unknown functionality of the fi… |
| CVE-2025-2034 | CVE-2025-2034 CVSS 9.8 | A vulnerability has been found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this vulnerability is an unknown function… |
| CVE-2025-20337 | Cisco Identity Services Engine Injection Vulnerability KEVCVSS 10.0Cisco | Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supp… |
| CVE-2025-20333 | Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability KEVCVSS 9.9Cisco | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerabilit… |
| CVE-2025-20309 | CVE-2025-20309 CVSS 10.0 | A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could… |
| CVE-2025-20286 | CVE-2025-20286 CVSS 9.8 | A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) … |
| CVE-2025-20282 | CVE-2025-20282 CVSS 10.0 | A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected devi… |
| CVE-2025-20281 | Cisco Identity Services Engine Injection Vulnerability KEVCVSS 10.0Cisco | Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supp… |
| CVE-2025-20265 | CVE-2025-20265 CVSS 10.0 | A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacke… |
| CVE-2025-20260 | CVE-2025-20260 CVSS 9.8 | A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of… |
| CVE-2025-20242 | CVE-2025-20242 CVSS 9.1 | A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) could allow an unauthenticated, remote attacker to read and mod… |
| CVE-2025-20221 | CVE-2025-20221 CVSS 9.1 | A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 … |
| CVE-2025-20188 | CVE-2025-20188 CVSS 10.0 | A vulnerability in the Out-of-Band Access Point (AP) Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE So… |
| CVE-2025-20156 | CVE-2025-20156 CVSS 9.9 | A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with low privileges to elevate privileges to administr… |
| CVE-2025-20061 | CVE-2025-20061 CVSS 9.8 | mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker t… |
| CVE-2025-20059 | CVE-2025-20059 CVSS 9.1 | Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through… |
| CVE-2025-20055 | CVE-2025-20055 CVSS 9.8 | OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected … |
| CVE-2025-2005 | CVE-2025-2005 CVSS 9.8 | The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registrat… |
| CVE-2025-2004 | CVE-2025-2004 CVSS 9.1 | The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpe_delete_file AJAX action … |
| CVE-2025-20014 | CVE-2025-20014 CVSS 9.8 | mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker… |
| CVE-2025-2000 | CVE-2025-2000 CVSS 9.8 | A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A… |
| CVE-2025-1978 | CVE-2025-1978 CVSS 9.8 | Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, … |
| CVE-2025-1974 | CVE-2025-1974 CVSS 9.8 | A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary … |
| CVE-2025-1966 | CVE-2025-1966 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. Affected by this vulnerability is an unknown functionality of … |
| CVE-2025-1965 | CVE-2025-1965 CVSS 9.8 | A vulnerability classified as critical has been found in projectworlds Online Hotel Booking 1.0. Affected is an unknown function of the file /admin/login.php. … |
| CVE-2025-1964 | CVE-2025-1964 CVSS 9.8 | A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been rated as critical. This issue affects some unknown processing of the file /boo… |
| CVE-2025-1963 | CVE-2025-1963 CVSS 9.8 | A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /res… |
| CVE-2025-1962 | CVE-2025-1962 CVSS 9.8 | A vulnerability was found in projectworlds Online Hotel Booking 1.0. It has been classified as critical. This affects an unknown part of the file /admin/addroo… |
| CVE-2025-1960 | CVE-2025-1960 CVSS 9.8 | CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a syste… |
| CVE-2025-1959 | CVE-2025-1959 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Codezips Gym Management System 1.0. Affected is an unknown function of the file /change_s_pwd.p… |
| CVE-2025-1958 | CVE-2025-1958 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in aaluoxiang oa_system 1.0. This issue affects some unknown processing of the file src/main/… |
| CVE-2025-1956 | CVE-2025-1956 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Shopping Portal 1.0. This affects an unknown part of the file /Shopping/Admin/index.php … |
| CVE-2025-1954 | CVE-2025-1954 CVSS 9.8 | A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability i… |
| CVE-2025-1952 | CVE-2025-1952 CVSS 9.8 | A vulnerability, which was classified as critical, was found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /ad… |
| CVE-2025-1947 | CVE-2025-1947 CVSS 9.8 | A vulnerability classified as critical has been found in hzmanyun Education and Training System 2.1.3. This affects the function scorm of the file UploadImageC… |
| CVE-2025-1946 | CVE-2025-1946 CVSS 9.8 | A vulnerability was found in hzmanyun Education and Training System 2.1. It has been rated as critical. Affected by this issue is the function exportPDF of the… |
| CVE-2025-1945 | CVE-2025-1945 CVSS 9.8 | picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specifi… |
| CVE-2025-1942 | CVE-2025-1942 CVSS 9.8 | When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string. This vulnerability … |