33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,151–7,200 of 8,314 in Critical · page 144 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-1941 | CVE-2025-1941 CVSS 9.1 | Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed (distinct from CVE-2025-0245… |
| CVE-2025-1928 | CVE-2025-1928 CVSS 9.1restajet | Improper Restriction of Excessive Authentication Attempts vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Password R… |
| CVE-2025-1909 | CVE-2025-1909 CVSS 9.8 | The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient ve… |
| CVE-2025-1907 | CVE-2025-1907 CVSS 9.8 | Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected. |
| CVE-2025-1906 | CVE-2025-1906 CVSS 9.8 | A vulnerability has been found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the fil… |
| CVE-2025-1903 | CVE-2025-1903 CVSS 9.8 | A vulnerability was found in Codezips Online Shopping Website 1.0. It has been rated as critical. This issue affects some unknown processing of the file /cart_… |
| CVE-2025-1902 | CVE-2025-1902 CVSS 9.8 | A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /passw… |
| CVE-2025-1901 | CVE-2025-1901 CVSS 9.8 | A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admi… |
| CVE-2025-1900 | CVE-2025-1900 CVSS 9.8 | A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of… |
| CVE-2025-1894 | CVE-2025-1894 CVSS 9.8 | A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionalit… |
| CVE-2025-1890 | CVE-2025-1890 CVSS 9.8 | A vulnerability has been found in shishuocms 1.1 and classified as critical. This vulnerability affects the function handleRequest of the file src/main/java/co… |
| CVE-2025-1889 | CVE-2025-1889 CVSS 9.8 | picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that… |
| CVE-2025-1876 | CVE-2025-1876 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the com… |
| CVE-2025-1875 | CVE-2025-1875 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php. |
| CVE-2025-1874 | CVE-2025-1874 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "description" parameter in admin/add-category.php. |
| CVE-2025-1873 | CVE-2025-1873 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php. |
| CVE-2025-1872 | CVE-2025-1872 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php. |
| CVE-2025-1871 | CVE-2025-1871 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php. |
| CVE-2025-1870 | CVE-2025-1870 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagedescription" parameter in admin/aboutus.php. |
| CVE-2025-1869 | CVE-2025-1869 CVSS 9.8 | SQL injection vulnerability have been found in 101news affecting version 1.0 through the "username" parameter in admin/check_avalability.php. |
| CVE-2025-1864 | CVE-2025-1864 CVSS 9.8 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: … |
| CVE-2025-1863 | CVE-2025-1863 CVSS 9.8 | Insecure default settings have been found in recorder products provided by Yokogawa Electric Corporation. The default setting of the authentication function is… |
| CVE-2025-1861 | CVE-2025-1861 CVSS 9.8 | In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an … |
| CVE-2025-1859 | CVE-2025-1859 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file /login.… |
| CVE-2025-1858 | CVE-2025-1858 CVSS 9.8 | A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The… |
| CVE-2025-1857 | CVE-2025-1857 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_… |
| CVE-2025-1856 | CVE-2025-1856 CVSS 9.8 | A vulnerability was found in Codezips Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the fil… |
| CVE-2025-1853 | CVE-2025-1853 CVSS 9.8 | A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of t… |
| CVE-2025-1852 | CVE-2025-1852 CVSS 9.8 | A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the … |
| CVE-2025-1850 | CVE-2025-1850 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Affected by this issue is some unknown functionali… |
| CVE-2025-1845 | CVE-2025-1845 CVSS 9.8 | A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as critical. Affected by this vulnerability is the function examExportPDF of the file /admi… |
| CVE-2025-1844 | CVE-2025-1844 CVSS 9.8 | A vulnerability, which was classified as critical, was found in ESAFENET CDG 5.6.3.154.205_20250114. Affected is an unknown function of the file /CDGServer3/lo… |
| CVE-2025-1843 | CVE-2025-1843 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20250211. This issue affects the function select of the file com/xq/tmall… |
| CVE-2025-1841 | CVE-2025-1841 CVSS 9.8 | A vulnerability classified as critical has been found in ESAFENET CDG 5.6.3.154.205. This affects an unknown part of the file /CDGServer3/logManagement/ClientS… |
| CVE-2025-1840 | CVE-2025-1840 CVSS 9.8 | A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been rated as critical. Affected by this issue is some unknown functionality of the file /CDGSe… |
| CVE-2025-1834 | CVE-2025-1834 CVSS 9.8 | A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of … |
| CVE-2025-1831 | CVE-2025-1831 CVSS 9.8 | A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is the function GetDBUser of the file src/main/java/com/futvan/z/syst… |
| CVE-2025-1821 | CVE-2025-1821 CVSS 9.8 | A vulnerability was found in zj1983 zz up to 2024-8 and classified as critical. Affected by this issue is the function getUserOrgForUserId of the file src/main… |
| CVE-2025-1819 | CVE-2025-1819 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44. Affected is the function TendaTelnet of the file /goform/telnet. T… |
| CVE-2025-1818 | CVE-2025-1818 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8. This issue affects some unknown processing of the file src/main/ja… |
| CVE-2025-1814 | CVE-2025-1814 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is some unknown functionality of the file /g… |
| CVE-2025-1793 | CVE-2025-1793 CVSS 9.8 | Multiple vector store integrations in run-llama/llama_index version v0.12.21 have SQL injection vulnerabilities. These vulnerabilities allow an attacker to rea… |
| CVE-2025-1791 | CVE-2025-1791 CVSS 9.8 | A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects the function fileAction of the file vendor/skycaij… |
| CVE-2025-1782 | CVE-2025-1782 CVSS 9.9 | In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbit… |
| CVE-2025-1771 | CVE-2025-1771 CVSS 9.8 | The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotel_alone_load_more_post' functio… |
| CVE-2025-1751 | CVE-2025-1751 CVSS 9.8 | A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete d… |
| CVE-2025-1750 | CVE-2025-1750 CVSS 9.8 | An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama/llama_index version v0.12.19. This vulnerability allows an attac… |
| CVE-2025-1744 | CVE-2025-1744 CVSS 9.8 | Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9. |
| CVE-2025-1740 | CVE-2025-1740 CVSS 9.8 | Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass, Password Recovery Exploitation, Brut… |
| CVE-2025-1716 | CVE-2025-1716 CVSS 9.8 | picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI packa… |