33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,201–7,250 of 8,314 in Critical · page 145 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-1710 | CVE-2025-1710 CVSS 9.8 | The maxView Storage Manager does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it susc… |
| CVE-2025-1676 | CVE-2025-1676 CVSS 9.8 | A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the… |
| CVE-2025-1675 | CVE-2025-1675 CVSS 9.1 | The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough … |
| CVE-2025-1671 | CVE-2025-1671 CVSS 9.8 | The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.6. This is due to the academist_m… |
| CVE-2025-1661 | CVE-2025-1661 CVSS 9.8 | The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.6… |
| CVE-2025-1641 | CVE-2025-1641 CVSS 9.8 | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorario… |
| CVE-2025-1640 | CVE-2025-1640 CVSS 9.8 | A vulnerability was found in Benner ModernaNet up to 1.1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Home/J… |
| CVE-2025-1638 | CVE-2025-1638 CVSS 9.8 | The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.2. This is due to the plugin not … |
| CVE-2025-1616 | CVE-2025-1616 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this issue is some unknown functionality… |
| CVE-2025-1610 | CVE-2025-1610 CVSS 9.8 | A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/set_… |
| CVE-2025-1609 | CVE-2025-1609 CVSS 9.8 | A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file… |
| CVE-2025-1608 | CVE-2025-1608 CVSS 9.8 | A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/set_manpwd… |
| CVE-2025-1599 | CVE-2025-1599 CVSS 9.1 | A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been rated as problematic. Affected by this issue is some unknown funct… |
| CVE-2025-1598 | CVE-2025-1598 CVSS 9.8 | A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown… |
| CVE-2025-1596 | CVE-2025-1596 CVSS 9.8 | A vulnerability was found in SourceCodester Best Church Management Software 1.0 and classified as critical. This issue affects some unknown processing of the f… |
| CVE-2025-1593 | CVE-2025-1593 CVSS 9.8 | A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /_hr_soft… |
| CVE-2025-1588 | CVE-2025-1588 CVSS 9.1 | A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ad… |
| CVE-2025-1583 | CVE-2025-1583 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/search-repo… |
| CVE-2025-1582 | CVE-2025-1582 CVSS 9.8 | A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of … |
| CVE-2025-1581 | CVE-2025-1581 CVSS 9.8 | A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown function… |
| CVE-2025-1580 | CVE-2025-1580 CVSS 9.8 | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the f… |
| CVE-2025-1576 | CVE-2025-1576 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown func… |
| CVE-2025-1570 | CVE-2025-1570 CVSS 9.8 | The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to privilege escalation via account takeo… |
| CVE-2025-1564 | CVE-2025-1564 CVSS 9.8 | The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a u… |
| CVE-2025-15638 | CVE-2025-15638 CVSS 10.0 | Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 201… |
| CVE-2025-1562 | CVE-2025-1562 CVSS 9.8 | The Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin for WordPress is vulnerable to unauthorized arb… |
| CVE-2025-15618 | CVE-2025-15618 CVSS 9.1 | Business::OnlinePayment::StoredTransaction versions through 0.01 for Perl uses an insecure secret key. Business::OnlinePayment::StoredTransaction generates a … |
| CVE-2025-15608 | CVE-2025-15608 CVSS 9.8 | This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a sta… |
| CVE-2025-15607 | CVE-2025-15607 CVSS 9.8 | A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files… |
| CVE-2025-15604 | CVE-2025-15604 CVSS 9.8 | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string func… |
| CVE-2025-15578 | CVE-2025-15578 CVSS 9.8 | Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id is seeded with the system time (which is available from HTTP … |
| CVE-2025-15573 | CVE-2025-15573 CVSS 9.4 | The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud (mqtt001.solaxcloud.com… |
| CVE-2025-1556 | CVE-2025-1556 CVSS 9.8 | A vulnerability, which was classified as problematic, has been found in westboy CicadasCMS 1.0. This issue affects some unknown processing of the file /system … |
| CVE-2025-15559 | CVE-2025-15559 CVSS 9.8 | An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the … |
| CVE-2025-1555 | CVE-2025-1555 CVSS 9.8 | A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipu… |
| CVE-2025-15521 | CVE-2025-15521 CVSS 9.8 | The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation via account takeover in all v… |
| CVE-2025-15503 | CVE-2025-15503 CVSS 9.8 | A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file… |
| CVE-2025-15502 | CVE-2025-15502 CVSS 9.8 | A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of th… |
| CVE-2025-15501 | CVE-2025-15501 CVSS 9.8 | A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /is… |
| CVE-2025-15500 | CVE-2025-15500 CVSS 9.8 | A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-pro… |
| CVE-2025-1550 | CVE-2025-1550 CVSS 9.8 | The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By al… |
| CVE-2025-15499 | CVE-2025-15499 CVSS 9.8 | A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file… |
| CVE-2025-15496 | CVE-2025-15496 CVSS 9.8 | A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument… |
| CVE-2025-15493 | CVE-2025-15493 CVSS 9.8 | A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. … |
| CVE-2025-15484 | CVE-2025-15484 CVSS 9.1 | The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated req… |
| CVE-2025-15480 | CVE-2025-15480 CVSS 9.1 | In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitte… |
| CVE-2025-15471 | CVE-2025-15471 CVSS 9.8 | A vulnerability was detected in TRENDnet TEW-713RE 1.02. The impacted element is an unknown function of the file /goformX/formFSrvX. The manipulation of the ar… |
| CVE-2025-15458 | CVE-2025-15458 CVSS 9.8 | A vulnerability was determined in bg5sbk MiniCMS up to 1.8. This affects an unknown function of the file /mc-admin/post-edit.php of the component Article Handl… |
| CVE-2025-15457 | CVE-2025-15457 CVSS 9.8 | A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Tras… |
| CVE-2025-15449 | CVE-2025-15449 CVSS 9.1 | A vulnerability was determined in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. Affected is the function delete of the file src/main/ja… |