33,486 indexed
CVECVE vulnerabilities
33,486 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,251–7,300 of 8,314 in Critical · page 146 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-15448 | CVE-2025-15448 CVSS 9.8 | A vulnerability was found in cld378632668 JavaMall up to 994f1e2b019378ec9444cdf3fce2d5b5f72d28f0. This impacts the function Upload of the file src/main/java/c… |
| CVE-2025-15444 | CVE-2025-15444 CVSS 9.8 | Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium libsodium <= 1.0.20 or a version of libsodium release… |
| CVE-2025-15436 | CVE-2025-15436 CVSS 9.8 | A vulnerability has been found in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /worksheet/work_edit.jsp. Such manipulation… |
| CVE-2025-15435 | CVE-2025-15435 CVSS 9.8 | A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_update.jsp. This manipulation … |
| CVE-2025-15434 | CVE-2025-15434 CVSS 9.8 | A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. The manipulation of the argument zpjhid results… |
| CVE-2025-15425 | CVE-2025-15425 CVSS 9.8 | A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_user.jsp of the component HTTP GET Pa… |
| CVE-2025-15424 | CVE-2025-15424 CVSS 9.8 | A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the file /worksheet/agent_worksdel.jsp of the component HTTP GET P… |
| CVE-2025-15421 | CVE-2025-15421 CVSS 9.8 | A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/agent_worksadd.jsp of the component HTTP GET Pa… |
| CVE-2025-15420 | CVE-2025-15420 CVSS 9.8 | A security vulnerability has been detected in Yonyou KSOA 9.0. This affects an unknown part of the file /worksheet/agent_work_report.jsp. The manipulation of t… |
| CVE-2025-15410 | CVE-2025-15410 CVSS 9.8 | A vulnerability was identified in code-projects Online Guitar Store 1.0. Affected by this issue is some unknown functionality of the file /login.php. The manip… |
| CVE-2025-15409 | CVE-2025-15409 CVSS 9.8 | A vulnerability was determined in code-projects Online Guitar Store 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/Delete_p… |
| CVE-2025-15408 | CVE-2025-15408 CVSS 9.8 | A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is an unknown function of the file /admin/Create_product.php. Performing a manipul… |
| CVE-2025-15407 | CVE-2025-15407 CVSS 9.8 | A vulnerability has been found in code-projects Online Guitar Store 1.0. This impacts an unknown function of the file /admin/Create_category.php. Such manipula… |
| CVE-2025-15403 | CVE-2025-15403 CVSS 9.8 | The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'add_menu' f… |
| CVE-2025-15391 | CVE-2025-15391 CVSS 9.8 | A weakness has been identified in D-Link DIR-806A 100CNb11. Affected is the function ssdpcgi_main of the component SSDP Request Handler. This manipulation caus… |
| CVE-2025-1539 | CVE-2025-1539 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in D-Link DAP-1320 1.00. Affected by this issue is the function replace_special_char of the f… |
| CVE-2025-15385 | CVE-2025-15385 CVSS 9.8 | Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com.Afmobi.Boomplayer allows Authentication Bypass.This issue affects com.Afmobi.B… |
| CVE-2025-15379 | CVE-2025-15379 CVSS 9.8 | A command injection vulnerability exists in MLflow's model serving container initialization code, specifically in the `_install_model_dependencies_to_env()` fu… |
| CVE-2025-15359 | CVE-2025-15359 CVSS 9.8 | DVP-12SE11T - Out-of-bound memory write Vulnerability |
| CVE-2025-15357 | CVE-2025-15357 CVSS 9.8 | A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects an unknown function of the file /msp_info.htm?flag=cmd. The manipulation of the argument… |
| CVE-2025-15354 | CVE-2025-15354 CVSS 9.8 | A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/add_admin.php. Executing ma… |
| CVE-2025-15353 | CVE-2025-15353 CVSS 9.8 | A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is the function edit_admin_query of the file /admin/edit_admin_query.php. … |
| CVE-2025-1532 | CVE-2025-1532 CVSS 9.1 | Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity. |
| CVE-2025-15263 | CVE-2025-15263 CVSS 9.8 | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Exe… |
| CVE-2025-15257 | CVE-2025-15257 CVSS 9.8 | A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of th… |
| CVE-2025-15256 | CVE-2025-15256 CVSS 9.8 | A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web… |
| CVE-2025-15255 | CVE-2025-15255 CVSS 9.8 | A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Exe… |
| CVE-2025-15247 | CVE-2025-15247 CVSS 9.8 | A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c16decd7271e2a5b2e3da4d6f68589424. Affected by this issue is the function snap7_rs::client::S7Cl… |
| CVE-2025-15243 | CVE-2025-15243 CVSS 9.8 | A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing a manipulation of the… |
| CVE-2025-15228 | CVE-2025-15228 CVSS 9.8 | BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web s… |
| CVE-2025-15226 | CVE-2025-15226 CVSS 9.8 | WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, there… |
| CVE-2025-15212 | CVE-2025-15212 CVSS 9.8 | A vulnerability was detected in code-projects Refugee Food Management System 1.0. This issue affects some unknown processing of the file /home/regfood.php. Per… |
| CVE-2025-15211 | CVE-2025-15211 CVSS 9.8 | A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulatio… |
| CVE-2025-15210 | CVE-2025-15210 CVSS 9.8 | A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This vulnerability affects unknown code of the file /home/editr… |
| CVE-2025-15209 | CVE-2025-15209 CVSS 9.8 | A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown part of the file /home/editfood.php. This manipulat… |
| CVE-2025-15208 | CVE-2025-15208 CVSS 9.8 | A security flaw has been discovered in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home… |
| CVE-2025-15207 | CVE-2025-15207 CVSS 9.8 | A vulnerability has been found in Campcodes Supplier Management System 1.0. Affected is an unknown function of the file /admin/view_products.php. The manipulat… |
| CVE-2025-15206 | CVE-2025-15206 CVSS 9.8 | A flaw has been found in Campcodes Supplier Management System 1.0. This impacts an unknown function of the file /admin/add_area.php. Executing a manipulation o… |
| CVE-2025-15198 | CVE-2025-15198 CVSS 9.8 | A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affects some unknown processing of the file /login.php. Executin… |
| CVE-2025-15196 | CVE-2025-15196 CVSS 9.8 | A vulnerability was identified in code-projects Assessment Management 1.0. This affects an unknown part of the file login.php. Such manipulation of the argumen… |
| CVE-2025-15195 | CVE-2025-15195 CVSS 9.8 | A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file /admin/add-module.p… |
| CVE-2025-15194 | CVE-2025-15194 CVSS 9.8 | A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an unknown functionality of the file hedwig.cgi of the component… |
| CVE-2025-15186 | CVE-2025-15186 CVSS 9.8 | A vulnerability has been found in code-projects Refugee Food Management System 1.0. Affected by this issue is some unknown functionality of the file /home/addu… |
| CVE-2025-15185 | CVE-2025-15185 CVSS 9.8 | A flaw has been found in code-projects Refugee Food Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /home/refugee… |
| CVE-2025-15184 | CVE-2025-15184 CVSS 9.8 | A vulnerability was detected in code-projects Refugee Food Management System 1.0. Affected is an unknown function of the file /home/refugeesreport2.php. The ma… |
| CVE-2025-15183 | CVE-2025-15183 CVSS 9.8 | A security vulnerability has been detected in code-projects Refugee Food Management System 1.0. This impacts an unknown function of the file /home/viewtakenfd.… |
| CVE-2025-15182 | CVE-2025-15182 CVSS 9.8 | A weakness has been identified in code-projects Refugee Food Management System 1.0. This affects an unknown function of the file /home/served.php. Executing ma… |
| CVE-2025-15181 | CVE-2025-15181 CVSS 9.8 | A security flaw has been discovered in code-projects Refugee Food Management System 1.0. The impacted element is an unknown function of the file /home/pagenate… |
| CVE-2025-15168 | CVE-2025-15168 CVSS 9.8 | A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /statistical.php. Such manipulation o… |
| CVE-2025-15167 | CVE-2025-15167 CVSS 9.8 | A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unknown function of the file /detailtransac.php. This manipulat… |