33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,451–7,500 of 8,314 in Critical · page 150 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-1446 | CVE-2025-1446 CVSS 9.8 | The Pods WordPress plugin before 3.2.8.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection… |
| CVE-2025-14440 | CVE-2025-14440 CVSS 9.8 | The JAY Login & Register plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.4.01. This is due to incorrect authent… |
| CVE-2025-14388 | CVE-2025-14388 CVSS 9.8 | The PhastPress plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Read via null byte injection in all versions up to, and including, 3.7. Thi… |
| CVE-2025-14346 | CVE-2025-14346 CVSS 9.8 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with th… |
| CVE-2025-14344 | CVE-2025-14344 CVSS 9.8 | The Multi Uploader for Gravity Forms plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'plupload_aj… |
| CVE-2025-14337 | CVE-2025-14337 CVSS 9.8 | A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the… |
| CVE-2025-14336 | CVE-2025-14336 CVSS 9.8 | A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The man… |
| CVE-2025-14335 | CVE-2025-14335 CVSS 9.8 | A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /new_schoo… |
| CVE-2025-14334 | CVE-2025-14334 CVSS 9.8 | A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /new_adviser.php. Executing manipulation of th… |
| CVE-2025-14330 | CVE-2025-14330 CVSS 9.8 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 14… |
| CVE-2025-14326 | CVE-2025-14326 CVSS 9.8 | Use-after-free in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 146 and Thunderbird 146. |
| CVE-2025-14324 | CVE-2025-14324 CVSS 9.8 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146… |
| CVE-2025-14321 | CVE-2025-14321 CVSS 9.8 | Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6. |
| CVE-2025-14320 | CVE-2025-14320 CVSS 9.8 | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited… |
| CVE-2025-14308 | CVE-2025-14308 CVSS 9.8 | An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length … |
| CVE-2025-14306 | CVE-2025-14306 CVSS 9.1 | A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize f… |
| CVE-2025-14301 | CVE-2025-14301 CVSS 9.8 | The Integration Opvius AI for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.0. This is due to the … |
| CVE-2025-14285 | CVE-2025-14285 CVSS 9.8 | A vulnerability was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file edit_personnel.php. The manipula… |
| CVE-2025-14265 | CVE-2025-14265 CVSS 9.1 | In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execut… |
| CVE-2025-14258 | CVE-2025-14258 CVSS 9.8 | A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubjec… |
| CVE-2025-14257 | CVE-2025-14257 CVSS 9.8 | A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the … |
| CVE-2025-14256 | CVE-2025-14256 CVSS 9.8 | A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipula… |
| CVE-2025-14251 | CVE-2025-14251 CVSS 9.8 | A security vulnerability has been detected in code-projects Online Ordering System 1.0. This affects an unknown function of the file /admin/ of the component A… |
| CVE-2025-14250 | CVE-2025-14250 CVSS 9.8 | A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /user_contact.php. This man… |
| CVE-2025-14249 | CVE-2025-14249 CVSS 9.8 | A security flaw has been discovered in code-projects Online Ordering System 1.0. The affected element is an unknown function of the file /user_school.php. The … |
| CVE-2025-14248 | CVE-2025-14248 CVSS 9.8 | A vulnerability was identified in code-projects Simple Shopping Cart 1.0. Impacted is an unknown function of the file /adminlogin.php. The manipulation of the … |
| CVE-2025-14247 | CVE-2025-14247 CVSS 9.8 | A vulnerability was determined in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the file /Admin/additems.php. Executing… |
| CVE-2025-14246 | CVE-2025-14246 CVSS 9.8 | A vulnerability was found in code-projects Simple Shopping Cart 1.0. This vulnerability affects unknown code of the file /Customers/settings.php. Performing ma… |
| CVE-2025-14245 | CVE-2025-14245 CVSS 9.8 | A vulnerability has been found in IdeaCMS up to 1.8. This affects the function whereRaw of the file app/common/logic/index/Coupon.php. Such manipulation of the… |
| CVE-2025-14237 | CVE-2025-14237 CVSS 9.8 | Buffer overflow in XPS font parse processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to… |
| CVE-2025-14236 | CVE-2025-14236 CVSS 9.8 | Buffer overflow in Address Book attribute tag processing on Small Office Multifunction Printers(*) which may allow an attacker on the network segment to trigge… |
| CVE-2025-14235 | CVE-2025-14235 CVSS 9.8 | Buffer overflow in XPS font fpgm data processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segmen… |
| CVE-2025-14234 | CVE-2025-14234 CVSS 9.8 | Buffer overflow in CPCA list processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trig… |
| CVE-2025-14233 | CVE-2025-14233 CVSS 9.8 | Invalid free in CPCA file deletion processing on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment t… |
| CVE-2025-14232 | CVE-2025-14232 CVSS 9.8 | Buffer overflow in XML processing of XPS file in Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment t… |
| CVE-2025-14231 | CVE-2025-14231 CVSS 9.8 | Buffer overflow in print job processing by WSD on Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment … |
| CVE-2025-14227 | CVE-2025-14227 CVSS 9.8 | A security flaw has been discovered in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5dfbc44c3edafa9811893d958. This issue affects some unknown processing of… |
| CVE-2025-14226 | CVE-2025-14226 CVSS 9.8 | A vulnerability was identified in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /edit_user.php. The manipulat… |
| CVE-2025-14224 | CVE-2025-14224 CVSS 9.8 | A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upl… |
| CVE-2025-14223 | CVE-2025-14223 CVSS 9.8 | A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. … |
| CVE-2025-14218 | CVE-2025-14218 CVSS 9.8 | A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.ph… |
| CVE-2025-14217 | CVE-2025-14217 CVSS 9.8 | A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of t… |
| CVE-2025-14216 | CVE-2025-14216 CVSS 9.8 | A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This mani… |
| CVE-2025-14215 | CVE-2025-14215 CVSS 9.8 | A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the… |
| CVE-2025-14212 | CVE-2025-14212 CVSS 9.8 | A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /member_search.… |
| CVE-2025-14211 | CVE-2025-14211 CVSS 9.8 | A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /d… |
| CVE-2025-14210 | CVE-2025-14210 CVSS 9.8 | A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /delete_member.… |
| CVE-2025-14209 | CVE-2025-14209 CVSS 9.8 | A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /update_query.php. This manipulatio… |
| CVE-2025-14199 | CVE-2025-14199 CVSS 9.8 | A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=… |
| CVE-2025-14191 | CVE-2025-14191 CVSS 9.8 | A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formP2PLimitConfig. Such ma… |