33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,801–7,850 of 8,314 in Critical · page 157 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-11788 | CVE-2025-11788 CVSS 9.8 | Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters()' function, there is an unlimited user inp… |
| CVE-2025-11786 | CVE-2025-11786 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword()' function, the 'newPassword' parameter is directl… |
| CVE-2025-11785 | CVE-2025-11785 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords()' function, there is an unlimited user input th… |
| CVE-2025-11784 | CVE-2025-11784 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase()' function, there is an unlimited user input tha… |
| CVE-2025-11783 | CVE-2025-11783 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent()' function when copying the us… |
| CVE-2025-11782 | CVE-2025-11782 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload()' function uses “sprintf()” to format a string that incl… |
| CVE-2025-11780 | CVE-2025-11780 CVSS 9.8 | Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport()' function, there is an unlimited user input that … |
| CVE-2025-11779 | CVE-2025-11779 CVSS 9.8 | Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This n… |
| CVE-2025-11778 | CVE-2025-11778 CVSS 9.8 | Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the '… |
| CVE-2025-1177 | CVE-2025-1177 CVSS 9.8 | A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected is the function import_add of the file dayrui/Fcms/Control/Ad… |
| CVE-2025-11749 | CVE-2025-11749 CVSS 9.8 | The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoi… |
| CVE-2025-11736 | CVE-2025-11736 CVSS 9.8 | A flaw has been found in itsourcecode Online Examination System 1.0. Affected by this issue is some unknown functionality of the file /index.php. This manipula… |
| CVE-2025-11721 | CVE-2025-11721 CVSS 9.8 | Memory safety bug present in Firefox 143 and Thunderbird 143. This bug showed evidence of memory corruption and we presume that with enough effort this could h… |
| CVE-2025-11719 | CVE-2025-11719 CVSS 9.8 | Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption.… |
| CVE-2025-11717 | CVE-2025-11717 CVSS 9.1 | When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one bein… |
| CVE-2025-11710 | CVE-2025-11710 CVSS 9.8 | A compromised web process using malicious IPC messages could have caused the privileged browser process to reveal blocks of its memory to the compromised proce… |
| CVE-2025-11709 | CVE-2025-11709 CVSS 9.8 | A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability … |
| CVE-2025-11708 | CVE-2025-11708 CVSS 9.8 | Use-after-free in MediaTrackGraphImpl::GetInstance(). This vulnerability was fixed in Firefox 144, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4. |
| CVE-2025-11693 | CVE-2025-11693 CVSS 9.8 | The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 throug… |
| CVE-2025-1168 | CVE-2025-1168 CVSS 9.8 | A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been declared as critical. This vulnerability affects unknown code o… |
| CVE-2025-1167 | CVE-2025-1167 CVSS 9.8 | A vulnerability was found in Mayuri K Employee Management System up to 192.168.70.3 and classified as critical. Affected by this issue is some unknown function… |
| CVE-2025-11665 | CVE-2025-11665 CVSS 9.8 | A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function fwupdater_main of the file rgbin of the component Firmware Update Handler.… |
| CVE-2025-11664 | CVE-2025-11664 CVSS 9.8 | A security vulnerability has been detected in Campcodes Online Beauty Parlor Management System 1.0. The impacted element is an unknown function of the file /ad… |
| CVE-2025-11662 | CVE-2025-11662 CVSS 9.8 | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulat… |
| CVE-2025-11661 | CVE-2025-11661 CVSS 9.8 | A vulnerability was found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown part. Perform… |
| CVE-2025-11660 | CVE-2025-11660 CVSS 9.8 | A vulnerability has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this issue is some u… |
| CVE-2025-11659 | CVE-2025-11659 CVSS 9.8 | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unkn… |
| CVE-2025-11658 | CVE-2025-11658 CVSS 9.8 | A vulnerability was detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected is an unknown function of… |
| CVE-2025-11657 | CVE-2025-11657 CVSS 9.8 | A security vulnerability has been detected in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This impacts an unkn… |
| CVE-2025-11656 | CVE-2025-11656 CVSS 9.8 | A weakness has been identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This affects an unknown function… |
| CVE-2025-11631 | CVE-2025-11631 CVSS 9.1 | A vulnerability was determined in RainyGao DocSys up to 2.02.36. Affected by this vulnerability is an unknown functionality of the file /Doc/deleteDoc.do. Exec… |
| CVE-2025-11630 | CVE-2025-11630 CVSS 9.8 | A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. … |
| CVE-2025-11629 | CVE-2025-11629 CVSS 9.8 | A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation le… |
| CVE-2025-11625 | CVE-2025-11625 CVSS 9.8 | Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials. |
| CVE-2025-11624 | CVE-2025-11624 CVSS 9.8 | Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descrip… |
| CVE-2025-11615 | CVE-2025-11615 CVSS 9.8 | A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/add_invoice.php. Perfor… |
| CVE-2025-11614 | CVE-2025-11614 CVSS 9.8 | A vulnerability was identified in SourceCodester Best Salon Management System 1.0. Affected by this issue is some unknown functionality of the file /panel/edit… |
| CVE-2025-11608 | CVE-2025-11608 CVSS 9.8 | A security vulnerability has been detected in code-projects E-Banking System 1.0. This affects an unknown function of the file /register.php of the component P… |
| CVE-2025-11604 | CVE-2025-11604 CVSS 9.8 | A vulnerability was determined in projectworlds Online Ordering Food System 1.0. This issue affects some unknown processing of the file /all-orders.php. This m… |
| CVE-2025-11601 | CVE-2025-11601 CVSS 9.8 | A vulnerability was detected in SourceCodester Online Student Result System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.… |
| CVE-2025-1160 | CVE-2025-1160 CVSS 9.8 | A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality… |
| CVE-2025-11599 | CVE-2025-11599 CVSS 9.8 | A weakness has been identified in Campcodes Online Apartment Visitor Management System 1.0. This impacts an unknown function of the file /forgot-password.php. … |
| CVE-2025-11597 | CVE-2025-11597 CVSS 9.8 | A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/product_add_qty.php. The… |
| CVE-2025-11596 | CVE-2025-11596 CVSS 9.8 | A vulnerability was determined in code-projects E-Commerce Website 1.0. The affected element is an unknown function of the file /pages/delete_order_details.php… |
| CVE-2025-11595 | CVE-2025-11595 CVSS 9.8 | A vulnerability was found in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /admin-profile.php. Performi… |
| CVE-2025-11586 | CVE-2025-11586 CVSS 9.8 | A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/setNotUpgrade. This manipulation of the argument … |
| CVE-2025-11585 | CVE-2025-11585 CVSS 9.8 | A vulnerability was found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /useredit.php. The manipulati… |
| CVE-2025-11584 | CVE-2025-11584 CVSS 9.8 | A vulnerability has been found in code-projects Online Job Search Engine 1.0. The affected element is an unknown function of the file /searchjob.php. The manip… |
| CVE-2025-11583 | CVE-2025-11583 CVSS 9.8 | A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the ar… |
| CVE-2025-11582 | CVE-2025-11582 CVSS 9.8 | A vulnerability was detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown processing of the file /registration.php. Performin… |