33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,901–7,950 of 8,314 in Critical · page 159 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-11416 | CVE-2025-11416 CVSS 9.8 | A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performin… |
| CVE-2025-11415 | CVE-2025-11415 CVSS 9.8 | A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/cust… |
| CVE-2025-11408 | CVE-2025-11408 CVSS 9.8 | A security vulnerability has been detected in D-Link DI-7001 MINI 24.04.18B1. The affected element is an unknown function of the file /dbsrv.asp. Such manipula… |
| CVE-2025-11407 | CVE-2025-11407 CVSS 9.8 | A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgrade_filter.asp. This manipulation of the arg… |
| CVE-2025-11405 | CVE-2025-11405 CVSS 9.8 | A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnerability affects unknown code of the file /del_tax.php. The m… |
| CVE-2025-11404 | CVE-2025-11404 CVSS 9.8 | A vulnerability was determined in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown part of the file /pages/save_tax.php. Executing… |
| CVE-2025-11403 | CVE-2025-11403 CVSS 9.8 | A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this issue is some unknown functionality of the file /del_bookin… |
| CVE-2025-11402 | CVE-2025-11402 CVSS 9.8 | A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this vulnerability is an unknown functionality of the file … |
| CVE-2025-11401 | CVE-2025-11401 CVSS 9.8 | A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknown function of the file /pages/save_curr.php. This manipulat… |
| CVE-2025-11400 | CVE-2025-11400 CVSS 9.8 | A vulnerability was detected in SourceCodester Hotel and Lodge Management System 1.0. This impacts an unknown function of the file /del_room.php. The manipulat… |
| CVE-2025-11399 | CVE-2025-11399 CVSS 9.8 | A security vulnerability has been detected in SourceCodester Hotel and Lodge Management System 1.0. This affects an unknown function of the file /pages/save_ro… |
| CVE-2025-11397 | CVE-2025-11397 CVSS 9.8 | A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php… |
| CVE-2025-11396 | CVE-2025-11396 CVSS 9.8 | A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of… |
| CVE-2025-11391 | CVE-2025-11391 CVSS 9.8 | The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in t… |
| CVE-2025-11367 | CVE-2025-11367 CVSS 9.8 | The N-central Software Probe < 2025.4 is vulnerable to Remote Code Execution via deserialization |
| CVE-2025-11366 | CVE-2025-11366 CVSS 9.8 | N-central < 2025.4 is vulnerable to authentication bypass via path traversal |
| CVE-2025-11354 | CVE-2025-11354 CVSS 9.8 | A flaw has been found in code-projects Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/addslideexec.php. Executing mani… |
| CVE-2025-11350 | CVE-2025-11350 CVSS 9.8 | A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdat… |
| CVE-2025-11349 | CVE-2025-11349 CVSS 9.8 | A vulnerability was identified in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /search-visitor.php. Th… |
| CVE-2025-11348 | CVE-2025-11348 CVSS 9.8 | A vulnerability was determined in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /index.php. … |
| CVE-2025-11347 | CVE-2025-11347 CVSS 9.8 | A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of … |
| CVE-2025-11346 | CVE-2025-11346 CVSS 9.8 | A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This affects the function unserialize of the component Base64 Decoding Handler. Such manipulation… |
| CVE-2025-11345 | CVE-2025-11345 CVSS 9.8 | A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this issue is the function unserialize of the component Test Import. This manipulation causes … |
| CVE-2025-11344 | CVE-2025-11344 CVSS 9.8 | A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Hand… |
| CVE-2025-11342 | CVE-2025-11342 CVSS 9.8 | A weakness has been identified in code-projects Online Course Registration 1.0. This impacts an unknown function of the file /admin/edit-course.php. Executing … |
| CVE-2025-11341 | CVE-2025-11341 CVSS 9.8 | A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=S… |
| CVE-2025-11338 | CVE-2025-11338 CVSS 9.8 | A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component … |
| CVE-2025-11334 | CVE-2025-11334 CVSS 9.8 | A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. Affected is an unknown function of the file /visitor-detail.ph… |
| CVE-2025-11329 | CVE-2025-11329 CVSS 9.8 | A flaw has been found in code-projects Online Course Registration 1.0. Impacted is an unknown function of the file /admin/manage-students.php. This manipulatio… |
| CVE-2025-11318 | CVE-2025-11318 CVSS 9.8 | A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This vulnerability affects unknown code of the file u… |
| CVE-2025-11317 | CVE-2025-11317 CVSS 9.8 | A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSin… |
| CVE-2025-11316 | CVE-2025-11316 CVSS 9.8 | A vulnerability was determined in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this issue is the function findCategoryPage of… |
| CVE-2025-11315 | CVE-2025-11315 CVSS 9.8 | A vulnerability was found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected by this vulnerability is the function findUserPage of … |
| CVE-2025-11314 | CVE-2025-11314 CVSS 9.8 | A vulnerability has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected is the function findRolePage of the file findSing… |
| CVE-2025-11313 | CVE-2025-11313 CVSS 9.8 | A flaw has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This impacts the function findRolePage of the file findRolePage.do.… |
| CVE-2025-11312 | CVE-2025-11312 CVSS 9.8 | A vulnerability was detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findModulePage of the file findMod… |
| CVE-2025-11311 | CVE-2025-11311 CVSS 9.8 | A security vulnerability has been detected in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The impacted element is the function findTenan… |
| CVE-2025-11310 | CVE-2025-11310 CVSS 9.8 | A weakness has been identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. The affected element is the function findFileServerPage of… |
| CVE-2025-11309 | CVE-2025-11309 CVSS 9.8 | A security flaw has been discovered in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Impacted is the function doFilter of the file findDep… |
| CVE-2025-11287 | CVE-2025-11287 CVSS 9.8 | A vulnerability was identified in samanhappy MCPHub up to 0.9.10. This vulnerability affects the function handleSseConnectionfunction of the file src/services/… |
| CVE-2025-1128 | CVE-2025-1128 CVSS 9.8 | The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, r… |
| CVE-2025-1127 | CVE-2025-1127 CVSS 9.1 | The vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user and/or modify the contents of any data on the filesystem. |
| CVE-2025-1126 | CVE-2025-1126 CVSS 9.3 | A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client. |
| CVE-2025-11253 | CVE-2025-11253 CVSS 9.8 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aksis Technology Inc. Netty ERP allows SQL Injection. Th… |
| CVE-2025-11252 | CVE-2025-11252 CVSS 9.8signumtte | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm … |
| CVE-2025-11251 | CVE-2025-11251 CVSS 9.8daynex | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platf… |
| CVE-2025-11250 | CVE-2025-11250 CVSS 9.1 | Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations. |
| CVE-2025-11242 | CVE-2025-11242 CVSS 9.8 | Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request… |
| CVE-2025-11202 | CVE-2025-11202 CVSS 9.8 | win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary co… |
| CVE-2025-11201 | CVE-2025-11201 CVSS 9.8 | MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary … |