33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 7,951–8,000 of 8,314 in Critical · page 160 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-11200 | CVE-2025-11200 CVSS 9.8 | MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installa… |
| CVE-2025-11170 | CVE-2025-11170 CVSS 9.8 | The WP移行専用プラグイン for CPI plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the Cpiwm_Import_Controller::import… |
| CVE-2025-11165 | CVE-2025-11165 CVSS 9.9 | A sandbox escape vulnerability exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with scripting privileges to bypass class … |
| CVE-2025-11159 | CVE-2025-11159 CVSS 9.1hitachi | Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution wh… |
| CVE-2025-11158 | CVE-2025-11158 CVSS 9.1 | Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x and 8.3.x, do not restrict Groovy scripts in new PRPT reports pu… |
| CVE-2025-11148 | CVE-2025-11148 CVSS 9.8 | All versions of the package check-branches are vulnerable to Command Injection check-branches is a command-line tool that is interacted with locally, or via CI… |
| CVE-2025-11140 | CVE-2025-11140 CVSS 9.8 | A vulnerability was identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this vulnerability is the function openForm of the component com.artery.richclient.… |
| CVE-2025-11139 | CVE-2025-11139 CVSS 9.8 | A vulnerability was determined in Bjskzy Zhiyou ERP up to 11.0. Affected is the function uploadStudioFile of the component com.artery.form.services.FormStudioU… |
| CVE-2025-1113 | CVE-2025-1113 CVSS 9.8 | A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This issue affects the function upload of the file /admin#themes of … |
| CVE-2025-11127 | CVE-2025-11127 CVSS 9.8 | The Mstoreapp Mobile App WordPress plugin through 2.08 and Mstoreapp Mobile Multivendor through 9.0.1 do not properly verify users identify when using an AJAX … |
| CVE-2025-11126 | CVE-2025-11126 CVSS 9.8 | A security flaw has been discovered in Apeman ID71 218.53.203.117. This vulnerability affects unknown code of the file /system/www/system.ini. The manipulation… |
| CVE-2025-11118 | CVE-2025-11118 CVSS 9.8 | A vulnerability was identified in CodeAstro Student Grading System 1.0. This issue affects some unknown processing of the file /adminLogin.php. Such manipulati… |
| CVE-2025-11116 | CVE-2025-11116 CVSS 9.8 | A vulnerability was found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /add.home.php. The manipulation of the argume… |
| CVE-2025-11115 | CVE-2025-11115 CVSS 9.8 | A vulnerability has been found in code-projects Simple Scheduling System 1.0. Affected by this issue is some unknown functionality of the file /addtime.php. Th… |
| CVE-2025-11111 | CVE-2025-11111 CVSS 9.8 | A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This affects an unknown function of the file /admin/candidates_edit.p… |
| CVE-2025-11110 | CVE-2025-11110 CVSS 9.8 | A security flaw has been discovered in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/school_y… |
| CVE-2025-11109 | CVE-2025-11109 CVSS 9.8 | A vulnerability was identified in Campcodes Computer Sales and Inventory System 1.0. The affected element is an unknown function of the file /pages/us_edit.php… |
| CVE-2025-11108 | CVE-2025-11108 CVSS 9.8 | A vulnerability was determined in code-projects Simple Scheduling System 1.0. Impacted is an unknown function of the file /schedulingsystem/addroom.php. Execut… |
| CVE-2025-11107 | CVE-2025-11107 CVSS 9.8 | A vulnerability was found in code-projects Simple Scheduling System 1.0. This issue affects some unknown processing of the file /schedulingsystem/addcourse.php… |
| CVE-2025-11106 | CVE-2025-11106 CVSS 9.8 | A vulnerability has been found in code-projects Simple Scheduling System 1.0. This vulnerability affects unknown code of the file /schedulingsystem/addfaculty.… |
| CVE-2025-11105 | CVE-2025-11105 CVSS 9.8 | A flaw has been found in code-projects Simple Scheduling System 1.0. This affects an unknown part of the file /schedulingsystem/addsubject.php. This manipulati… |
| CVE-2025-11102 | CVE-2025-11102 CVSS 9.8 | A weakness has been identified in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/edit_content.php. Executi… |
| CVE-2025-11101 | CVE-2025-11101 CVSS 9.8 | A security flaw has been discovered in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/company/index.php… |
| CVE-2025-11094 | CVE-2025-11094 CVSS 9.8 | A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/admin_product_details.php. … |
| CVE-2025-11089 | CVE-2025-11089 CVSS 9.8 | A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This impacts an unknown function of the file /Pr… |
| CVE-2025-11079 | CVE-2025-11079 CVSS 9.8 | A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this issue is some unknown functionality. The manipulation results in … |
| CVE-2025-11077 | CVE-2025-11077 CVSS 9.8 | A vulnerability was determined in Campcodes Online Learning Management System 1.0. Affected is an unknown function of the file /admin/add_content.php. Executin… |
| CVE-2025-11076 | CVE-2025-11076 CVSS 9.8 | A vulnerability was found in Campcodes Online Learning Management System 1.0. This impacts an unknown function of the file /admin/edit_teacher.php. Performing … |
| CVE-2025-11075 | CVE-2025-11075 CVSS 9.8 | A vulnerability has been found in Campcodes Online Learning Management System 1.0. This affects an unknown function of the file /admin/de_activate.php. Such ma… |
| CVE-2025-11074 | CVE-2025-11074 CVSS 9.8 | A flaw has been found in code-projects Project Monitoring System 1.0. The impacted element is an unknown function of the file /login.php. This manipulation of … |
| CVE-2025-11070 | CVE-2025-11070 CVSS 9.8 | A vulnerability was identified in Projectworlds Online Shopping System 1.0. This affects an unknown part of the file /store/cart_add.php. Such manipulation of … |
| CVE-2025-1107 | CVE-2025-1107 CVSS 9.9 | Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's password withou… |
| CVE-2025-11066 | CVE-2025-11066 CVSS 9.8 | A flaw has been found in code-projects Online Bidding System 1.0. This impacts an unknown function of the file /administrator/bidlist.php. Executing manipulati… |
| CVE-2025-11064 | CVE-2025-11064 CVSS 9.8 | A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Impacted is an unknown function of the file /admin/teachers.php. The ma… |
| CVE-2025-11063 | CVE-2025-11063 CVSS 9.8 | A vulnerability was identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /admin/edit_departmen… |
| CVE-2025-11062 | CVE-2025-11062 CVSS 9.8 | A vulnerability was determined in Campcodes Online Learning Management System 1.0. This vulnerability affects unknown code of the file /admin/save_student.php.… |
| CVE-2025-11061 | CVE-2025-11061 CVSS 9.8 | A vulnerability was found in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/edit_student.php. Performing mani… |
| CVE-2025-11057 | CVE-2025-11057 CVSS 9.8 | A vulnerability has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/… |
| CVE-2025-11056 | CVE-2025-11056 CVSS 9.8 | A flaw has been found in ProjectsAndPrograms School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file owner_panel/f… |
| CVE-2025-11055 | CVE-2025-11055 CVSS 9.8 | A vulnerability was detected in SourceCodester Online Hotel Reservation System 1.0. Affected is an unknown function of the file /admin/updateaddress.php. The m… |
| CVE-2025-11053 | CVE-2025-11053 CVSS 9.8 | A weakness has been identified in PHPGurukul Small CRM 4.0. This affects an unknown function of the file /forgot-password.php. Executing manipulation of the ar… |
| CVE-2025-11052 | CVE-2025-11052 CVSS 9.8 | A security flaw has been discovered in kidaze CourseSelectionSystem 1.0/5.php. The impacted element is an unknown function of the file /Profilers/PriProfile/CO… |
| CVE-2025-11046 | CVE-2025-11046 CVSS 9.8 | A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. T… |
| CVE-2025-11040 | CVE-2025-11040 CVSS 9.8 | A vulnerability was detected in code-projects Hostel Management System 1.0. Affected by this issue is some unknown functionality of the file /justines/admin/mo… |
| CVE-2025-1104 | CVE-2025-1104 CVSS 9.8 | A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authent… |
| CVE-2025-11039 | CVE-2025-11039 CVSS 9.8 | A security vulnerability has been detected in Campcodes Computer Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of … |
| CVE-2025-11037 | CVE-2025-11037 CVSS 9.8 | A security flaw has been discovered in code-projects E-Commerce Website 1.0. This impacts an unknown function of the file /pages/admin_index_search.php. Perfor… |
| CVE-2025-11036 | CVE-2025-11036 CVSS 9.8 | A vulnerability was identified in code-projects E-Commerce Website 1.0. This affects an unknown function of the file /pages/admin_account_update.php. Such mani… |
| CVE-2025-11035 | CVE-2025-11035 CVSS 9.8 | A vulnerability was determined in Jinher OA 2.0. The impacted element is an unknown function of the file /c6/Jhsoft.Web.module/ToolBar/ManageWord.aspx/?text=Ge… |
| CVE-2025-11033 | CVE-2025-11033 CVSS 9.8 | A vulnerability has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Impacted is an unknown function of the file /Pro… |