33,897 indexed
CVECVE vulnerabilities
33,897 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 8,301–8,314 of 8,314 in Critical · page 167 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-0181 | CVE-2025-0181 CVSS 9.8 | The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.8. This is due to the… |
| CVE-2025-0180 | CVE-2025-0180 CVSS 9.8 | The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 4.7. This is due to the plugin not properly … |
| CVE-2025-0177 | CVE-2025-0177 CVSS 9.8 | The Javo Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.0.0.080. This is due to the plugin allowing us… |
| CVE-2025-0165 | CVE-2025-0165 CVSS 9.8 | IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data 4.8.4, 4.8.5, and 5.0.0 through 5.2.0 is vulnerable to SQL injection. A remote attacker could send… |
| CVE-2025-0160 | CVE-2025-0160 CVSS 9.8 | IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5,… |
| CVE-2025-0159 | CVE-2025-0159 CVSS 9.1 | IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5,… |
| CVE-2025-0147 | CVE-2025-0147 CVSS 9.8 | Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. |
| CVE-2025-0108 | Palo Alto Networks PAN-OS Authentication Bypass Vulnerability KEVCVSS 9.1Palo Alto Networks | Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacke… |
| CVE-2025-0107 | CVE-2025-0107 CVSS 9.8 | An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in… |
| CVE-2025-0105 | CVE-2025-0105 CVSS 9.1 | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-d… |
| CVE-2025-0075 | CVE-2025-0075 CVSS 9.8 | In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code … |
| CVE-2025-0074 | CVE-2025-0074 CVSS 9.8 | In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code exec… |
| CVE-2025-0070 | CVE-2025-0070 CVSS 9.9 | SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper… |
| CVE-2025-0061 | CVE-2025-0061 CVSS 9.1 | SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform session hijacking over the network without any user interactio… |