31,594 indexed
CVECVE vulnerabilities
31,594 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 2,751–2,800 of 8,314 in Critical · page 56 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-8699 | CVE-2025-8699 CVSS 9.1 | Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers could potentially use this vulnerability to change the balance … |
| CVE-2025-8679 | CVE-2025-8679 CVSS 9.8 | In ExtremeGuest Essentials before 25.5.0, captive-portal may permit unauthorized access via manual brute-force procedure. Under certain ExtremeGuest Essentials… |
| CVE-2025-8668 | CVE-2025-8668 CVSS 9.4 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in E-Kalite Software Hardware Engineering Design and … |
| CVE-2025-8660 | CVE-2025-8660 CVSS 9.8 | Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed. |
| CVE-2025-8625 | CVE-2025-8625 CVSS 9.8 | The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreap_handle_image() Function in versions 1.1 to 1.2. The plugin fall… |
| CVE-2025-8611 | CVE-2025-8611 CVSS 9.8 | AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbi… |
| CVE-2025-8610 | CVE-2025-8610 CVSS 9.8 | AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbi… |
| CVE-2025-8587 | CVE-2025-8587 CVSS 8.6akceyazilim | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AKCE Software Technology R&D Industry and Trade Inc. SKSP… |
| CVE-2025-8572 | CVE-2025-8572 CVSS 9.8 | The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validatio… |
| CVE-2025-8570 | CVE-2025-8570 CVSS 9.8 | The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determin… |
| CVE-2025-8535 | CVE-2025-8535 CVSS 9.0 | A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the … |
| CVE-2025-8526 | CVE-2025-8526 CVSS 9.8 | A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the function Upload of the file xboot-fast/… |
| CVE-2025-8504 | CVE-2025-8504 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.… |
| CVE-2025-8503 | CVE-2025-8503 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Online Medicine Guide 1.0. Affected by this issue is some unknown functional… |
| CVE-2025-8502 | CVE-2025-8502 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Online Medicine Guide 1.0. Affected by this vulnerability is an unknown functionality of the … |
| CVE-2025-8499 | CVE-2025-8499 CVSS 9.8 | A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cu… |
| CVE-2025-8498 | CVE-2025-8498 CVSS 9.8 | A security vulnerability has been detected in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /cart/index.php. Suc… |
| CVE-2025-8497 | CVE-2025-8497 CVSS 9.8 | A weakness has been identified in code-projects Online Medicine Guide 1.0. This affects an unknown part of the file /cusfindphar2.php. This manipulation of the… |
| CVE-2025-8496 | CVE-2025-8496 CVSS 9.8 | A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functional… |
| CVE-2025-8495 | CVE-2025-8495 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the f… |
| CVE-2025-8494 | CVE-2025-8494 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown pro… |
| CVE-2025-8493 | CVE-2025-8493 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file … |
| CVE-2025-8489 | CVE-2025-8489 CVSS 9.8 | The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in ver… |
| CVE-2025-8471 | CVE-2025-8471 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some unknown processing of t… |
| CVE-2025-8470 | CVE-2025-8470 CVSS 9.8 | A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /ad… |
| CVE-2025-8469 | CVE-2025-8469 CVSS 9.8 | A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/de… |
| CVE-2025-8468 | CVE-2025-8468 CVSS 9.8 | A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /… |
| CVE-2025-8467 | CVE-2025-8467 CVSS 9.8 | A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of t… |
| CVE-2025-8466 | CVE-2025-8466 CVSS 9.8 | A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_pass… |
| CVE-2025-8454 | CVE-2025-8454 CVSS 9.8 | It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the l… |
| CVE-2025-8443 | CVE-2025-8443 CVSS 9.8 | A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the fi… |
| CVE-2025-8442 | CVE-2025-8442 CVSS 9.8 | A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionalit… |
| CVE-2025-8441 | CVE-2025-8441 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /pharsignu… |
| CVE-2025-8439 | CVE-2025-8439 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /c… |
| CVE-2025-8438 | CVE-2025-8438 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpubli… |
| CVE-2025-8437 | CVE-2025-8437 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. Th… |
| CVE-2025-8436 | CVE-2025-8436 CVSS 9.8 | A vulnerability was found in projectworlds Online Admission System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of … |
| CVE-2025-8431 | CVE-2025-8431 CVSS 9.8 | A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add… |
| CVE-2025-8426 | CVE-2025-8426 CVSS 9.4 | Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability. This vulnerability allows remote a… |
| CVE-2025-8409 | CVE-2025-8409 CVSS 9.8 | A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality o… |
| CVE-2025-8408 | CVE-2025-8408 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /filter1.php.… |
| CVE-2025-8407 | CVE-2025-8407 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Vehicle Management 1.0. This issue affects some unknown processing of the fi… |
| CVE-2025-8378 | CVE-2025-8378 CVSS 9.8 | A vulnerability was found in Campcodes Online Hotel Reservation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality… |
| CVE-2025-8376 | CVE-2025-8376 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /updatebal.php. The … |
| CVE-2025-8375 | CVE-2025-8375 CVSS 9.8 | A vulnerability was found in code-projects Vehicle Management 1.0. It has been rated as critical. This issue affects some unknown processing of the file /addve… |
| CVE-2025-8374 | CVE-2025-8374 CVSS 9.8 | A vulnerability was found in code-projects Vehicle Management 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /addco… |
| CVE-2025-8373 | CVE-2025-8373 CVSS 9.8 | A vulnerability was found in code-projects Vehicle Management 1.0. It has been classified as critical. This affects an unknown part of the file /print.php. The… |
| CVE-2025-8372 | CVE-2025-8372 CVSS 9.8 | A vulnerability was found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this issue is some unknown functionality of the fil… |
| CVE-2025-8371 | CVE-2025-8371 CVSS 9.8 | A vulnerability has been found in code-projects Exam Form Submission 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality… |
| CVE-2025-8359 | CVE-2025-8359 CVSS 9.8 | The AdForest theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 6.0.9. This is due to the plugin not properly ver… |