31,594 indexed
CVECVE vulnerabilities
31,594 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 2,901–2,950 of 8,314 in Critical · page 59 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-7860 | CVE-2025-7860 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of th… |
| CVE-2025-7859 | CVE-2025-7859 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/upda… |
| CVE-2025-7852 | CVE-2025-7852 CVSS 9.8 | The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image_upload_handle() function hooked via … |
| CVE-2025-7851 | CVE-2025-7851 CVSS 9.8 | An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways. |
| CVE-2025-7838 | CVE-2025-7838 CVSS 9.8 | A vulnerability has been found in Campcodes Online Movie Theater Seat Reservation System 1.0 and classified as critical. This vulnerability affects unknown cod… |
| CVE-2025-7833 | CVE-2025-7833 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of th… |
| CVE-2025-7832 | CVE-2025-7832 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Church Donation System 1.0. This vulnerability affects unknown code of the file /members/offe… |
| CVE-2025-7831 | CVE-2025-7831 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Church Donation System 1.0. This affects an unknown part of the file /members/Tithes.php… |
| CVE-2025-7830 | CVE-2025-7830 CVSS 9.8 | A vulnerability was found in code-projects Church Donation System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of t… |
| CVE-2025-7829 | CVE-2025-7829 CVSS 9.8 | A vulnerability was found in code-projects Church Donation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functiona… |
| CVE-2025-7824 | CVE-2025-7824 CVSS 9.8 | A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects some unknown processing of the file XmlHttp.aspx. The manipula… |
| CVE-2025-7823 | CVE-2025-7823 CVSS 9.8 | A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This vulnerability affects unknown code of the file ProjectScheduleDelete.aspx… |
| CVE-2025-7814 | CVE-2025-7814 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Food Ordering Review System 1.0. This vulnerability affects unknown code of the file /pages/s… |
| CVE-2025-7778 | CVE-2025-7778 CVSS 9.8 | The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delet… |
| CVE-2025-7776 | CVE-2025-7776 CVSS 9.8 | Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is con… |
| CVE-2025-7775 | Citrix NetScaler Memory Overflow Vulnerability KEVCVSS 9.8Citrix | Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service. |
| CVE-2025-7765 | CVE-2025-7765 CVSS 9.8 | A vulnerability classified as critical was found in code-projects Online Appointment Booking System 1.0. Affected by this vulnerability is an unknown functiona… |
| CVE-2025-7764 | CVE-2025-7764 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admi… |
| CVE-2025-7757 | CVE-2025-7757 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul Land Record System 1.0. Affected by this vulnerability is an unknown functionality of the file /… |
| CVE-2025-7753 | CVE-2025-7753 CVSS 9.8 | A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been classified as critical. This affects an unknown part of the file … |
| CVE-2025-7752 | CVE-2025-7752 CVSS 9.8 | A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionali… |
| CVE-2025-7751 | CVE-2025-7751 CVSS 9.8 | A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown … |
| CVE-2025-7750 | CVE-2025-7750 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the fil… |
| CVE-2025-7749 | CVE-2025-7749 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Online Appointment Booking System 1.0. This issue affects some unknown proce… |
| CVE-2025-7744 | CVE-2025-7744 CVSS 9.8dolusoft | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dolusoft Omaspot allows SQL Injection. This issue affect… |
| CVE-2025-7743 | CVE-2025-7743 CVSS 9.6dolusoft | Cleartext Transmission of Sensitive Information vulnerability in Dolusoft Omaspot allows Interception, Privilege Escalation. This issue affects Omaspot: befor… |
| CVE-2025-7721 | CVE-2025-7721 CVSS 9.8 | The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and includ… |
| CVE-2025-7714 | CVE-2025-7714 CVSS 7.5globalmedya | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Global Interactive Design Media Software Inc. Content Man… |
| CVE-2025-7712 | CVE-2025-7712 CVSS 9.1 | The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip() function … |
| CVE-2025-7710 | CVE-2025-7710 CVSS 9.8 | The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the p… |
| CVE-2025-7697 | CVE-2025-7697 CVSS 9.8 | The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all version… |
| CVE-2025-7696 | CVE-2025-7696 CVSS 9.8 | The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up… |
| CVE-2025-7673 | CVE-2025-7673 CVSS 9.8 | A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unau… |
| CVE-2025-7659 | CVE-2025-7659 CVSS 9.1 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allow… |
| CVE-2025-7643 | CVE-2025-7643 CVSS 9.1 | The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the handle_actions() function … |
| CVE-2025-7642 | CVE-2025-7642 CVSS 9.8 | The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7.0 to 1.1.9. This is due to the plugin not properly verifying a… |
| CVE-2025-7634 | CVE-2025-7634 CVSS 9.8 | The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and inclu… |
| CVE-2025-7627 | CVE-2025-7627 CVSS 9.8 | A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue … |
| CVE-2025-7624 | CVE-2025-7624 CVSS 9.8 | An SQL injection vulnerability in the legacy (transparent) SMTP proxy of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to remote code executio… |
| CVE-2025-7612 | CVE-2025-7612 CVSS 9.8 | A vulnerability was found in code-projects Mobile Shop 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /login.php. T… |
| CVE-2025-7611 | CVE-2025-7611 CVSS 9.8 | A vulnerability was found in code-projects Wedding Reservation 1.0. It has been classified as critical. This affects an unknown part of the file /global.php. T… |
| CVE-2025-7610 | CVE-2025-7610 CVSS 9.8 | A vulnerability was found in code-projects Electricity Billing System 1.0 and classified as critical. Affected by this issue is some unknown functionality of t… |
| CVE-2025-7609 | CVE-2025-7609 CVSS 9.8 | A vulnerability has been found in code-projects Simple Shopping Cart 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality… |
| CVE-2025-7608 | CVE-2025-7608 CVSS 9.8 | A vulnerability, which was classified as critical, was found in code-projects Simple Shopping Cart 1.0. Affected is an unknown function of the file /userlogin.… |
| CVE-2025-7607 | CVE-2025-7607 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in code-projects Simple Shopping Cart 1.0. This issue affects some unknown processing of the … |
| CVE-2025-7606 | CVE-2025-7606 CVSS 9.8 | A vulnerability classified as critical has been found in code-projects AVL Rooms 1.0. This affects an unknown part of the file /city.php. The manipulation of t… |
| CVE-2025-7605 | CVE-2025-7605 CVSS 9.8 | A vulnerability was found in code-projects AVL Rooms 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /prof… |
| CVE-2025-7604 | CVE-2025-7604 CVSS 9.8 | A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown function… |
| CVE-2025-7595 | CVE-2025-7595 CVSS 9.8 | A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. … |
| CVE-2025-7594 | CVE-2025-7594 CVSS 9.8 | A vulnerability was found in code-projects Job Diary 1.0. It has been classified as critical. This affects an unknown part of the file /view-emp.php. The manip… |