31,594 indexed
CVECVE vulnerabilities
31,594 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 4,151–4,200 of 8,314 in Critical · page 84 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-5635 | CVE-2025-5635 CVSS 9.8 | A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The m… |
| CVE-2025-5634 | CVE-2025-5634 CVSS 9.8 | A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component NOOP Command Handler. The manipu… |
| CVE-2025-56333 | CVE-2025-56333 CVSS 9.8 | An issue in Fossorial fosrl/pangolin v.1.6.2 and before allows a remote attacker to escalate privileges via the 2FA component |
| CVE-2025-56332 | CVE-2025-56332 CVSS 9.1 | Authentication Bypass in fosrl/pangolin v1.6.2 and before allows attackers to access Pangolin resource via Insecure Default Configuration |
| CVE-2025-56316 | CVE-2025-56316 CVSS 9.8 | A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL q… |
| CVE-2025-5631 | CVE-2025-5631 CVSS 9.8 | A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknow… |
| CVE-2025-5630 | CVE-2025-5630 CVSS 9.8 | A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetu… |
| CVE-2025-5629 | CVE-2025-5629 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/S… |
| CVE-2025-56267 | CVE-2025-56267 CVSS 9.8 | A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel … |
| CVE-2025-56266 | CVE-2025-56266 CVSS 9.8 | A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. |
| CVE-2025-5626 | CVE-2025-5626 CVSS 9.8 | A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /ad… |
| CVE-2025-5625 | CVE-2025-5625 CVSS 9.8 | A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing o… |
| CVE-2025-5624 | CVE-2025-5624 CVSS 9.8 | A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /gofo… |
| CVE-2025-56231 | CVE-2025-56231 CVSS 9.1 | Tonec Internet Download Manager 6.42.41.1 and earlier suffers from Missing SSL Certificate Validation, which allows attackers to bypass update protections. |
| CVE-2025-5623 | CVE-2025-5623 CVSS 9.8 | A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClass… |
| CVE-2025-56221 | CVE-2025-56221 CVSS 9.8 | A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack. |
| CVE-2025-5622 | CVE-2025-5622 CVSS 9.8 | A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/w… |
| CVE-2025-56218 | CVE-2025-56218 CVSS 9.8 | An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. |
| CVE-2025-56214 | CVE-2025-56214 CVSS 9.8 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in index.php via the username parameter. |
| CVE-2025-56212 | CVE-2025-56212 CVSS 9.8 | phpgurukul Hospital Management System 4.0 is vulnerable to SQL Injection in add-doctor.php via the docname parameter. |
| CVE-2025-5621 | CVE-2025-5621 CVSS 9.8 | A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file… |
| CVE-2025-5620 | CVE-2025-5620 CVSS 9.8 | A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec… |
| CVE-2025-5619 | CVE-2025-5619 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/ad… |
| CVE-2025-5618 | CVE-2025-5618 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code of the file /admin/edi… |
| CVE-2025-5617 | CVE-2025-5617 CVSS 9.8 | A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-te… |
| CVE-2025-56157 | CVE-2025-56157 CVSS 9.8 | Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. NOTE: the Suppl… |
| CVE-2025-5613 | CVE-2025-5613 CVSS 9.8 | A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /re… |
| CVE-2025-5612 | CVE-2025-5612 CVSS 9.8 | A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /… |
| CVE-2025-56074 | CVE-2025-56074 CVSS 9.8 | A SQL Injection vulnerability was discovered in the foreigner-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulner… |
| CVE-2025-5606 | CVE-2025-5606 CVSS 9.8 | A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/… |
| CVE-2025-5604 | CVE-2025-5604 CVSS 9.8 | A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the f… |
| CVE-2025-5603 | CVE-2025-5603 CVSS 9.8 | A vulnerability has been found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionali… |
| CVE-2025-5602 | CVE-2025-5602 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Campcodes Hospital Management System 1.0. Affected is an unknown function of the file /admin/re… |
| CVE-2025-56005 | CVE-2025-56005 CVSS 9.8 | An undocumented and unsafe feature in the PLY (Python Lex-Yacc) library 3.11 allows Remote Code Execution (RCE) via the `picklefile` parameter in the `yacc()` … |
| CVE-2025-5600 | CVE-2025-5600 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of… |
| CVE-2025-5599 | CVE-2025-5599 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul Student Result Management System 1.3. This vulnerability affects unknown code of the file /editm… |
| CVE-2025-5596 | CVE-2025-5596 CVSS 9.8 | A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component REGET Command Handl… |
| CVE-2025-5595 | CVE-2025-5595 CVSS 9.8 | A vulnerability was found in FreeFloat FTP Server 1.0 and classified as critical. This issue affects some unknown processing of the component PROGRESS Command … |
| CVE-2025-5594 | CVE-2025-5594 CVSS 9.8 | A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component SET Command Han… |
| CVE-2025-5593 | CVE-2025-5593 CVSS 9.8 | A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component HOST Command Handler. T… |
| CVE-2025-5592 | CVE-2025-5592 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the comp… |
| CVE-2025-55895 | CVE-2025-55895 CVSS 9.1 | TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access Control. Attackers can … |
| CVE-2025-55853 | CVE-2025-55853 CVSS 9.1 | SoftVision webPDF before 10.0.2 is vulnerable to Server-Side Request Forgery (SSRF). The PDF converter function does not check if internal or external resource… |
| CVE-2025-55835 | CVE-2025-55835 CVSS 9.8 | File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering. |
| CVE-2025-5583 | CVE-2025-5583 CVSS 9.8 | A vulnerability classified as critical has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /register.php… |
| CVE-2025-5582 | CVE-2025-5582 CVSS 9.8 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file… |
| CVE-2025-5581 | CVE-2025-5581 CVSS 9.8 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file… |
| CVE-2025-5580 | CVE-2025-5580 CVSS 9.8 | A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been classified as critical. This affects an unknown part of the file /login.p… |
| CVE-2025-5579 | CVE-2025-5579 CVSS 9.8 | A vulnerability was found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this issue is some unknown functionality … |
| CVE-2025-5578 | CVE-2025-5578 CVSS 9.8 | A vulnerability has been found in PHPGurukul Dairy Farm Shop Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown fun… |