32,086 indexed
CVECVE vulnerabilities
32,086 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 4,451–4,500 of 8,314 in Critical · page 90 of 167
| ID | Title | Summary |
|---|---|---|
| CVE-2025-5386 | CVE-2025-5386 CVSS 9.8 | A vulnerability was found in JeeWMS up to 20250504. It has been rated as critical. This issue affects the function transEditor of the file /cgformTransControll… |
| CVE-2025-53853 | CVE-2025-53853 CVSS 9.8 | A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A spec… |
| CVE-2025-5385 | CVE-2025-5385 CVSS 9.8 | A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplate… |
| CVE-2025-5384 | CVE-2025-5384 CVSS 9.8 | A vulnerability was found in JeeWMS up to 20250504. It has been classified as critical. This affects the function CgAutoListController of the file /cgAutoListC… |
| CVE-2025-53835 | CVE-2025-53835 CVSS 9.0 | XWiki Rendering is a generic rendering system that converts textual input in a given syntax (wiki syntax, HTML, etc) into another syntax (XHTML, etc). Starting… |
| CVE-2025-53833 | CVE-2025-53833 CVSS 10.0 | LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side … |
| CVE-2025-53826 | CVE-2025-53826 CVSS 9.8 | File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version … |
| CVE-2025-53825 | CVE-2025-53825 CVSS 9.8 | Dokploy is a free, self-hostable Platform as a Service (PaaS). Prior to version 0.24.3, an unauthenticated preview deployment vulnerability in Dokploy allows a… |
| CVE-2025-53795 | CVE-2025-53795 CVSS 9.8 | Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network. |
| CVE-2025-53792 | CVE-2025-53792 CVSS 9.1 | Azure Portal Elevation of Privilege Vulnerability |
| CVE-2025-53770 | Microsoft SharePoint Deserialization of Untrusted Data Vulnerability KEVCVSS 9.8Microsoft | Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code ov… |
| CVE-2025-53767 | CVE-2025-53767 CVSS 10.0 | Azure OpenAI Elevation of Privilege Vulnerability |
| CVE-2025-53766 | CVE-2025-53766 CVSS 9.8 | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. |
| CVE-2025-53763 | CVE-2025-53763 CVSS 9.8 | Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. |
| CVE-2025-53762 | CVE-2025-53762 CVSS 9.9 | Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network. |
| CVE-2025-5376 | CVE-2025-5376 CVSS 9.8 | A vulnerability was found in SourceCodester Health Center Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerabilit… |
| CVE-2025-5371 | CVE-2025-5371 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in SourceCodester Health Center Patient Record Management System 1.0. Affected by this issue … |
| CVE-2025-5370 | CVE-2025-5370 CVSS 9.8 | A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/f… |
| CVE-2025-53693 | CVE-2025-53693 CVSS 9.8 | Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experie… |
| CVE-2025-53690 | Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability KEVCVSS 9.0Sitecore | Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud contain a deserialization of untrusted data vulnerabili… |
| CVE-2025-5369 | CVE-2025-5369 CVSS 9.8 | A vulnerability classified as critical has been found in SourceCodester PHP Display Username After Login 1.0. Affected is an unknown function of the file /logi… |
| CVE-2025-5367 | CVE-2025-5367 CVSS 9.8 | A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the fi… |
| CVE-2025-5365 | CVE-2025-5365 CVSS 9.8 | A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file /adm… |
| CVE-2025-53644 | CVE-2025-53644 CVSS 9.8 | OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap bu… |
| CVE-2025-5364 | CVE-2025-5364 CVSS 9.8 | A vulnerability was found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality o… |
| CVE-2025-53639 | CVE-2025-53639 CVSS 9.8 | MeterSphere is an open source continuous testing platform. Prior to version 3.6.5-lts, the sortField parameter in certain API endpoints is not properly validat… |
| CVE-2025-53633 | CVE-2025-53633 CVSS 9.8 | Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the size of the deco… |
| CVE-2025-53632 | CVE-2025-53632 CVSS 9.1 | Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the path of the file… |
| CVE-2025-5363 | CVE-2025-5363 CVSS 9.8 | A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown func… |
| CVE-2025-53624 | CVE-2025-53624 CVSS 10.0 | The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions pri… |
| CVE-2025-5362 | CVE-2025-5362 CVSS 9.8 | A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /a… |
| CVE-2025-53619 | CVE-2025-53619 CVSS 9.1 | An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead t… |
| CVE-2025-53618 | CVE-2025-53618 CVSS 9.1 | An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead t… |
| CVE-2025-5361 | CVE-2025-5361 CVSS 9.8 | A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. This issue affects some unknown processin… |
| CVE-2025-53606 | CVE-2025-53606 CVSS 9.8 | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to u… |
| CVE-2025-5360 | CVE-2025-5360 CVSS 9.8 | A vulnerability classified as critical was found in Campcodes Online Hospital Management System 1.0. This vulnerability affects unknown code of the file /book-… |
| CVE-2025-53599 | CVE-2025-53599 CVSS 9.8 | Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme. |
| CVE-2025-5359 | CVE-2025-5359 CVSS 9.8 | A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /appointment… |
| CVE-2025-53580 | CVE-2025-53580 CVSS 9.8 | Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue… |
| CVE-2025-5358 | CVE-2025-5358 CVSS 9.8 | A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown funct… |
| CVE-2025-53577 | CVE-2025-53577 CVSS 10.0 | Improper Control of Generation of Code ('Code Injection') vulnerability in thehp Global DNS global-dns allows Remote Code Inclusion.This issue affects Global D… |
| CVE-2025-5357 | CVE-2025-5357 CVSS 9.8 | A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the comp… |
| CVE-2025-5356 | CVE-2025-5356 CVSS 9.8 | A vulnerability was found in FreeFloat FTP Server 1.0. It has been classified as critical. Affected is an unknown function of the component BYE Command Handler… |
| CVE-2025-53557 | CVE-2025-53557 CVSS 9.8 | A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A speci… |
| CVE-2025-53546 | CVE-2025-53546 CVSS 9.1 | Folo organizes feeds content into one timeline. Using pull_request_target on .github/workflows/auto-fix-lint-format-commit.yml can be exploited by attackers, s… |
| CVE-2025-53529 | CVE-2025-53529 CVSS 9.8 | WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php endpoint. Th… |
| CVE-2025-53527 | CVE-2025-53527 CVSS 9.8 | WeGIA is a web manager for charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in the almox parameter of the /controle/relat… |
| CVE-2025-53521 | F5 BIG-IP Stack-Based Buffer Overflow Vulnerability KEVCVSS 9.8F5 | F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution. |
| CVE-2025-5352 | CVE-2025-5352 CVSS 9.6 | A critical stored Cross-Site Scripting (XSS) vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXT_PUBLIC_C… |
| CVE-2025-53518 | CVE-2025-53518 CVSS 9.8 | An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially craft… |