Critical vulnerabilities, curated daily for security professionals
đ¯ SSCV Profile
See how vulnerabilities affect your specific environment
CRS uses the System Security Context Vector (SSCV) Framework v1.0 to adjust CVSS scores based on your system's exposure level, network position, and business criticality. Learn more about SSCV Framework
Risk scores will be adjusted based on your selected environment
đ
Archived Security Brief
This curated brief highlights 34 critical vulnerabilities and 84 high-priority updates requiring immediate attention.
118 total vulnerabilities disclosed in last 24 hours
đĄ Tip: Swipe CVE cards left to â star, right to â remove
Section Navigation
â ī¸
CISA Known Exploited Vulnerabilities
â ī¸ CISA KEVURGENT
CVE-2025-47812
9.5đ
Wing FTP ServerWing FTP Server
â° Federal Deadline:August 3, 2025(4 days remaining)
Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-25257
9.5đ
FortinetFortiWeb
â° Federal Deadline:August 7, 2025(8 days remaining)
Fortinet FortiWeb SQL Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-2775
9.5
SysAidSysAid On-Prem
â° Federal Deadline:August 11, 2025(12 days remaining)
SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-2776
9.5
SysAidSysAid On-Prem
â° Federal Deadline:August 11, 2025(12 days remaining)
SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-6558
9.5đ
GoogleChromium
â° Federal Deadline:August 11, 2025(12 days remaining)
Google Chromium ANGLE and GPU Improper Input Validation Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-54309
9.5
CrushFTPCrushFTP
â° Federal Deadline:August 11, 2025(12 days remaining)
CrushFTP Unprotected Alternate Channel Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2023-2533
9.5
PaperCutNG/MF
â° Federal Deadline:August 17, 2025(18 days remaining)
PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-20337
9.5đ
CiscoIdentity Services Engine
â° Federal Deadline:August 17, 2025(18 days remaining)
Cisco Identity Services Engine Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
â ī¸ CISA KEV
CVE-2025-20281
9.5
CiscoIdentity Services Engine
â° Federal Deadline:August 17, 2025(18 days remaining)
Cisco Identity Services Engine Injection Vulnerability - Active in CISA KEV catalog.
CVSS Base9.5
â
CRSSelect profile
đ¨
Critical Vulnerabilities
CVE-2025-43233
9.8đ
This issue was addressed with improved accessMultiple Products
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app acting as a HTTPS proxy could get acce...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-31279
9.8đ
A permissions issue was addressed with additionalMultiple Products
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint t...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43184
9.8đ
This issue was addressed by adding an additional prompt for userMultiple Products
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.4. A shortcut may be able to bypass sensiti...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43186
9.8đ
The issue was addressed with improved memoryMultiple Products
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, visionOS 2.6, macOS Ventura 13...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43189
9.8đ
This issue was addressed with improved memoryMultiple Products
This issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to read kernel memory.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43192
9.8đ
A configuration issue was addressed with additionalMultiple Products
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-driven User Enrollment may still be possible with Lockdown Mod...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43193
9.8đ
The issue was addressed with improved memoryMultiple Products
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to cause a denial-of-service.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43194
9.8đ
The issue was addressed with improvedMultiple Products
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43198
9.8đ
This issue was addressed by removing the vulnerableMultiple Products
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43199
9.8đ
A permissions issue was addressed by removing the vulnerableMultiple Products
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app may be able to gain root privil...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43209
9.8đ
AnMultiple Products
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sonoma 14.7.7, watchOS 1...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43220
9.8đ
This issue was addressed with improved validation ofMultiple Products
This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protect...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43222
9.8đ
AMultiple Products
A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, iPadOS 17.7.9, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An attacker may be able to ca...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43232
9.8đ
A permissions issue was addressed with additionalMultiple Products
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to bypass certain Privacy prefe...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43234
9.8đ
Multiple memory corruption issues were addressed with improved inputMultiple Products
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing ...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43237
9.8đ
AnMultiple Products
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43243
9.8
A permissions issue was addressed with additionalMultiple Products
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to modify protected parts of th...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43244
9.8đ
A race condition was addressed with improved stateMultiple Products
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termina...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43245
9.8đ
A downgrade issue was addressed with additionalMultiple Products
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected ...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43253
9.8đ
This issue was addressed with improved inputMultiple Products
This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43261
9.8
A logic issue was addressed with improvedMultiple Products
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-43275
9.8đ
A race condition was addressed with additionalMultiple Products
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-31229
9.1
A logic issue was addressed with improvedMultiple Products
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.6 and iPadOS 18.6. Passcode may be read aloud by VoiceOver.
CVSS Base9.1
â
CRSSelect profile
CVE-2025-31281
9.1
An input validation issue was addressed with improved memoryMultiple Products
An input validation issue was addressed with improved memory handling. This issue is fixed in visionOS 2.6, tvOS 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6. Processing a maliciously crafted fi...
CVSS Base9.1
â
CRSSelect profile
CVE-2025-43273
9.1
A permissions issue was addressed with additional sandboxMultiple Products
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions.
CVSS Base9.1
â
CRSSelect profile
CVE-2025-54430
9.1đ
dedupe is a python library that uses machine learning to perform fuzzyMultiple Products
dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerabilit...
CVSS Base9.1
â
CRSSelect profile
CVE-2025-46811
9.8đ
A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with access to the websocket atMultiple Products
A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with access to the websocket at /rhn/websocket/minion/remote-commands to execute arbitrary commands as root.
...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-50578
9.8đ
UnknownMultiple Products
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically `X-Forwarded-Host` and `Referer`. An unauthenticated remote attacker can manipul...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-26062
9.8
An access control issue in IntelbrasMultiple Products
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the curren...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-8426
9.4
Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure andMultiple Products
Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability. This vulnerability allows remote attackers to disclose sensitive informatio...
CVSS Base9.4
â
CRSSelect profile
CVE-2025-54576
9.1
UnknownMultiple Products
OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. In versions 7.10.0 and b...
CVSS Base9.1
â
CRSSelect profile
CVE-2025-50475
9.8
An OS command injection vulnerability exists in RussoundMultiple Products
An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname...
CVSS Base9.8
â
CRSSelect profile
CVE-2025-26063
9.8
An issue in IntelbrasMultiple Products
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
CVSS Base9.8
â
CRSSelect profile
CVE-2025-8286
9.8
UnknownMultiple Products
GÃŧralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that
could allow an attacker to modify hardware configurations, manipulate
data, or factor...
CVSS Base9.8
â
CRSSelect profile
â ī¸
High Priority Updates
CVE-2025-8292
8.8đ
GoogleMultiple Products
Use after free in Media Stream in Google Chrome prior to 138
CVSS Base8.8
â
CRSSelect profile
CVE-2025-7847
8.8đ
WordPressMultiple Products
The AI Engine plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the rest_simpleFileUpload() function in versions 2
CVSS Base8.8
â
CRSSelect profile
CVE-2025-52203
7.6đ
storedMultiple Products
A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1
CVSS Base7.6
â
CRSSelect profile
CVE-2025-24853
7.5đ
carefullyMultiple Products
A carefully crafted request when creating a header link using the
wiki markup syntax, which could allow the attacker to execute javascript
in the victim's browser and get some sensitive information about the
victim
CVSS Base7.5
â
CRSSelect profile
CVE-2025-45769
7.3đ
UnknownMultiple Products
php-jwt v6
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8213
7.2đ
WordPressMultiple Products
The NinjaScanner â Virus & Malware scan plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'nscan_ajax_quarantine' and 'nscan_quarantine_select' functions in all versions up to, and including, 3
CVSS Base7.2
â
CRSSelect profile
CVE-2025-30105
8.8đ
DellMultiple Products
Dell XtremIO, version(s) 6
CVSS Base8.8
â
CRSSelect profile
CVE-2025-36611
7.3đ
DellMultiple Products
Dell Encryption and Dell Security Management Server, versions prior to 11
The e-School from Ventem has a Missing Authorization vulnerability, allowing remote attackers with regular privilege to access administrator functions, including creating, modifying, and deleting accounts
CVSS Base8.8
â
CRSSelect profile
CVE-2025-8323
8.8đ
theMultiple Products
The e-School from Ventem has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server
CVSS Base8.8
â
CRSSelect profile
CVE-2025-54581
7.5đ
proxyMultiple Products
vproxy is an HTTP/HTTPS/SOCKS5 proxy server
CVSS Base7.5
â
CRSSelect profile
CVE-2025-2813
7.5đ
unauthenticatedMultiple Products
An unauthenticated remote attacker can cause a Denial of Service by sending a large number of requests to the http service on port 80
CVSS Base7.5
â
CRSSelect profile
CVE-2025-41688
7.2đ
highMultiple Products
A high privileged remote attacker can execute arbitrary OS commands using an undocumented method allowing to escape the implemented LUA sandbox
CVSS Base7.2
â
CRSSelect profile
CVE-2025-54586
7.1đ
GitProxyMultiple Products
GitProxy is an application that stands between developers and a Git remote endpoint
CVSS Base7.1
â
CRSSelect profile
CVE-2025-31273
8.8
issueMultiple Products
The issue was addressed with improved memory handling
CVSS Base8.8
â
CRSSelect profile
CVE-2025-31277
8.8
issueMultiple Products
The issue was addressed with improved memory handling
CVSS Base8.8
â
CRSSelect profile
CVE-2025-31278
8.8
issueMultiple Products
The issue was addressed with improved memory handling
CVSS Base8.8
â
CRSSelect profile
CVE-2025-43270
8.8
accessMultiple Products
An access issue was addressed with additional sandbox restrictions
CVSS Base8.8
â
CRSSelect profile
CVE-2025-26332
8.8
TechAdvisorMultiple Products
TechAdvisor versions 2
CVSS Base8.8
â
CRSSelect profile
CVE-2025-53558
8.8
UnknownMultiple Products
ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K
CVSS Base8.8
â
CRSSelect profile
CVE-2025-50572
8.8
RSAMultiple Products
An issue was discovered in Archer Technology RSA Archer 6
CVSS Base8.8
â
CRSSelect profile
CVE-2025-53022
8.6
UnknownMultiple Products
TrustedFirmware-M (aka Trusted Firmware for M profile Arm CPUs) before 2
CVSS Base8.6
â
CRSSelect profile
CVE-2025-50850
8.6
issueMultiple Products
An issue was discovered in CS Cart 4
CVSS Base8.6
â
CRSSelect profile
CVE-2025-0712
7
uncontrolledMultiple Products
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions
CVSS Base7
â
CRSSelect profile
CVE-2025-25011
7
uncontrolledMultiple Products
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions
CVSS Base7
â
CRSSelect profile
CVE-2025-4421
8.2
wasMultiple Products
The vulnerability was identified in the code developed specifically for Lenovo
CVSS Base8.2
â
CRSSelect profile
CVE-2025-4422
8.2
wasMultiple Products
The vulnerability was identified in the code developed specifically for Lenovo
CVSS Base8.2
â
CRSSelect profile
CVE-2025-4423
8.2
wasMultiple Products
The vulnerability was identified in the code developed specifically for Lenovo
CVSS Base8.2
â
CRSSelect profile
CVE-2025-4425
8.2
wasMultiple Products
The vulnerability was identified in the code developed specifically for Lenovo
CVSS Base8.2
â
CRSSelect profile
CVE-2025-52187
8.2
ManagementMultiple Products
GetProjectsIdea Create School Management System 1
CVSS Base8.2
â
CRSSelect profile
CVE-2025-45620
8.1
issueMultiple Products
An issue in Aver PTC310UV2 v
CVSS Base8.1
â
CRSSelect profile
CVE-2024-48916
8.1
CephMultiple Products
Ceph is a distributed object, block, and file storage platform
CVSS Base8.1
â
CRSSelect profile
CVE-2025-50849
8
CartMultiple Products
CS Cart 4
CVSS Base8
â
CRSSelect profile
CVE-2025-52289
8
MagnusBilling AMultiple Products
A Broken Access Control vulnerability in MagnusBilling v7
CVSS Base8
â
CRSSelect profile
CVE-2025-24119
7.8
ThisMultiple Products
This issue was addressed through improved state management
CVSS Base7.8
â
CRSSelect profile
CVE-2025-31243
7.8
permissionsMultiple Products
A permissions issue was addressed with additional restrictions
CVSS Base7.8
â
CRSSelect profile
CVE-2025-31280
7.8
memoryMultiple Products
A memory corruption issue was addressed with improved validation
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43188
7.8
permissionsMultiple Products
A permissions issue was addressed with additional restrictions
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43196
7.8
pathMultiple Products
A path handling issue was addressed with improved validation
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43248
7.8
logicMultiple Products
A logic issue was addressed with improved restrictions
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43249
7.8
logicMultiple Products
A logic issue was addressed with improved checks
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43256
7.8
ThisMultiple Products
This issue was addressed through improved state management
CVSS Base7.8
â
CRSSelect profile
CVE-2025-43277
7.8
issueMultiple Products
The issue was addressed with improved memory handling
CVSS Base7.8
â
CRSSelect profile
CVE-2025-50777
7.8
theMultiple Products
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1
CVSS Base7.8
â
CRSSelect profile
CVE-2025-53944
7.7
AutoGPTMultiple Products
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents
CVSS Base7.7
â
CRSSelect profile
CVE-2025-51503
7.6
Microweber CMSMultiple Products
A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2
CVSS Base7.6
â
CRSSelect profile
CVE-2025-24224
7.5
issueMultiple Products
The issue was addressed with improved checks
CVSS Base7.5
â
CRSSelect profile
CVE-2025-43223
7.5
AMultiple Products
A denial-of-service issue was addressed with improved input validation
CVSS Base7.5
â
CRSSelect profile
CVE-2025-43227
7.5
ThisMultiple Products
This issue was addressed through improved state management
CVSS Base7.5
â
CRSSelect profile
CVE-2025-8326
7.3
FormMultiple Products
A vulnerability classified as critical has been found in code-projects Exam Form Submission 1
CVSS Base7.3
â
CRSSelect profile
CVE-2024-45955
7.3
RocketMultiple Products
Rocket Software Rocket Zena 4
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8327
7.3
FormMultiple Products
A vulnerability classified as critical was found in code-projects Exam Form Submission 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8328
7.3
FormMultiple Products
A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8329
7.3
VehicleMultiple Products
A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8330
7.3
VehicleMultiple Products
A vulnerability has been found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8331
7.3
FarmMultiple Products
A vulnerability was found in code-projects Online Farm System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8332
7.3
FarmMultiple Products
A vulnerability was found in code-projects Online Farm System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8333
7.3
FarmMultiple Products
A vulnerability was found in code-projects Online Farm System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8334
7.3
ManagementMultiple Products
A vulnerability was found in Campcodes Online Recruitment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8336
7.3
ManagementMultiple Products
A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8338
7.3
AdmissionMultiple Products
A vulnerability was found in projectworlds Online Admission System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8339
7.3
ManagementMultiple Products
A vulnerability was found in code-projects Intern Membership Management System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8348
7.3
CloudMultiple Products
A vulnerability has been found in Kehua Charging Pile Cloud Platform 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8371
7.3
FormMultiple Products
A vulnerability has been found in code-projects Exam Form Submission 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8372
7.3
FormMultiple Products
A vulnerability was found in code-projects Exam Form Submission 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8373
7.3
VehicleMultiple Products
A vulnerability was found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8374
7.3
VehicleMultiple Products
A vulnerability was found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8375
7.3
VehicleMultiple Products
A vulnerability was found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8376
7.3
VehicleMultiple Products
A vulnerability classified as critical has been found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8378
7.3
ReservationMultiple Products
A vulnerability was found in Campcodes Online Hotel Reservation System 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8407
7.3
VehicleMultiple Products
A vulnerability, which was classified as critical, has been found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8408
7.3
VehicleMultiple Products
A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-29556
7.3
ExaGridMultiple Products
ExaGrid EX10 6
CVSS Base7.3
â
CRSSelect profile
CVE-2025-8409
7.3
VehicleMultiple Products
A vulnerability has been found in code-projects Vehicle Management 1
CVSS Base7.3
â
CRSSelect profile
CVE-2025-26064
7.3
IntelbrasMultiple Products
A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2
CVSS Base7.3
â
CRSSelect profile
CVE-2025-46359
7.2
pathMultiple Products
A path traversal issue exists in backup and restore feature of multiple versions of PowerCMS
CVSS Base7.2
â
CRSSelect profile
CVE-2025-43221
7.1
AnMultiple Products
An out-of-bounds access issue was addressed with improved bounds checking
CVSS Base7.1
â
CRSSelect profile
CVE-2025-43224
7.1
AnMultiple Products
An out-of-bounds access issue was addressed with improved bounds checking
CVSS Base7.1
â
CRSSelect profile
CVE-2025-43239
7.1
AnMultiple Products
An out-of-bounds access issue was addressed with improved bounds checking
CVSS Base7.1
â
CRSSelect profile
CVE-2025-43254
7.1
AnMultiple Products
An out-of-bounds read was addressed with improved input validation
CVSS Base7.1
â
CRSSelect profile
CVE-2025-8312
7.1
DevolutionsMultiple Products
Deadlock in PAM automatic check-in feature in Devolutions Server allows a password to remain valid beyond the end of its intended check-out period due to a deadlock occurring in the scheduling service