17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 9501-9550 of 17282 CVEs Page 191 of 346
CVE-2025-67172
7.2
RiteCMS Multiple Products

RiteCMS v3

2025-12-18
CVE-2025-67171
7.5
Unknown Multiple Products

Incorrect access control in the /templates/ component of RiteCMS v3

2025-12-18
CVE-2025-67165
Analyzed
9.8
Unknown Multiple Products

An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.

2025-12-18
CVE-2025-67164
Analyzed
9.9
HP Multiple Products

An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary co...

2025-12-18
CVE-2025-6715
Analyzed
9.8
HP Multiple Products

The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to...

2025-08-13
CVE-2025-67147
Analyzed
9.8
HP Multiple Products

Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in (1)...

2026-01-13
CVE-2025-67146
Analyzed
9.4
HP Multiple Products

Multiple SQL Injection vulnerabilities exist in AbhishekMali21 GYM-MANAGEMENT-SYSTEM 1.0 via the 'name' parameter in (1) member_search.php, (2) traine...

2026-01-13
CVE-2025-67133
7.5
Unknown Multiple Products

An issue in Hero Motocorp Vida V1 Pro 2

2026-01-10
CVE-2025-6713
Analyzed
7.7
MongoDB Multiple Products

An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the...

2025-07-07
CVE-2025-67109
Analyzed
10
Unknown Multiple Products

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands...

2025-12-24
CVE-2025-67108
Analyzed
10
Intel Multiple Products

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

2025-12-24
CVE-2025-67089
8.1
Unknown Multiple Products

A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4

2026-01-09
CVE-2025-67079
Analyzed
9.8
Unknown Multiple Products

File upload vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute code through the MSL engine of the Imagick library via...

2026-01-16
CVE-2025-67077
8.8
Omnispace Agora Multiple Products

File upload vulnerability in Omnispace Agora Project before 25

2026-01-17
CVE-2025-67076
7.5
Omnispace Agora Multiple Products

Directory traversal vulnerability in Omnispace Agora Project before 25

2026-01-16
CVE-2025-67073
Analyzed
9.8
Tenda Multiple Products

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of...

2025-12-18
CVE-2025-67070
8.2
Intel Multiple Products

A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2

2026-01-10
CVE-2025-67041
Analyzed
9.8
Lantronix EDS3000PS

The Lantronix EDS3000PS Filesystem Browser page contains a command injection vulnerability in the TFTP client host parameter, allowing root-level arbi...

2026-03-12
CVE-2025-6704
Analyzed
9.8
Unknown Multiple Products

An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos Firewall versions older than 21.0 MR2 (21.0.2) can lead to...

2025-07-22
CVE-2025-67038
KEV Analyzed
9.5
Lantronix EDS5000

The Lantronix EDS5000 contains a code injection vulnerability that is currently being actively exploited in the wild.

2026-06-24
CVE-2025-67037
8.8
Unknown Multiple Products

An issue was discovered in Lantronix EDS5000 2

2026-03-13
CVE-2025-67036
8.8
Unknown Multiple Products

An issue was discovered in Lantronix EDS5000 2

2026-03-13
CVE-2025-67034
8.8
Unknown Multiple Products

An issue was discovered in Lantronix EDS5000 2

2026-03-13
CVE-2025-67015
Analyzed
7.5
Unknown Multiple Products

Incorrect access control in Comtech EF Data CDM-625 / CDM-625A Advanced Satellite Modem with firmware v2

2025-12-27
CVE-2025-67014
Analyzed
7.5
GmbH Multiple Products

Incorrect access control in DEV Systemtechnik GmbH DEV 7113 RF over Fiber Distribution System 32-0078 H

2025-12-27
CVE-2025-66960
7.5
Unknown Multiple Products

An issue in ollama v

2026-01-23
CVE-2025-66959
7.5
Unknown Multiple Products

An issue in ollama v

2026-01-23
CVE-2025-66956
Analyzed
9.9
Insecure Access SEE Live 2.0

Asseco SEE Live 2.0 contains insecure access control in its communication components, allowing remote attackers to access and execute attachments via...

2026-03-12
CVE-2025-66953
8.8
Unknown Multiple Products

CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v

2025-12-19
CVE-2025-66923
7.2
Unknown Multiple Products

A Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3

2025-12-18
CVE-2025-66921
7.2
Unknown Multiple Products

A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3

2025-12-18
CVE-2025-66918
8.8
Unknown Multiple Products

edoc-doctor-appointment-system v1

2025-12-12
CVE-2025-66916
Analyzed
9.4
Unknown Multiple Products

The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and earlier, interface /snail-job/workflow/check-node-expression can execute QLExpress express...

2026-01-09
CVE-2025-66913
Analyzed
9.8
JimuReport thru version Multiple Products

JimuReport thru version 2.1.3 is vulnerable to remote code execution when processing user-controlled H2 JDBC URLs. The application passes the attacker...

2026-01-09
CVE-2025-6691
Analyzed
8.1
WordPress Multiple Products

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path v...

2025-07-10
CVE-2025-66909
7.5
Turms Multiple Products

Turms AI-Serving module v0

2025-12-20
CVE-2025-66905
7.5
Unknown Multiple Products

The Takes web framework's TkFiles take thru 2

2025-12-20
CVE-2025-66902
7.5
Unknown Multiple Products

An input validation issue in in Pithikos websocket-server v

2026-01-22
CVE-2025-66877
7.5
Unknown Multiple Products

Buffer overflow vulnerability in function dcputchar in decompile

2025-12-31
CVE-2025-66869
7.5
Unknown Multiple Products

Buffer overflow vulnerability in function strcat in asan_interceptors

2025-12-31
CVE-2025-66865
7.5
Unknown Multiple Products

An issue was discovered in function d_print_comp_inner in file cp-demangle

2025-12-31
CVE-2025-66863
7.5
Unknown Multiple Products

An issue was discovered in function d_discriminator in file cp-demangle

2025-12-31
CVE-2025-66862
7.5
Unknown Multiple Products

A buffer overflow vulnerability in function gnu_special in file cplus-dem

2025-12-31
CVE-2025-6685
8.8
ATEN Multiple Products

ATEN eco DC Missing Authorization Privilege Escalation Vulnerability

2025-09-02
CVE-2025-66802
Analyzed
9.8
HP Multiple Products

Sourcecodester Covid-19 Contact Tracing System 1.0 is vulnerable to RCE (Remote Code Execution). The application receives a reverse shell (php) into i...

2026-01-13
CVE-2025-6679
Analyzed
9.8
WordPress Multiple Products

The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and inclu...

2025-08-15
CVE-2025-66786
7.5
OpenAirInterface Multiple Products

OpenAirInterface CN5G AMF<=v2

2026-01-08
CVE-2025-66769
7.5
Microsoft Multiple Products

A NULL pointer dereference in Nitro PDF Pro for Windows v14

2026-04-14
CVE-2025-66738
Analyzed
8.8
Unknown Multiple Products

An issue in Yealink T21P_E2 Phone 52

2025-12-28
CVE-2025-66736
7.1
Unknown Multiple Products

youlai-boot V2

2025-12-23