17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 12151-12200 of 17282 CVEs Page 244 of 346
CVE-2025-5243
Analyzed
10
HP Multiple Products

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabil...

2025-07-25
CVE-2025-52395
Analyzed
9.8
Unknown Multiple Products

An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails...

2025-08-21
CVE-2025-52390
Analyzed
9.1
HP Multiple Products

Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in...

2025-08-01
CVE-2025-52389
Analyzed
8.8
Insecure Multiple Products

An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40

2025-09-08
CVE-2025-52385
Analyzed
9.8
Unknown Multiple Products

An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module

2025-08-14
CVE-2025-52376
Analyzed
9.8
Unknown Multiple Products

An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below, al...

2025-07-15
CVE-2025-52365
7.8
Unknown Multiple Products

A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system comma...

2026-03-04
CVE-2025-52364
7.5
Tenda Multiple Products

Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22

2025-07-11
CVE-2025-52353
Analyzed
9.8
HP Multiple Products

An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP c...

2025-08-27
CVE-2025-52352
Analyzed
9.8
Unknown Multiple Products

Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-...

2025-08-21
CVE-2025-52351
8.8
Aikaan Multiple Products

Aikaan IoT management platform v3

2025-08-21
CVE-2025-52347
7.8
Unknown Multiple Products

An issue in the component DirectIo64

2026-05-02
CVE-2025-52293
Analyzed
7.5
GPAC GPAC (media_tools/av_parsers)

A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers

2026-06-15
CVE-2025-52292
Analyzed
7.5
Unknown Unknown

A stack buffer overflow in the filein_process function (in_file

2026-06-15
CVE-2025-52289
8
Unknown Multiple Products

A Broken Access Control vulnerability in MagnusBilling v7

2025-07-31
CVE-2025-52288
Analyzed
7.5
Assertion Multiple Products

Assertion failure in function ngap_build_downlink_nas_transport in file src/amf/ngap-build

2025-09-08
CVE-2025-52287
8.8
Script Multiple Products

OperaMasks SDK ELite Script Engine v0

2025-08-23
CVE-2025-52268
7.5
StarCharge Multiple Products

StarCharge Artemis AC Charger 7-22 kW v1

2025-10-27
CVE-2025-52263
8
Unknown Multiple Products

An issue in the Web Configuration module of Startcharge Artemis AC Charger 7-22 kW v1

2025-10-27
CVE-2025-52239
Analyzed
9.8
HP Multiple Products

An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.

2025-08-05
CVE-2025-52218
7.5
Platform Multiple Products

SelectZero Data Observability Platform before 2025

2025-08-27
CVE-2025-52203
Analyzed
7.6
HP Multiple Products

A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1

2025-07-31
CVE-2025-52196
7.5
Unknown Multiple Products

Server-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8

2025-12-18
CVE-2025-52194
Analyzed
7.5
Unknown Multiple Products

A buffer overflow vulnerability exists in libsndfile version 1

2025-08-21
CVE-2025-52187
8.2
Unknown Multiple Products

GetProjectsIdea Create School Management System 1

2025-07-30
CVE-2025-52161
Analyzed
9.8
Intel Multiple Products

Scholl Communications AG Weblication CMS Core v019.004.000.000 was discovered to contain a cross-site scripting (XSS) vulnerability.

2025-09-08
CVE-2025-52159
8.8
Hardcoded Multiple Products

Hardcoded credentials in default configuration of PPress 0

2025-09-19
CVE-2025-52122
Analyzed
9.8
Apache Multiple Products

Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code...

2025-08-27
CVE-2025-52101
Analyzed
9.8
Unknown Multiple Products

linjiashop <=0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authenticati...

2025-07-06
CVE-2025-52099
7.5
SQLite Integer Multiple Products

Integer Overflow vulnerability in SQLite SQLite3 v

2025-10-24
CVE-2025-52079
8.8
D-Link Multiple Products

The administrator password setting of the D-Link DIR-820L 1

2025-10-22
CVE-2025-52053
Analyzed
9.8
TOTOLINK Multiple Products

TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74 function via the file_name parameter....

2025-09-15
CVE-2025-52044
7.5
Frappe Multiple Products

In Frappe ERPNext v15

2025-09-17
CVE-2025-52042
8.2
Frappe Multiple Products

In Frappe ERPNext 15

2025-10-01
CVE-2025-52041
8.2
Frappe Multiple Products

In Frappe ERPNext 15

2025-10-01
CVE-2025-52040
8.2
Frappe Multiple Products

In Frappe ERPNext 15

2025-10-01
CVE-2025-52039
8.2
Frappe Multiple Products

In Frappe ERPNext 15

2025-10-01
CVE-2025-52021
Analyzed
9.8
HP Multiple Products

A SQL Injection vulnerability exists in the edit_product.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The product_id GET parameter...

2025-10-08
CVE-2025-51991
8.8
Unknown Multiple Products

XWiki through version 17

2025-08-20
CVE-2025-51989
7
Unknown Multiple Products

HTML injection vulnerability in the registration interface in Evolution Consulting Kft

2025-08-23
CVE-2025-51986
7.5
Linux Multiple Products

An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v

2025-08-14
CVE-2025-51970
Analyzed
7.7
Unknown Multiple Products

A SQL Injection vulnerability exists in the action

2025-07-29
CVE-2025-51958
Analyzed
9.8
HP Multiple Products

aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated attackers to execute arbitrary system commands via lib/plugins/runcomma...

2026-01-31
CVE-2025-51865
8.8
Unknown Multiple Products

Ai2 playground web service (playground

2025-07-23
CVE-2025-51846
7.5
CryptPad Multiple Products

CryptPad 2025

2026-05-01
CVE-2025-51741
7.5
Community Multiple Products

An issue was discovered in Veal98 Echo Open-Source Community System 2

2025-11-26
CVE-2025-51735
Analyzed
7.5
Microsoft Multiple Products

CSV formula injection vulnerability in HCL Technologies Ltd

2025-11-29
CVE-2025-51726
Analyzed
8.4
Unknown Multiple Products

CyberGhostVPNSetup

2025-08-05
CVE-2025-51667
Analyzed
7
Unknown Multiple Products

An issue was discovered in simple-admin-core v1

2025-08-27
CVE-2025-51663
7.5
Unknown Multiple Products

A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2

2025-11-20