17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 12201-12250 of 17282 CVEs Page 245 of 346
CVE-2025-51661
7.5
Unknown Multiple Products

A path Traversal vulnerability found in FileCodeBox v2

2025-11-20
CVE-2025-51630
Analyzed
9.8
TOTOLINK Multiple Products

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.

2025-07-17
CVE-2025-51629
8.8
PdfViewer Multiple Products

A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2

2025-08-07
CVE-2025-51628
7.5
Unknown Multiple Products

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2

2025-08-05
CVE-2025-51624
7.6
Zone Bitaqati thru Multiple Products

Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3

2025-08-07
CVE-2025-51606
8.8
Unknown Multiple Products

hippo4j 1

2025-08-23
CVE-2025-51605
8.1
Unknown Multiple Products

An issue was discovered in Shopizer 3

2025-08-23
CVE-2025-51567
Analyzed
9.1
HP Multiple Products

A SQL Injection was found in the /exam/user/profile.php page of kashipara Online Exam System V1.0, which allows remote attackers to execute arbitrary...

2026-01-13
CVE-2025-51543
Analyzed
9.8
Unknown Multiple Products

An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password en...

2025-08-20
CVE-2025-51536
Analyzed
9.8
Intel Multiple Products

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.

2025-08-05
CVE-2025-51535
Analyzed
9.1
Intel Multiple Products

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability.

2025-08-05
CVE-2025-51534
8.1
Austrian Multiple Products

A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8

2025-08-05
CVE-2025-51532
7.5
Unknown Multiple Products

Incorrect access control in Sage DPW v2024

2025-08-07
CVE-2025-51511
Analyzed
9.8
Cadmium CMS Multiple Products

Cadmium CMS v.0.4.9 has a background arbitrary file upload vulnerability in /admin/content/filemanager/uploads.

2025-12-24
CVE-2025-51504
7.6
Microweber Multiple Products

Microweber CMS 2

2025-08-01
CVE-2025-51503
7.6
Microweber CMS Multiple Products

A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2

2025-07-31
CVE-2025-51495
7.5
Unknown Multiple Products

An integer overflow vulnerability exists in the WebSocket component of Mongoose 7

2025-09-29
CVE-2025-51482
8.8
Unknown Multiple Products

Remote Code Execution in letta

2025-07-23
CVE-2025-51480
8.8
Path Traversal Multiple Products

Path Traversal vulnerability in onnx

2025-07-23
CVE-2025-51464
8.8
Unknown Multiple Products

Cross-site Scripting (XSS) in aimhubio Aim 3

2025-07-23
CVE-2025-51463
7
Path Multiple Products

Path Traversal in restore_run_backup() in AIM 3

2025-07-23
CVE-2025-51452
Analyzed
9.8
TOTOLINK Multiple Products

In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

2025-08-14
CVE-2025-51451
Analyzed
9.8
TOTOLINK Multiple Products

In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

2025-08-14
CVE-2025-51427
Analyzed
7.3
Unknown Multiple Products

An issue was discovered in ModelScope 1

2026-05-20
CVE-2025-51390
Analyzed
9.8
TOTOLINK Multiple Products

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig funct...

2025-08-05
CVE-2025-51387
Analyzed
9.8
Unknown Multiple Products

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure set...

2025-08-05
CVE-2025-51281
7
D-Link Multiple Products

D-Link DI-8100 16

2025-08-25
CVE-2025-5120
7.6
Unknown Multiple Products

A sandbox escape vulnerability was identified in huggingface/smolagents version 1

2025-07-28
CVE-2025-5115
7.5
Eclipse Multiple Products

In Eclipse Jetty, versions <=9

2025-08-20
CVE-2025-51087
8.6
Tenda Multiple Products

Tenda AC8V4 V16

2025-07-25
CVE-2025-51056
8.2
Unknown Multiple Products

An unrestricted file upload vulnerability in Vedo Suite version 2024

2025-08-07
CVE-2025-51055
8.6
Insecure Multiple Products

Insecure Data Storage of credentials has been found in /api_vedo/configuration/config

2025-08-07
CVE-2025-51040
7.5
Electrolink Multiple Products

Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore

2025-08-07
CVE-2025-51006
7.8
Linux Multiple Products

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dlt_linuxsll2_cleanup() function in plugins/dlt_linuxsll2/linuxs...

2025-09-22
CVE-2025-51005
7.5
Unknown Multiple Products

A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4

2025-09-24
CVE-2025-50989
8.8
OPNsense Multiple Products

OPNsense 25

2025-08-27
CVE-2025-50983
Analyzed
8.3
Unknown Multiple Products

SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0

2025-08-27
CVE-2025-50979
8.6
NodeBB Multiple Products

NodeBB v4

2025-08-27
CVE-2025-50972
Analyzed
9.8
HP Multiple Products

SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to index...

2025-08-27
CVE-2025-50951
7.5
FontForge Multiple Products

FontForge v20230101 was discovered to contain a memory leak via the utf7toutf8_copy function at /fontforge/sfd

2025-10-23
CVE-2025-5095
Analyzed
9.8
Burk Technology ARC Multiple Products

Burk Technology ARC Solo's password change mechanism can be utilized without proper authentication procedures, allowing an attacker to take over the...

2025-08-08
CVE-2025-50944
Analyzed
8.8
Intel Multiple Products

An issue was discovered in the method push

2025-09-15
CVE-2025-50904
Analyzed
9.8
Unknown Multiple Products

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to...

2025-08-21
CVE-2025-50902
8.8
Apple Multiple Products

Cross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut/wechat_applet__open_source) thru 1

2025-08-21
CVE-2025-50901
Analyzed
9.8
F5 Multiple Products

JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lead to arbitrary file...

2025-08-21
CVE-2025-50900
Analyzed
9.8
Unknown Multiple Products

An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com.rebuild.web.RebuildWebInterceptor, and the affected functio...

2025-08-26
CVE-2025-50892
7.8
Unknown Multiple Products

The eudskacs

2025-09-10
CVE-2025-50881
8.8
HP code after

The `flow/admin/moniteur

2026-03-18
CVE-2025-50870
Analyzed
9.8
HP Multiple Products

Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an em...

2025-08-01