CVEs from 2025
Total
8,948
critical
critical 1,356
high
high 2,040
medium
medium 2,028
low
low 202
% Critical
15.2%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 108
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-6394 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add_re… | |||
| CVE-2025-6360 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in code-projects Simple Pizza Ordering System 1.0. This affects an unknown part of the file /portal.php. The manipulation of the argument ID lead… | |||
| CVE-2025-6359 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cashconfirm.php. The mani… | |||
| CVE-2025-6358 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /saveorder.php. T… | |||
| CVE-2025-6357 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Simple Pizza Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /paymentportal.php. The manipulation of th… | |||
| CVE-2025-6356 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Simple Pizza Ordering System 1.0 and classified as critical. This issue affects some unknown processing of the file /addmem.php. The manipulation leads to s… | |||
| CVE-2025-6355 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in SourceCodester Online Hotel Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/execeditroom.php. The manip… | |||
| CVE-2025-6354 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /function/customer_signup.ph… | |||
| CVE-2025-6351 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in itsourcecode Employee Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /editprofile.php. The manipulati… | |||
| CVE-2025-6346 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in SourceCodester Advance Charity Management System 1.0. It has been classified as critical. This affects an unknown part of the file /members/fundDetails.php. The manipulat… | |||
| CVE-2025-6344 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus.php. The manipulati… | |||
| CVE-2025-6343 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in code-projects Online Shoe Store 1.0. Affected is an unknown function of the file /admin/admin_product.php. The manipulation of the argu… | |||
| CVE-2025-6342 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, has been found in code-projects Online Shoe Store 1.0. This issue affects some unknown processing of the file /admin/admin_football.php. The manipul… | |||
| CVE-2025-6339 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in ponaravindb Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /func3.php. The manipulation o… | |||
| CVE-2025-6330 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /searchdata.php. The manipulation of the argument sear… | |||
| CVE-2025-6323 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /enrollment.php. The manipulation of the argumen… | |||
| CVE-2025-6322 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visit.php. The manipulation of t… | |||
| CVE-2025-6318 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. This vulnerability affects unknown code of the file /admin/check_availability.php. The manipulation of… | |||
| CVE-2025-6317 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in code-projects Online Shoe Store 1.0. This affects an unknown part of the file /admin/confirm.php. The manipulation of the argument ID leads to… | |||
| CVE-2025-6316 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/admin_running.php. The manipul… | |||
| CVE-2025-6315 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cart2.php. The manipulation… | |||
| CVE-2025-6314 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/cat_update.php. The manipulation of the a… | |||
| CVE-2025-6313 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/cat_add.php. The manipulation of the ar… | |||
| CVE-2025-6312 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. This vulnerability affects unknown code of the file /pages/cash_transaction.php. The manipulatio… | |||
| CVE-2025-6311 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. This affects an unknown part of the file /pages/account_add.php. The manipulation of the argu… | |||
| CVE-2025-6310 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file /index.php. The… | |||
| CVE-2025-6307 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/edit_customer.php. The manipulation o… | |||
| CVE-2025-6306 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin_index.php. The manipulation of the… | |||
| CVE-2025-6305 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_feature.php. The manipulation of the argume… | |||
| CVE-2025-6304 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cart.php. The manipulation of the argume… | |||
| CVE-2025-6303 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in code-projects Online Shoe Store 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /contactus1.php. The manipulat… | |||
| CVE-2025-6300 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. This vulnerability affects unknown code of the file /admin/editempeducation.php. The manipulation… | |||
| CVE-2025-6296 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Hostel Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /empty_rooms.php. The manipula… | |||
| CVE-2025-6295 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Hostel Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /allocated_rooms.php.… | |||
| CVE-2025-6294 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /contact.php. The manipulation of the argument… | |||
| CVE-2025-6293 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /contact_manager.php. The manipulation of th… | |||
| CVE-2025-6282 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in xlang-ai OpenAgents up to ff2e46440699af1324eb25655b622c4a131265bb and classified as critical. Affected by this issue is the function create_upload_file of the file backe… | |||
| CVE-2025-6280 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function download_attachment of the file SuperAGI/superagi/helper/read_email.… | |||
| CVE-2025-6278 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.fi… | |||
| CVE-2025-6277 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in Brilliance Golden Link Secondary System up to 20250609. This affects an unknown part of the file /storagework/custTakeInfoPage.htm. The manipu… | |||
| CVE-2025-6276 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Brilliance Golden Link Secondary System up to 20250609. It has been rated as critical. Affected by this issue is some unknown functionality of the file /storagework/rentT… | |||
| CVE-2025-4738 | critical | 9.8 | 9.8 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yirmibes Software MY ERP allows SQL Injection. This issue affects MY ERP: before 1.170. | |||
| CVE-2025-6266 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was detected in Teledyne FLIR AX8 up to 1.46. Affected by this vulnerability is an unknown functionality of the file /upload.php. Performing manipulation of the argument File results … | |||
| CVE-2025-31919 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7. | |||
| CVE-2025-6161 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in SourceCodester Simple Food Ordering System 1.0. Affected is an unknown function of the file /editproduct.php. The manipulation of the a… | |||
| CVE-2025-6160 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, has been found in SourceCodester Client Database Management System 1.0. This issue affects some unknown processing of the file /user_customer_create… | |||
| CVE-2025-6159 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in code-projects Hostel Management System 1.0. This vulnerability affects unknown code of the file /allocate_room.php. The manipulation of the argumen… | |||
| CVE-2025-6157 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registered-user-tes… | |||
| CVE-2025-6155 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Hostel Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /includes/login-hm.inc.php. The manipulation of t… | |||
| CVE-2025-6154 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Hostel Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /includes/login.inc.php. The manipulation of th… | |||
| CVE-2025-6153 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in PHPGurukul Hostel Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/students.php. The manipulation of the … | |||
| CVE-2025-6136 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insertPayment.php. The manipula… | |||
| CVE-2025-6135 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /insertNominee.php. The manipula… | |||
| CVE-2025-6134 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Projectworlds Life Insurance Management System 1.0. It has been classified as critical. This affects an unknown part of the file /insertClient.php. The manipulation of th… | |||
| CVE-2025-6133 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The mani… | |||
| CVE-2025-6132 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in Chanjet CRM 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysconfig/departmentsetting.php. The manipulation… | |||
| CVE-2025-6124 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Restaurant Order System 1.0 and classified as critical. This issue affects some unknown processing of the file /tablelow.php. The manipulation of the argume… | |||
| CVE-2025-6123 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in code-projects Restaurant Order System 1.0 and classified as critical. This vulnerability affects unknown code of the file /payment.php. The manipulation of the argum… | |||
| CVE-2025-6118 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. T… | |||
| CVE-2025-6117 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been declared as critical. This vulnerability affects unknown code of the file /Reservations/Search of the component A… | |||
| CVE-2025-6116 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been classified as critical. This affects an unknown part of the file /IntraFieldVehicle/Search of the component API. … | |||
| CVE-2025-5980 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in code-projects Restaurant Order System 1.0. This vulnerability affects unknown code of the file /order.php. The manipulation of the argument tabidNo… | |||
| CVE-2025-5979 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument ID leads … | |||
| CVE-2025-5977 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as critical. This issue affects some unknown processing of the file /datatable.php. The manipulation of the ar… | |||
| CVE-2025-5913 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The mani… | |||
| CVE-2025-5906 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is pos… | |||
| CVE-2025-48126 | critical | 9.8 | 9.8 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in g5theme Essential Real Estate essential-real-estate allows PHP Local File Incl… | |||
| CVE-2025-31429 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton PressGrid - Frontend Publish Reaction & Multimedia Theme allows Object Injection. This issue affects PressGrid - Frontend Publish Reaction … | |||
| CVE-2025-31398 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton PIMP - Creative MultiPurpose allows Object Injection. This issue affects PIMP - Creative MultiPurpose: from n/a through 1.7. | |||
| CVE-2025-31396 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton FLAP - Business WordPress Theme allows Object Injection. This issue affects FLAP - Business WordPress Theme: from n/a through 1.5. | |||
| CVE-2025-5881 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.php. The manipulation of the… | |||
| CVE-2025-5860 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown part of the file /admin/search-booking-request.php. The manipulat… | |||
| CVE-2025-5856 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of… | |||
| CVE-2025-5778 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. Affected is an unknown function of the file /admin. The manipulation of the argument U… | |||
| CVE-2025-5759 | critical | 9.8 | 9.8 | 1y ago | A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown code of the file /admin/edit-person-detail.php?ed… | |||
| CVE-2025-5756 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in code-projects Real Estate Property Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/… | |||
| CVE-2025-5707 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registere… | |||
| CVE-2025-5706 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /… | |||
| CVE-2025-5497 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was detected in slackero phpwcms up to 1.9.45/1.10.8. The impacted element is an unknown function of the file include/inc_module/mod_feedimport/inc/processing.inc.php of the component… | |||
| CVE-2025-47646 | critical | 9.8 | 9.8 | 1y ago | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gilblas Ngunte Possi PSW Front-end Login & Registration psw-login-and-registration allows Password Recovery Exploitation.This … | |||
| CVE-2025-47438 | critical | 9.8 | 9.8 | 1y ago | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpjobportal WP Job Portal wp-job-portal allows PHP Local File Inclusion.This i… | |||
| CVE-2025-31927 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton Acerola allows Object Injection. This issue affects Acerola: from n/a through 1.6.5. | |||
| CVE-2025-31430 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton The Business allows Object Injection. This issue affects The Business: from n/a through 1.6.1. | |||
| CVE-2025-31069 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton HotStar – Multi-Purpose Business Theme allows Object Injection. This issue affects HotStar – Multi-Purpose Business Theme: from n/a through… | |||
| CVE-2025-31049 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themeton Dash allows Object Injection. This issue affects Dash: from n/a through 1.3. | |||
| CVE-2025-5079 | critical | 9.8 | 9.8 | 1y ago | A flaw has been found in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/updateorder.php. Executing manipulation of the … | |||
| CVE-2025-5078 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was detected in PHPGurukul/Campcodes Online Shopping Portal 1.0. Affected is an unknown function of the file /admin/subcategory.php. Performing manipulation of the argument Category r… | |||
| CVE-2025-39410 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon:… | |||
| CVE-2025-47582 | critical | 9.8 | 9.8 | 1y ago | Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0. | |||
| CVE-2025-4734 | critical | 9.8 | 9.8 | 1y ago | A vulnerability, which was classified as critical, was found in Campcodes Sales and Inventory System 1.0. Affected is an unknown function of the file /pages/ci_update.php. The manipulation of the arg… | |||
| CVE-2025-47682 | critical | 9.8 | 9.8 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows SQL Injection.This issue affects SMS A… | |||
| CVE-2025-4528 | critical | 9.8 | 9.8 | 1y ago | A weakness has been identified in Dígitro NGC Explorer up to 3.44.15/3.48.21. This affects an unknown function. Executing a manipulation can lead to session expiration. The attack can be launched rem… | |||
| CVE-2025-4191 | critical | 9.8 | 9.8 | 1y ago | A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /editmyeducation.… | |||
| CVE-2025-32491 | critical | 9.8 | 9.8 | 1y ago | Incorrect Privilege Assignment vulnerability in Rankology Rankology SEO – On-site SEO rankology-seo-all-in-one-seo-analytics allows Privilege Escalation.This issue affects Rankology SEO – On-site SEO… | |||
| CVE-2025-25373 | critical | 9.8 | 9.8 | 1y ago | The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform. | |||
| CVE-2025-2655 | critical | 9.8 | 9.8 | 1y ago | A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function save_users/delete_users of the file /classes/Users.php. Performing manipulation … | |||
| CVE-2025-26966 | critical | 9.8 | 9.8 | 1y ago | Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino PrivateContent private-content.This issue affects PrivateContent: from n/a through <= 8.11.5. | |||
| CVE-2025-24607 | critical | 9.8 | 9.8 | 1y ago | Missing Authorization vulnerability in Northern Beaches Websites IdeaPush ideapush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a throug… | |||
| CVE-2025-55754 | critical | 9.6 | 9.6 | 18d ago | Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Win… | |||
| CVE-2025-11022 | critical | 9.6 | 9.6 | 6mo ago | Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. Thi… |