CVE Database

37604+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-6906
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Car Rental System 1.0. This affects an unknown part of the file /login.php. The manipulation …

Jun 30, 2025
CVE-2025-6905
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Car Rental System 1.0. This issue affects some unknown processing of the file …

Jun 30, 2025
CVE-2025-6904
7.3 HIGH

A vulnerability was found in code-projects Car Rental System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of …

Jun 30, 2025
CVE-2025-6903
7.3 HIGH

A vulnerability was found in code-projects Car Rental System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of …

Jun 30, 2025
CVE-2025-6902
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /php_action/editUser.php. …

Jun 30, 2025
CVE-2025-6901
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /php_action/removeUser.php. The …

Jun 30, 2025
CVE-2025-53416
7.8 HIGH

Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution

Jun 30, 2025
CVE-2024-8419
7.5 HIGH

The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing …

Jun 30, 2025
CVE-2025-53415
7.8 HIGH

Delta Electronics DTM Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution

Jun 30, 2025
CVE-2025-40732
7.5 HIGH

user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php

Jun 30, 2025
CVE-2025-38088
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out …

Jun 30, 2025
CVE-2025-38087
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier Since taprio’s taprio_dev_notifier() isn’t protected by an RCU read-side critical …

Jun 30, 2025
CVE-2025-6891
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Inventory Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation …

Jun 30, 2025
CVE-2025-6889
7.3 HIGH

A vulnerability was found in code-projects Movie Ticketing System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /logIn.php. …

Jun 30, 2025
CVE-2025-6888
7.3 HIGH

A vulnerability was found in PHPGurukul Teachers Record Management System 2.1. It has been classified as critical. This affects an unknown part of the file …

Jun 30, 2025
CVE-2025-6887
8.8 HIGH

A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The …

Jun 30, 2025
CVE-2025-6886
8.8 HIGH

A vulnerability has been found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. …

Jun 30, 2025
CVE-2025-6885
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/edit-teacher-detail.php. …

Jun 30, 2025
CVE-2025-6882
8.8 HIGH

A vulnerability classified as critical has been found in D-Link DIR-513 1.0. This affects an unknown part of the file /goform/formSetWanPPTP. The manipulation of the …

Jun 30, 2025
CVE-2025-6881
8.8 HIGH

A vulnerability was found in D-Link DI-8100 16.07.21. It has been rated as critical. Affected by this issue is some unknown functionality of the file …

Jun 30, 2025
CVE-2025-46014
8.8 HIGH

Several services in Honor Device Co., Ltd Honor PC Manager v16.0.0.118 was discovered to connect services to the named pipe iMateBookAssistant with default or overly …

Jun 30, 2025
CVE-2025-6871
7.3 HIGH

A vulnerability classified as critical has been found in SourceCodester Simple Company Website 1.0. This affects an unknown part of the file /classes/Login.php. The manipulation …

Jun 29, 2025
CVE-2025-24289
7.5 HIGH

A Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in the UCRM Client Signup Plugin (v1.3.4 and earlier) could allow privilege escalation if …

Jun 29, 2025
CVE-2025-6863
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of …

Jun 29, 2025
CVE-2025-5878
7.3 HIGH

A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads …

Jun 29, 2025
CVE-2025-6846
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Simple Forum 1.0. This affects an unknown part of the file /forum_viewfile.php. The manipulation of …

Jun 29, 2025
CVE-2025-6845
7.3 HIGH

A vulnerability was found in code-projects Simple Forum 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the …

Jun 29, 2025
CVE-2025-6844
7.3 HIGH

A vulnerability was found in code-projects Simple Forum 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the …

Jun 29, 2025
CVE-2025-6843
7.3 HIGH

A vulnerability was found in code-projects Simple Photo Gallery 1.0. It has been classified as critical. Affected is an unknown function of the file /upload-photo.php. …

Jun 29, 2025
CVE-2025-6840
7.3 HIGH

A vulnerability, which was classified as critical, was found in code-projects Product Inventory System 1.0. This affects an unknown part of the file /index.php of …

Jun 29, 2025
CVE-2025-6836
7.3 HIGH

A vulnerability classified as critical has been found in code-projects Library System 1.0. Affected is an unknown function of the file /profile.php. The manipulation of …

Jun 29, 2025
CVE-2025-6835
7.3 HIGH

A vulnerability was found in code-projects Library System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student-issue-book.php. …

Jun 29, 2025
CVE-2025-6834
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/editPayment.php. …

Jun 29, 2025
CVE-2025-6828
7.3 HIGH

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /orders.php. The …

Jun 28, 2025
CVE-2025-6827
7.3 HIGH

A vulnerability, which was classified as critical, was found in code-projects Inventory Management System 1.0. This affects an unknown part of the file /php_action/editOrder.php. The …

Jun 28, 2025
CVE-2025-6826
7.3 HIGH

A vulnerability, which was classified as critical, has been found in code-projects Payroll Management System 1.0. Affected by this issue is some unknown functionality of …

Jun 28, 2025
CVE-2025-6825
8.8 HIGH

A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlSiteSurvey …

Jun 28, 2025
CVE-2025-6824
8.8 HIGH

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the …

Jun 28, 2025
CVE-2025-6823
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file …

Jun 28, 2025
CVE-2025-6822
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /php_action/removeProduct.php. …

Jun 28, 2025
CVE-2025-6821
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0. It has been classified as critical. This affects an unknown part of the file /php_action/createOrder.php. …

Jun 28, 2025
CVE-2025-6820
7.3 HIGH

A vulnerability was found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file …

Jun 28, 2025
CVE-2025-6819
7.3 HIGH

A vulnerability has been found in code-projects Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the …

Jun 28, 2025
CVE-2023-28910
8.0 HIGH

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing …

Jun 28, 2025
CVE-2023-28909
8.0 HIGH

A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which …

Jun 28, 2025
CVE-2023-28906
7.8 HIGH

A command injection in the networking service of the MIB3 infotainment allows an attacker already presenting in the system to escalate privileges and obtain administrative …

Jun 28, 2025
CVE-2023-28905
8.0 HIGH

A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability …

Jun 28, 2025
CVE-2025-1991
7.5 HIGH

IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an integer underflow when processing packets.

Jun 28, 2025
CVE-2025-6755
8.8 HIGH

The Game Users Share Buttons plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the ajaxDeleteTheme() function in …

Jun 28, 2025
CVE-2025-6381
8.8 HIGH

The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.3.4 via the handle_remove_temp_file() function. This makes …

Jun 28, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.