CVE Database

37604+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2024-38866
7.5 HIGH

Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection

May 27, 2025
CVE-2025-5231
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Company Visitor Management System 1.0. This vulnerability affects unknown code of the file /forgot-password.php. The manipulation …

May 27, 2025
CVE-2025-5230
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/bwdates-report-details.php. The …

May 27, 2025
CVE-2025-5229
7.3 HIGH

A vulnerability was found in Campcodes Online Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

May 27, 2025
CVE-2025-5228
8.8 HIGH

A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi …

May 27, 2025
CVE-2025-5227
7.3 HIGH

A vulnerability was found in PHPGurukul Small CRM 3.0 and classified as critical. This issue affects some unknown processing of the file /admin/manage-tickets.php. The manipulation …

May 27, 2025
CVE-2025-5226
7.3 HIGH

A vulnerability has been found in PHPGurukul Small CRM 3.0 and classified as critical. This vulnerability affects unknown code of the file /admin/change-password.php. The manipulation …

May 27, 2025
CVE-2025-5225
7.3 HIGH

A vulnerability, which was classified as critical, was found in Campcodes Advanced Online Voting System 1.0. This affects an unknown part of the file /index.php. …

May 27, 2025
CVE-2025-5224
7.3 HIGH

A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/add-doctor.php. The …

May 27, 2025
CVE-2025-5221
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0.0. It has been classified as critical. This affects an unknown part of the component QUOTE Command …

May 27, 2025
CVE-2025-5220
7.3 HIGH

A vulnerability was found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the component GET …

May 27, 2025
CVE-2025-5219
7.3 HIGH

A vulnerability has been found in FreeFloat FTP Server 1.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component …

May 27, 2025
CVE-2025-5218
7.3 HIGH

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0.0. Affected is an unknown function of the component LITERAL Command Handler. …

May 27, 2025
CVE-2025-5217
7.3 HIGH

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0.0. This issue affects some unknown processing of the component RMDIR …

May 27, 2025
CVE-2025-5216
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Student Record System 3.20. This vulnerability affects unknown code of the file /login.php. The manipulation of …

May 27, 2025
CVE-2025-5215
8.8 HIGH

A vulnerability classified as critical has been found in D-Link DCS-5020L 1.01_B2. This affects the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the …

May 27, 2025
CVE-2025-5214
7.3 HIGH

A vulnerability was found in Kashipara Responsive Online Learing Platform 1.0. It has been rated as critical. Affected by this issue is some unknown functionality …

May 27, 2025
CVE-2025-5213
7.3 HIGH

A vulnerability was found in projectworlds Responsive E-Learning System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of …

May 27, 2025
CVE-2025-5212
7.3 HIGH

A vulnerability was found in PHPGurukul Employee Record Management System 1.3. It has been classified as critical. Affected is an unknown function of the file …

May 26, 2025
CVE-2025-5211
7.3 HIGH

A vulnerability was found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This issue affects some unknown processing of the file /myprofile.php. …

May 26, 2025
CVE-2025-5210
7.3 HIGH

A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /loginerms.php. …

May 26, 2025
CVE-2025-5208
7.3 HIGH

A vulnerability, which was classified as critical, was found in SourceCodester Online Hospital Management System 1.0. This affects an unknown part of the file /admin/check_availability.php. …

May 26, 2025
CVE-2025-5205
7.3 HIGH

A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Affected is an unknown function of the …

May 26, 2025
CVE-2025-23395
7.8 HIGH

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create …

May 26, 2025
CVE-2025-5180
7.0 HIGH

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library …

May 26, 2025
CVE-2025-41655
7.5 HIGH

An unauthenticated remote attacker can access a URL which causes the device to reboot.

May 26, 2025
CVE-2025-41654
8.2 HIGH

An unauthenticated remote attacker can access information about running processes via the SNMP protocol. The amount of returned data can trigger a reboot by the …

May 26, 2025
CVE-2025-5176
7.3 HIGH

A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up to 20250517. It has been declared as critical. This vulnerability affects unknown code of …

May 26, 2025
CVE-2025-5172
7.3 HIGH

A vulnerability, which was classified as critical, was found in Econtrata up to 20250516. Affected is an unknown function of the file /valida. The manipulation …

May 26, 2025
CVE-2025-5156
8.8 HIGH

A vulnerability was found in H3C GR-5400AX up to 100R008 and classified as critical. Affected by this issue is the function EditWlanMacList of the file …

May 25, 2025
CVE-2025-5129
7.0 HIGH

A vulnerability has been found in Sangfor 零信任访问控制系统 aTrust 2.3.10.60 and classified as critical. Affected by this vulnerability is an unknown functionality in the library …

May 24, 2025
CVE-2025-5128
7.3 HIGH

A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component …

May 24, 2025
CVE-2025-5126
8.8 HIGH

A vulnerability was found in Teledyne FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. Performing manipulation of the …

May 24, 2025
CVE-2025-5124
8.1 HIGH

A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown …

May 24, 2025
CVE-2025-4336
8.1 HIGH

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_file() function …

May 24, 2025
CVE-2025-5119
7.3 HIGH

A vulnerability has been found in Emlog Pro 2.5.11 and classified as critical. This vulnerability affects unknown code of the file /include/controller/api_controller.php. The manipulation of …

May 23, 2025
CVE-2025-43860
7.6 HIGH

OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to …

May 23, 2025
CVE-2025-32794
7.6 HIGH

OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to …

May 23, 2025
CVE-2025-24917
7.8 HIGH

In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non-administrative user could stage files in a local …

May 23, 2025
CVE-2025-24916
7.0 HIGH

When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable Network Monitor versions prior to 6.5.1 did not enforce secure permissions …

May 23, 2025
CVE-2022-31812
7.5 HIGH

A vulnerability has been identified in SiPass integrated (All versions < V2.95.3.18). Affected server applications contain an out of bounds read past the end of …

May 23, 2025
CVE-2018-25110
7.5 HIGH

Marked prior to version 0.3.17 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to catastrophic backtracking in several regular expressions used …

May 23, 2025
CVE-2025-5112
7.3 HIGH

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component MGET Command Handler. …

May 23, 2025
CVE-2025-5111
7.3 HIGH

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the …

May 23, 2025
CVE-2025-5110
7.3 HIGH

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component VERBOSE Command …

May 23, 2025
CVE-2025-5109
7.3 HIGH

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component STATUS Command Handler. The …

May 23, 2025
CVE-2025-48292
8.1 HIGH

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in GoodLayers Tourmaster tourmaster allows PHP Local File Inclusion.This issue …

May 23, 2025
CVE-2025-48286
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catkin ReDi Restaurant Reservation redi-restaurant-reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: …

May 23, 2025
CVE-2025-48273
7.5 HIGH

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpjobportal WP Job Portal wp-job-portal allows Path Traversal.This issue affects WP Job …

May 23, 2025
CVE-2025-48245
7.1 HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Reflected XSS.This issue affects Quick Contact …

May 23, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.