CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-45322
8.8 HIGH

kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter.

May 5, 2025
CVE-2025-45321
8.8 HIGH

kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword.

May 5, 2025
CVE-2025-28062
8.1 HIGH

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in ERPNEXT 14.82.1 and 14.74.3. The vulnerability allows an attacker to perform unauthorized actions such as user …

May 5, 2025
CVE-2025-27920
7.2 HIGH KEV

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper file path handling. By using ../ sequences in parameters, attackers could access …

May 5, 2025
CVE-2025-4272
7.0 HIGH

A vulnerability was found in Mechrevo Control Console 1.0.2.70. It has been rated as critical. Affected by this issue is some unknown functionality in the …

May 5, 2025
CVE-2025-4266
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. Affected by this issue is some unknown functionality of …

May 5, 2025
CVE-2025-4265
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file …

May 5, 2025
CVE-2025-4264
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/edit-ambulance.php. The …

May 5, 2025
CVE-2025-4263
7.3 HIGH

A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of …

May 5, 2025
CVE-2025-4262
7.3 HIGH

A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the …

May 5, 2025
CVE-2025-20671
7.0 HIGH

In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a …

May 5, 2025
CVE-2025-20668
7.8 HIGH

In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if …

May 5, 2025
CVE-2025-20667
7.5 HIGH

In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected …

May 5, 2025
CVE-2025-20666
7.5 HIGH

In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has …

May 5, 2025
CVE-2025-4255
7.3 HIGH

A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RMD Command Handler. The …

May 5, 2025
CVE-2025-4254
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the …

May 5, 2025
CVE-2025-4253
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the …

May 4, 2025
CVE-2025-4252
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command …

May 4, 2025
CVE-2025-4251
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. …

May 4, 2025
CVE-2025-4250
7.3 HIGH

A vulnerability was found in code-projects Nero Social Networking Site 1.0. It has been classified as critical. This affects an unknown part of the file …

May 4, 2025
CVE-2025-4249
7.3 HIGH

A vulnerability was found in PHPGurukul e-Diary Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file …

May 4, 2025
CVE-2025-47245
8.1 HIGH

In BlueWave Checkmate through 2.0.2 before d4a6072, an invite request can be modified to specify a privileged role.

May 4, 2025
CVE-2025-47244
7.3 HIGH

Inedo ProGet through 2024.22 allows remote attackers to reach restricted functionality through the C# reflection layer, as demonstrated by causing a denial of service (when …

May 3, 2025
CVE-2025-4242
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul Online Birth Certificate System 2.0. Affected by this vulnerability is an unknown functionality of the file …

May 3, 2025
CVE-2025-4241
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul Teacher Subject Allocation Management System 1.0. Affected is an unknown function of the file /admin/search.php. …

May 3, 2025
CVE-2025-4240
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. This issue affects some unknown processing of the component LCD …

May 3, 2025
CVE-2025-4239
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. This vulnerability affects unknown code of the component TYPE Command …

May 3, 2025
CVE-2025-4238
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. This affects an unknown part of the component MGET Command …

May 3, 2025
CVE-2024-58134
8.1 HIGH

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These …

May 3, 2025
CVE-2025-4237
7.3 HIGH

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component MDELETE …

May 3, 2025
CVE-2025-4236
7.3 HIGH

A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this vulnerability is an unknown functionality of the component …

May 3, 2025
CVE-2025-4226
7.3 HIGH

A vulnerability classified as critical has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The …

May 3, 2025
CVE-2024-13738
7.3 HIGH

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, …

May 3, 2025
CVE-2022-21546
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITE_SAME No Data Buffer crash In newer version of the SBC specs, …

May 2, 2025
CVE-2025-4214
7.3 HIGH

A vulnerability was found in PHPGuruku Online DJ Booking Management System 1.0 and classified as critical. This issue affects some unknown processing of the file …

May 2, 2025
CVE-2025-4213
7.3 HIGH

A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search.php. …

May 2, 2025
CVE-2025-4210
7.3 HIGH

A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component …

May 2, 2025
CVE-2023-53142
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement …

May 2, 2025
CVE-2023-53138
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbl_device_notify() syzbot reported use-after-free in cfusbl_device_notify() [1]. This causes a …

May 2, 2025
CVE-2023-53136
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: af_unix: fix struct pid leaks in OOB support syzbot reported struct pid leak [1]. Issue …

May 2, 2025
CVE-2023-53135
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode When CONFIG_FRAME_POINTER is unset, the stack unwinding …

May 2, 2025
CVE-2023-53123
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug On s390 PCI functions may …

May 2, 2025
CVE-2023-53117
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369

May 2, 2025
CVE-2023-53116
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the …

May 2, 2025
CVE-2023-53112
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae ("drm/i915/sseu: Don't try to store …

May 2, 2025
CVE-2023-53111
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronously when using asynchronous I/O unless …

May 2, 2025
CVE-2023-53107
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: veth: Fix use after free in XDP_REDIRECT Commit 718a18a0c8a6 ("veth: Rework veth_xdp_rcv_skb in order to …

May 2, 2025
CVE-2023-53106
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug …

May 2, 2025
CVE-2023-53090
7.1 HIGH

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated …

May 2, 2025
CVE-2023-53088
7.8 HIGH

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive …

May 2, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.