CVE Database

37700+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2025-4030
7.3 HIGH

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been classified as critical. This affects an unknown part of the file …

Apr 28, 2025
CVE-2025-4028
7.3 HIGH

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of …

Apr 28, 2025
CVE-2025-4027
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file …

Apr 28, 2025
CVE-2025-4026
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unknown processing of …

Apr 28, 2025
CVE-2015-4582
7.2 HIGH

The TheCartPress boot-store (aka Boot Store) theme 1.6.4 for WordPress allows header.php tcp_register_error XSS. NOTE: CVE-2015-4582 is not assigned to any Oracle product.

Apr 28, 2025
CVE-2025-4025
7.3 HIGH

A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /registration.php. …

Apr 28, 2025
CVE-2025-4024
7.3 HIGH

A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /add_drive.php. The manipulation …

Apr 28, 2025
CVE-2025-23375
7.8 HIGH

Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of Privileged APIs vulnerability. A low privileged attacker with local access could potentially exploit …

Apr 28, 2025
CVE-2025-4023
7.3 HIGH

A vulnerability was found in itsourcecode Placement Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file …

Apr 28, 2025
CVE-2025-4020
7.3 HIGH

A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of …

Apr 28, 2025
CVE-2025-4019
7.3 HIGH

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. Affected is the function genCode of the file novel-admin/src/main/java/com/java2nb/common/controller/GeneratorController.java. The …

Apr 28, 2025
CVE-2025-4014
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality …

Apr 28, 2025
CVE-2025-4013
7.3 HIGH

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been classified as critical. Affected is an unknown function of the file …

Apr 28, 2025
CVE-2025-42598
7.8 HIGH

Multiple SEIKO EPSON printer drivers for Windows OS are configured with an improper access permission settings when installed or used in a language other than …

Apr 28, 2025
CVE-2025-32470
7.5 HIGH

A remote unauthenticated attacker may be able to change the IP adress of the device, and therefore affecting the availability of the device.

Apr 28, 2025
CVE-2025-4007
8.8 HIGH

A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules …

Apr 28, 2025
CVE-2025-22235
7.3 HIGH

EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may …

Apr 28, 2025
CVE-2025-4005
7.3 HIGH

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the …

Apr 28, 2025
CVE-2025-4004
7.3 HIGH

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file …

Apr 28, 2025
CVE-2025-3998
7.3 HIGH

A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. This vulnerability affects unknown code of the file renew.php?id=6. The manipulation of …

Apr 28, 2025
CVE-2025-3993
8.8 HIGH

A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of …

Apr 28, 2025
CVE-2025-3992
8.8 HIGH

A vulnerability has been found in TOTOLINK N150RT 3.4.0-B20190525 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlwds. The manipulation of …

Apr 28, 2025
CVE-2025-3991
8.8 HIGH

A vulnerability, which was classified as critical, was found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boafrm/formWdsEncrypt. The manipulation of …

Apr 28, 2025
CVE-2025-26692
8.1 HIGH

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If exploited, arbitrary …

Apr 28, 2025
CVE-2025-3990
8.8 HIGH

A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this issue is some unknown functionality of the file …

Apr 27, 2025
CVE-2025-3989
8.8 HIGH

A vulnerability classified as critical was found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this vulnerability is an unknown functionality of the file /boafrm/formStaticDHCP. The manipulation …

Apr 27, 2025
CVE-2025-3988
8.8 HIGH

A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected is an unknown function of the file /boafrm/formPortFw. The manipulation of the …

Apr 27, 2025
CVE-2025-46657
7.2 HIGH

Karaz Karazal through 2025-04-14 allows reflected XSS via the lang parameter to the default URI.

Apr 27, 2025
CVE-2025-3976
7.3 HIGH

A vulnerability was found in PHPGurukul COVID19 Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file …

Apr 27, 2025
CVE-2025-3974
7.3 HIGH

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit-phlebotomist.php?pid=11. …

Apr 27, 2025
CVE-2025-3973
7.3 HIGH

A vulnerability, which was classified as critical, was found in PHPGurukul COVID19 Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. …

Apr 27, 2025
CVE-2025-3972
7.3 HIGH

A vulnerability, which was classified as critical, has been found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this issue is some unknown functionality …

Apr 27, 2025
CVE-2025-3971
7.3 HIGH

A vulnerability classified as critical was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file …

Apr 27, 2025
CVE-2025-3886
8.1 HIGH

An issue in CatoNetworks CatoClient before v.5.8.0 allows attackers to escalate privileges and achieve a race condition (TOCTOU) via the PrivilegedHelperTool component.

Apr 27, 2025
CVE-2025-3963
7.3 HIGH

A vulnerability, which was classified as critical, has been found in withstars Books-Management-System 1.0. This issue affects some unknown processing of the file /admin/article/list of …

Apr 27, 2025
CVE-2025-3960
7.3 HIGH

A vulnerability was found in withstars Books-Management-System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file …

Apr 27, 2025
CVE-2025-46580
7.7 HIGH

There is a code-related vulnerability in the GoldenDB database product. Attackers can access system tables to disrupt the normal operation of business SQL.

Apr 27, 2025
CVE-2025-46579
8.4 HIGH

There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open …

Apr 27, 2025
CVE-2025-2101
8.1 HIGH

The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the …

Apr 26, 2025
CVE-2025-2851
8.0 HIGH

A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate …

Apr 26, 2025
CVE-2025-3914
8.8 HIGH

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropage_media_downloader' function in …

Apr 26, 2025
CVE-2025-3906
8.8 HIGH

The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wep_opcoes' …

Apr 26, 2025
CVE-2025-3491
7.2 HIGH

The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and …

Apr 26, 2025
CVE-2025-2105
8.1 HIGH

The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted …

Apr 26, 2025
CVE-2024-13808
8.8 HIGH

The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the …

Apr 26, 2025
CVE-2025-2801
7.3 HIGH

The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for WordPress is vulnerable to arbitrary shortcode execution in …

Apr 26, 2025
CVE-2025-32986
7.5 HIGH

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.

Apr 25, 2025
CVE-2025-32983
7.5 HIGH

NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.

Apr 25, 2025
CVE-2025-32982
7.5 HIGH

NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.

Apr 25, 2025
CVE-2025-32981
7.1 HIGH

NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.

Apr 25, 2025

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.