CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2025-7084 A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. This vulnerability affects the function formWpsStart of the file /goform/formWpsStart of the component webs. The ... | 8.8 | HIGH | — | 0 |
| CVE-2025-7085 A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. This issue affects the function formiNICWpsStart of the file /goform/formiNICWpsStart of the component webs. The man... | 8.8 | HIGH | — | 0 |
| CVE-2025-7086 A vulnerability classified as critical has been found in Belkin F9K1122 1.00.33. Affected is the function formPPTPSetup of the file /goform/formPPTPSetup of the component webs. The manipulation of the... | 8.8 | HIGH | — | 0 |
| CVE-2025-7087 A vulnerability classified as critical was found in Belkin F9K1122 1.00.33. Affected by this vulnerability is the function formL2TPSetup of the file /goform/formL2TPSetup of the component webs. The ma... | 8.8 | HIGH | — | 0 |
| CVE-2025-7088 A vulnerability, which was classified as critical, was found in Belkin F9K1122 1.00.33. This affects the function formPPPoESetup of the file /goform/formPPPoESetup of the component webs. The manipulat... | 8.8 | HIGH | — | 0 |
| CVE-2025-7089 A vulnerability was found in Belkin F9K1122 1.00.33 and classified as critical. This issue affects the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component webs. The manip... | 8.8 | HIGH | — | 0 |
| CVE-2025-7090 A vulnerability, which was classified as critical, has been found in Belkin F9K1122 1.00.33. Affected by this issue is the function formConnectionSetting of the file /goform/formConnectionSetting of t... | 8.8 | HIGH | — | 0 |
| CVE-2025-7091 A vulnerability was found in Belkin F9K1122 1.00.33. It has been classified as critical. Affected is the function formWlanMP of the file /goform/formWlanMP of the component webs. The manipulation of t... | 8.8 | HIGH | — | 0 |
| CVE-2025-7092 A vulnerability has been found in Belkin F9K1122 1.00.33 and classified as critical. This vulnerability affects the function formWlanSetupWPS of the file /goform/formWlanSetupWPS of the component webs... | 8.8 | HIGH | — | 0 |
| CVE-2025-7093 A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the compone... | 8.8 | HIGH | — | 0 |
| CVE-2025-53167 Authentication vulnerability in the distributed collaboration framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 6.9 | MEDIUM | — | 0 |
| CVE-2025-7094 A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component ... | 8.8 | HIGH | — | 0 |
| CVE-2025-7095 A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper ... | 3.7 | LOW | — | 0 |
| CVE-2025-7096 A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cis_update_x64.xml of the component Manifest File ... | 8.1 | HIGH | — | 0 |
| CVE-2025-7097 A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the comp... | 8.1 | HIGH | — | 0 |
| CVE-2025-7098 A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of th... | 5.6 | MEDIUM | — | 0 |
| CVE-2025-7108 A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file /Digital-Infrastructure-9.6.7/... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-7145 ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability, allowing remote attackers with product platform intermediate privileges to inject arbitrary OS commands and e... | 7.2 | HIGH | — | 0 |
| CVE-2025-24508 Extraction of Account Connectivity Credentials (ACCs) from the IT Management Agent secure storage | 6.4 | MEDIUM | — | 0 |
| CVE-2025-48501 An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is runnin... | N/A | NONE | — | 0 |
| CVE-2025-53473 Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers. | N/A | NONE | — | 0 |
| CVE-2025-7115 A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97. It has been rated as critical. Affected by this issue is the function PUT of the file apps/rowboat/app/... | 7.3 | HIGH | — | 0 |
| CVE-2025-41672 A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices. | 10.0 | CRITICAL | — | 0 |
| CVE-2025-7119 A vulnerability has been found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /users/index.php. The man... | 7.3 | HIGH | — | 0 |
| CVE-2025-3920 A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a compiled DLL file. These credentials correspond to a built-in administrative account of the software. An... | N/A | NONE | — | 0 |
| CVE-2025-53373 Natours is a Tour Booking API. The attacker can easily take over any victim account by injecting an attacker-controlled server domain in the Host header when requesting the /forgetpassword endpoint. T... | N/A | NONE | — | 0 |
| CVE-2025-7120 A vulnerability was found in Campcodes Complaint Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /users/check_availability.php. The m... | 7.3 | HIGH | — | 0 |
| CVE-2025-7121 A vulnerability was found in Campcodes Complaint Management System 1.0. It has been classified as critical. This affects an unknown part of the file /users/complaint-details.php. The manipulation of t... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-3466 langgenius/dify versions 1.1.0 to 1.1.2 are vulnerable to unsanitized input in the code node, allowing execution of arbitrary code with full root permissions. The vulnerability arises from the ability... | 7.2 | HIGH | — | 0 |
| CVE-2025-3467 An XSS vulnerability exists in langgenius/dify versions prior to 1.1.3, specifically affecting Firefox browsers. This vulnerability allows an attacker to obtain the administrator's token by sending a ... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-3626 A remote attacker with administrator account can gain full control of the device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') while uploading a con... | 9.1 | CRITICAL | — | 0 |
| CVE-2025-3705 A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command ('OS Command Injection') when loading a con... | 6.8 | MEDIUM | — | 0 |
| CVE-2025-6386 The parisneo/lollms repository is affected by a timing attack vulnerability in the `authenticate_user` function within the `lollms_authentication.py` file. This vulnerability allows attackers to enume... | N/A | NONE | — | 0 |
| CVE-2025-25094 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Amitythemes.com Breaking News Ticker breaking-news-ticker allows Stored XSS.This issue affects Bre... | N/A | NONE | — | 0 |
| CVE-2025-7122 A vulnerability was found in Campcodes Complaint Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the ... | 7.3 | HIGH | — | 0 |
| CVE-2025-7123 A vulnerability was found in Campcodes Complaint Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/complaint-details.php. The manipula... | 4.7 | MEDIUM | — | 0 |
| CVE-2025-7124 A vulnerability classified as critical has been found in code-projects Online Note Sharing 1.0. Affected is an unknown function of the file /dashboard/userprofile.php of the component Profile Image Ha... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-7125 A vulnerability classified as critical was found in itsourcecode Employee Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/editempeducation.ph... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-7126 A vulnerability, which was classified as critical, has been found in itsourcecode Employee Management System up to 1.0. Affected by this issue is some unknown functionality of the file /admin/adminpro... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-7127 A vulnerability, which was classified as critical, was found in itsourcecode Employee Management System up to 1.0. This affects an unknown part of the file /admin/changepassword.php. The manipulation ... | 4.7 | MEDIUM | — | 0 |
| CVE-2025-7128 A vulnerability has been found in Campcodes Payroll Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /ajax.php?action=calculate_payroll. The manipu... | 7.3 | HIGH | — | 0 |
| CVE-2025-7129 A vulnerability was found in Campcodes Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /ajax.php?action=delete_employee_attendance_sing... | 7.3 | HIGH | — | 0 |
| CVE-2023-51232 Directory Traversal vulnerability in dagster-webserver Dagster thru 1.5.11 allows remote attackers to obtain sensitive information via crafted request to the /logs endpoint. This may be restricted to ... | 7.5 | HIGH | — | 0 |
| CVE-2025-7056 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation Mediawiki - UrlShortener Extension allows Stored XSS.This issue affect... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-7130 A vulnerability was found in Campcodes Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=delete_payroll. The manipulation ... | 7.3 | HIGH | — | 0 |
| CVE-2025-7131 A vulnerability was found in Campcodes Payroll Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_emp... | 7.3 | HIGH | — | 0 |
| CVE-2025-43930 Hashview 0.8.1 allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-52492 A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The firmware file, rootfs.tar.gz, contains hard-coded credentials for the Twilio API. A remote attacker who obtai... | 7.5 | HIGH | — | 0 |
| CVE-2025-53486 The WikiCategoryTagCloud extension is vulnerable to reflected XSS via the linkstyle attribute, which is improperly concatenated into inline HTML without escaping. An attacker can inject JavaScript eve... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-6793 Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability. This vulnerability allows remote attackers to delete arbitrary files a... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.