CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-44136 MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in an error message without html encoding. This leads to XSS and allows an unauthentica... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50870 Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an email address as input and directly returns the corr... | 9.8 | CRITICAL | β | 0 |
| CVE-2018-4301 This issue is fixed in SCSSU-201801. A potential stack based buffer overflow existed in GemaltoKeyHandle.cpp. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-54127 HAXcms with nodejs backend allows users to start the server in any HAXsite or HAXcms instance. In versions 11.0.6 and below, the NodeJS version of HAXcms uses an insecure default configuration designe... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11350 The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user's iden... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22992 A SQL Injection vulnerability exists in the /feed/insert.json endpoint of the Emoncms project >= 11.6.9. The vulnerability is caused by improper handling of user-supplied input in the data query param... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-54444 Unrestricted Upload of File with Dangerous Type vulnerability in Samsung Electronics MagicINFO 9 Server allows Code Injection.This issue affects MagicINFO 9 Server: less than 21.1080.0. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-8895 The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing validation of user-supplied input in all versions up to, and including, 3.3.5. This makes it possible for unaut... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-53826 File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename, and edit files. In version 2.39.0, File Browserβs authentication sys... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40535 Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 was discovered to contain a stack overflow via the apn_name_3g parameter in the config_3g_para function. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6679 The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthent... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27782 Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to arbitrary file write in inference.py. This issue may lead to writing arbitrary files on the Applio server. It can a... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-23310 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerabilit... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-1881 AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') due to a flaw in its shell command ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-30184 CyberDataΒ 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-50640 jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function | 9.8 | CRITICAL | β | 0 |
| CVE-2025-30127 An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversatio... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-52688 Successful exploitation of the vulnerability could allow an attacker to inject commands with root privileges on the access point, potentially leading to the loss of confidentiality, integrity, availab... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-52689 Successful exploitation of the vulnerability could allow an unauthenticated attacker to obtain a valid session ID with administrator privileges by spoofing the login request, potentially allowing the ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-44655 In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-53867 Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-57157 Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-44658 In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malic... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-7778 The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delete_files() function in all versions up to,... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50738 The Memos application, up to version v0.24.3, allows for the embedding of markdown images with arbitrary URLs. When a user views a memo containing such an image, their browser automatically fetches th... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27540 A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'Authenticate' method. Th... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41652 The devices are vulnerable to an authentication bypass due to flaws in the authorization mechanism. An unauthenticated remote attacker could exploit this weakness by performing brute-force attacks to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46059 langchain-ai v0.3.51 was discovered to contain an indirect prompt injection vulnerability in the GmailToolkit component. This vulnerability allows attackers to execute arbitrary code and compromise th... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27539 A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected application is vulnerable to SQL injection through the internally used 'VerifyUser' method. This... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-20401 A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to overwrite arbitrary files on the underlying oper... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-54446 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allows Upload a Web Shell to a Web Server.This issue affects Magi... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-9342 In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-53633 Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario (i.e. a zip archive), the size of the decoded content is not checked, potentially l... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41687 An unauthenticated remote attacker may use a stack based buffer overflow in the u-link Management API to gain full access on the affected devices. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-12909 A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vuln... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-2000 A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 thr... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-57754 eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabase URI with embedded username and password will all... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-0896 Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10264 HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy and a server. This can... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-47277 vLLM, an inference and serving engine for large language models (LLMs), has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the `PyNcclPipe` KV cache transfer integration... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6918 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ncvav Virtual PBX Software allows SQL Injection.This issue affects Virtual PBX Software: before 09... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-23311 NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25256 An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 throu... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46725 Langroid is a Python framework to build large language model (LLM)-powered applications. Prior to version 0.53.15, `LanceDocChatAgent` uses pandas eval() through `compute_from_docs()`. As a result, an... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46199 Cross Site Scripting vulnerability in grav v.1.7.48 and before allows an attacker to execute arbitrary code via a crafted script to the form fields | 9.8 | CRITICAL | β | 0 |
| CVE-2025-52239 An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-51390 TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-25610 A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and ve... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36847 The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a pn... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27781 Applio is a voice conversion tool. Versions 3.2.8-bugfix and prior are vulnerable to unsafe deserialization in inference.py. `model_file` in inference.py as well as `model_file` in tts.py take user-su... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.