CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2019-25268 NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that allows attackers to load arbitrary libraries by tricking users into opening application files from remote shares. Attackers can exploit i... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-6830 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda TΓΌrkiye Information Technology Inc. Password Module allows SQL Injection.This issue affects ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11837 An improper control of generation of code vulnerability has been reported to affect Malware Remover. The remote attackers can then exploit the vulnerability to bypass protection mechanism. We have al... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28213 EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22852 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUD... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25282 V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect vulnerability in the script that allows attackers to manipulate the 'parent' GET parameter. Attackers can craft malicious links that redire... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-0905 Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a netwo... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-61548 SQL Injection is present on the hfInventoryDistFormID parameter in the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 (fixed in 19.... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23978 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This i... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70225 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component | 9.8 | CRITICAL | β | 0 |
| CVE-2025-29329 Buffer Overflow in the ippprint (Internet Printing Protocol) service in Sagemcom F@st 3686 MAGYAR_4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25296 The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file type validation in the lfb_upload_form and lfb_removeFile AJAX actions in versions ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14577 Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to execute arbitrary PHP commands by sending specially crafted requests to /webcti/s... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2634 Malicious scripts could cause desynchronization between the address bar and web content before a response is received in Firefox iOS, allowing attacker-controlled pages to be presented under spoofed d... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14533 The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 0.9.2.1. This is due to the 'insert_user' function not restricting... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47875 GeoGebra CAS Calculator 6.0.631.0 contains a denial of service vulnerability that allows attackers to crash the application by generating a large buffer overflow. Attackers can create a payload with 8... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69991 phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_availablity.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22234 OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'Attachments.aspx' endpoint, iterate through predictable values of 'formid', and download or delete all... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-64121 Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvation Energy Multi-Stack Controller (MSC) allows Authentication Bypass.This issue affects Multi-Stack Controller (MSC): fro... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69764 Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remot... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-62877 Projects using the SUSE Virtualization (Harvester) environment mayΒ expose the OS default ssh login passwordΒ Β if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster o... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69258 A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supp... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36940 Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload an... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2762 Integer overflow in the JavaScript: Standard Library component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2764 JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 14... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2763 Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2767 Use-after-free in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2766 Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21531 Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3257 UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library. UnQLite for Perl embeds the UnQLite library. Version 0.06 and earlier of the Perl module uses a ver... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69981 FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the `/api/upload` API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbi... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37123 Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67187 A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204_B20210112. The flaw exists in the setIpQosRules interface of /lib/cste_modules/firewall.so where the comment... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22904 Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resultin... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70161 EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An a... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-67229 An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficien... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22854 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-59389 An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixe... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27005 Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2331 An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem direct... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22709 vm2 is an open source vm/sandbox for Node.js. In vm2 prior to version 3.10.2, `Promise.prototype.then` `Promise.prototype.catch` callback sanitization can be bypassed. This allows attackers to escape ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22853 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEARβs NDR array reader does not perform bounds checking on the onβwire element count and can write past the heap bu... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69329 Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through < 1.4.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-63624 SQL Injection vulnerability in Shandong Kede Electronics Co., Ltd IoT smart water meter monitoring platform v.1.0 allows a remote attacker to execute arbitrary code via the imei_list.aspx file. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-14892 The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions due to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-22871 GuardDog is a CLI tool to identify malicious PyPI packages. Prior to 2.7.1, there is a path traversal vulnerability exists in GuardDog's safe_extract() function that allows malicious PyPI packages to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-47774 Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 25... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-50922 Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code. Attackers can g... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-55423 A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passe... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-8572 The Truelysell Core plugin for WordPress is vulnerable to privilege escalation in versions less than, or equal to, 1.8.7. This is due to insufficient validation of the user_role parameter during user ... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.