CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-25568 SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN so... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10542 The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the ch... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53677 File upload logic in Apache Struts is flawed.Β An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25565 SoftEther VPN 5.02.5187 is vulnerable to Buffer Overflow in the Command.c file via the PtMakeCert and PtMakeCert2048 functions. NOTE: the Supplier disputes this because the behavior only allows a user... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11698 A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users u... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-41663 For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated p... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-8997 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vestel EVC04 Configuration Interface allows SQL Injection.This issue affects EVC04 Configuration I... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10901 In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/chart/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attacker... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-52338 Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versionsΒ 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arro... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48792 Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25678 In LiteSpeed QUIC (LSQUIC) Library before 4.0.4, DCID validation is mishandled. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36622 In RaspAP raspap-webgui 3.0.9 and earlier, a command injection vulnerability exists in the clearlog.php script. The vulnerability is due to improper sanitization of user input passed via the logfile p... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11284 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.9. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36522 The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation. Users are recommended ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-28718 An issue in OpenStack magnum yoga-eom version allows a remote attacker to execute arbitrary code via the cert_manager.py. component. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-25361 An arbitrary file upload vulnerability in the component /cms/CmsWebFileAdminController.java of PublicCMS v4.0.202406 allows attackers to execute arbitrary code via uploading a crafted svg or xml file. | 9.8 | CRITICAL | β | 0 |
| CVE-2019-16639 An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface without access control, which can allow an attacker (who only has web interface access) to use TELNET comma... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-31818 Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary code via the page parameter of the kiosk.php component. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-48793 Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-11285 The WP JobHunt plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 7.1. This is due to the plugin not properly validating a user's ide... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-26319 FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file upload vulnerability in /api/v1/attachments. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-26136 A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53947 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Superset. Specifically, certain engine-specific functions are not checked, which allows att... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-25675 An issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an export generation process. This is related to app/Controller/JobsController.php and app/View/Events/expor... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-53552 CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22952 elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-42563 An arbitrary file upload vulnerability in ERP commit 44bd04 allows attackers to execute arbitrary code via uploading a crafted HTML file. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-3701 The system application (com.transsion.kolun.aiservice) component does not perform an authentication check, which allows attackers to perform malicious exploitations and affect system services. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-46350 SQL injection vulnerability in InnovaDeluxe "Manufacturer or supplier alphabetical search" (idxrmanufacturer) module for PrestaShop versions 2.0.4 and before, allows remote attackers to escalate privi... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-50488 An issue in Blurams Lumi Security Camera (A31C) v23.0406.435.4120 allows attackers to execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-5436 Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution prior to version 12.88. We recommend upgrading to version 12.88 or above. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-46179 A SQL Injection vulnerability was discovered in the askquery.php file of CloudClassroom-PHP Project v1.0. The squeryx parameter accepts unsanitized input, which is passed directly into backend SQL que... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-22398 Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote ac... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-47966 Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-56180 CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raftΒ pluginΒ module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows attackers to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-10215 The WPBookit plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 1.6.4. This is due to the plugin providing user-controlled access to objects, lettin... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-31750 SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id parameter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-45890 Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter | 9.8 | CRITICAL | β | 0 |
| CVE-2025-44635 There are multiple unauthorized remote command execution vulnerabilities in the H3C ER2200G2, ERG2-450W, ERG2-1200W, ERG2-1350W, NR1200W series routers before ERG2AW-MNW100-R1117; H3C ER3100G2, ER3200... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-56325 Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-50658 Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file | 9.8 | CRITICAL | β | 0 |
| CVE-2024-40394 Simple Library Management System Project Using PHP/MySQL v1.0 was discovered to contain an arbitrary file upload vulnerability via the component ajax.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2023-47132 An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-27520 BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been ident... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-22108 An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method setTermsHashAction at /opt/webapp/lib/PureApi/CCApi.class.php is vulnerable to an unauthenticated SQL injection via /ccapi.p... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-34048 O-RAN RIC I-Release e2mgr lacks array size checks in E2nodeConfigUpdateNotificationHandler. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-24029 JFinalCMS 5.0.0 is vulnerable to SQL injection via /admin/content/data. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-54092 A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions), Industrial Edge Device Kit - arm64 V1.18 (All versions), Industrial Edge Device Kit - arm64 V1.19 (All v... | 9.8 | CRITICAL | β | 0 |
| CVE-2023-4472 Objectplanet Opinio version 7.22 and prior uses a cryptographically weak pseudo-random number generator (PRNG) coupled to a predictable seed, which could lead to an unauthenticated account takeover of... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-37096 A command injection remote code execution vulnerability exists in HPE StoreOnce Software. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.