Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2025-5594 A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component SET Command Handler. The manipulation leads to buffer ov... | 7.3 | HIGH | — | 0 |
| CVE-2025-20261 A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC) for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated... | 8.8 | HIGH | — | 0 |
| CVE-2025-5599 A vulnerability classified as critical was found in PHPGurukul Student Result Management System 1.3. This vulnerability affects unknown code of the file /editmyexp.php. The manipulation of the argumen... | 7.3 | HIGH | — | 0 |
| CVE-2025-5600 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manip... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5602 A vulnerability, which was classified as critical, was found in Campcodes Hospital Management System 1.0. Affected is an unknown function of the file /admin/registration.php. The manipulation of the a... | 7.3 | HIGH | — | 0 |
| CVE-2025-5603 A vulnerability has been found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /registration.php. The man... | 7.3 | HIGH | — | 0 |
| CVE-2025-5604 A vulnerability was found in Campcodes Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user-login.php. The manipulation of ... | 7.3 | HIGH | — | 0 |
| CVE-2025-5606 A vulnerability was found in Tenda AC18 15.03.05.05. It has been declared as critical. This vulnerability affects the function formSetIptv of the file /goform/SetIPTVCfg. The manipulation of the argum... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-31134 FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for exam... | 7.5 | HIGH | — | 0 |
| CVE-2025-31136 FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, it's possible to run arbitrary JavaScript on the feeds page. This occurs by combining a cross-site scripting (XSS) issue that oc... | 6.7 | MEDIUM | — | 0 |
| CVE-2025-46203 An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-46204 An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-36513 Cross-site request forgery vulnerability exists in surveillance cameras provided by i-PRO Co., Ltd.. If a user views a crafted page while logged in to the affected product, unintended operations may b... | N/A | NONE | — | 0 |
| CVE-2025-5607 A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the arg... | 8.8 | HIGH | — | 0 |
| CVE-2025-5608 A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the function formsetreboottimer of the file /goform/SetSysAutoRebbotCfg. The manipulation of the argument r... | 8.8 | HIGH | — | 0 |
| CVE-2025-5609 A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argu... | 8.8 | HIGH | — | 0 |
| CVE-2025-48947 The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In Auth0 Next.js SDK versions 4.0.1 through 4.6.0, `__session` cookies set by auth0.middleware may be c... | N/A | NONE | — | 0 |
| CVE-2025-5610 A vulnerability, which was classified as critical, has been found in CodeAstro Real Estate Management System 1.0. Affected by this issue is some unknown functionality of the file /submitpropertydelete... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5611 A vulnerability, which was classified as critical, was found in CodeAstro Real Estate Management System 1.0. This affects an unknown part of the file /submitpropertyupdate.php. The manipulation of the... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5612 A vulnerability has been found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This vulnerability affects unknown code of the file /reporting.php. The manipulation of the ar... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5613 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2 and classified as critical. This issue affects some unknown processing of the file /request-details.php. The manipulation of th... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5614 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5615 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /details.php. The man... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5690 PostgreSQL Anonymizer v2.0 and v2.1 contain a vulnerability that allows a masked user to bypass the masking rules defined on a table and read the original data using a database cursor or the --insert ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-5616 A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/profile.php. The manipu... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5617 A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5618 A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2. This vulnerability affects unknown code of the file /admin/edit-team.php. The manipulation of the argum... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5619 A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argume... | 8.8 | HIGH | — | 0 |
| CVE-2025-5620 A vulnerability, which was classified as critical, was found in D-Link DIR-816 1.10CNB05. Affected is the function setipsec_config of the file /goform/setipsec_config. The manipulation of the argument... | 7.3 | HIGH | — | 0 |
| CVE-2025-5621 A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this vulnerability is the function qosClassifier of the file /goform/qosClassifier. The manipulation ... | 7.3 | HIGH | — | 0 |
| CVE-2025-5622 A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli_5g of the file /goform/wirelessApcli_5g. The manipulation of the ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5623 A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been classified as critical. This affects the function qosClassifier of the file /goform/qosClassifier. The manipulation of the argument d... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-49008 Atheos is a self-hosted browser-based cloud integrated development environment. Prior to version 6.0.4, improper use of `escapeshellcmd()` in `/components/codegit/traits/execute.php` allows argument i... | N/A | NONE | — | 0 |
| CVE-2025-5624 A vulnerability was found in D-Link DIR-816 1.10CNB05. It has been declared as critical. This vulnerability affects the function QoSPortSetup of the file /goform/QoSPortSetup. The manipulation of the ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5625 A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /search-teacher.php. The manip... | 7.3 | HIGH | — | 0 |
| CVE-2025-41365 Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in software that will run in the victim's browser. Exploit... | N/A | NONE | — | 0 |
| CVE-2025-5626 A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/edit-subjects-detail.php. The manipul... | 7.3 | HIGH | — | 0 |
| CVE-2025-5627 A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /sputum_form.php. The man... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5628 A vulnerability, which was classified as problematic, has been found in SourceCodester Food Menu Manager 1.0. Affected by this issue is some unknown functionality of the file /index.php of the compone... | 3.5 | LOW | — | 0 |
| CVE-2025-49466 aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path concatenation of the name of an attachment part, | 5.8 | MEDIUM | — | 0 |
| CVE-2025-5629 A vulnerability, which was classified as critical, was found in Tenda AC10 up to 15.03.06.47. This affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg of the component HTTP Han... | 8.8 | HIGH | — | 0 |
| CVE-2025-5630 A vulnerability has been found in D-Link DIR-816 1.10CNB05 and classified as critical. This vulnerability affects unknown code of the file /goform/form2lansetup.cgi. The manipulation of the argument i... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5631 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been classified as critical. Affected is an unknown function of the file /publicposts.php. ... | 7.3 | HIGH | — | 0 |
| CVE-2025-5632 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of th... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5633 A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /a... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5635 A vulnerability classified as critical was found in PCMan FTP Server 2.0.7. This vulnerability affects unknown code of the component PLS Command Handler. The manipulation leads to buffer overflow. The... | 7.3 | HIGH | — | 0 |
| CVE-2025-5638 A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipula... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-3054 The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 4.1.3. Th... | 8.8 | HIGH | — | 0 |
| CVE-2025-3055 The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_avatar_ajax() function in all versions up to, and includin... | 8.1 | HIGH | — | 0 |
| CVE-2025-5639 A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of t... | 7.3 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.