Search
59,256 CVEs
CVEs (59,256, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 201–225 of 59,256 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-5907 | HIGH | Patched | 8.8 | 2025-06-10 | A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of… |
| CVE-2025-5908 | HIGH | Patched | 8.8 | 2025-06-10 | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /… |
| CVE-2025-5909 | HIGH | Patched | 8.8 | 2025-06-10 | A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formRefla… |
| CVE-2024-55595 | NONE | — | 2025-06-10 | Rejected reason: Not used | |
| CVE-2025-5910 | HIGH | Patched | 8.8 | 2025-06-10 | A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of th… |
| CVE-2025-5911 | HIGH | 8.8 | 2025-06-10 | A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boa… | |
| CVE-2025-4387 | HIGH | 8.8 | 2025-06-10 | The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popu… | |
| CVE-2025-4601 | HIGH | Patched | 8.8 | 2025-06-10 | The "RH - Real Estate WordPress Theme" theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 4.4.0. This is due to the theme not p… |
| CVE-2025-5912 | HIGH | 8.8 | 2025-06-10 | A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request H… | |
| CVE-2025-5913 | HIGH | 7.3 | 2025-06-10 | A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/s… | |
| CVE-2025-5925 | MEDIUM | 4.3 | 2025-06-10 | The Bunny’s Print CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.95. This is due to missing or incorrect nonce… | |
| CVE-2025-5934 | HIGH | Patched | 8.8 | 2025-06-10 | A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads… |
| CVE-2025-3076 | MEDIUM | Patched | 6.4 | 2025-06-10 | The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_text’ parameter in all versions up to, and including, 3.… |
| CVE-2025-5935 | MEDIUM | Patched | 5.3 | 2025-06-10 | A vulnerability was found in Open5GS up to 2.7.3. It has been declared as problematic. Affected by this vulnerability is the function common_register_state of the file src/… |
| CVE-2025-5952 | HIGH | 7.3 | 2025-06-10 | A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipul… | |
| CVE-2025-1041 | CRITICAL | Patched | 9.9 | 2025-06-10 | An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected version… |
| CVE-2025-4840 | HIGH | Patched | 7.5 | 2025-06-10 | The inprosysmedia-likes-dislikes-post WordPress plugin through 1.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action… |
| CVE-2025-4954 | HIGH | Patched | 8.8 | 2025-06-10 | The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users (author and above) to upload arbitrary f… |
| CVE-2025-27817 | HIGH | Patched | 7.5 | 2025-06-10 | A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHB… |
| CVE-2025-27818 | HIGH | Patched | 8.8 | 2025-06-10 | A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the abili… |
| CVE-2025-27819 | HIGH | Patched | 7.5 | 2025-06-10 | In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnera… |
| CVE-2025-5945 | NONE | — | 2025-06-10 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2025-3112 | MEDIUM | 6.5 | 2025-06-10 | CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause Denial of Service when an authenticated malicious user sends manipulated HTTPS Content-Leng… | |
| CVE-2025-3116 | MEDIUM | 6.5 | 2025-06-10 | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends special malformed HTTPS request contain… | |
| CVE-2025-3117 | MEDIUM | 5.4 | 2025-06-10 | CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists impacting configuration file paths that could cause an unv… |