Search
23,984 CVEs · Medium severity
CVEs (23,984, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 23,984 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-5857 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalys… | |
| CVE-2025-5858 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-… | |
| CVE-2025-5859 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functional… | |
| CVE-2025-25207 | MEDIUM | 5.7 | 2025-06-09 | The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add ca… | |
| CVE-2025-25208 | MEDIUM | 5.7 | 2025-06-09 | A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster | |
| CVE-2025-25209 | MEDIUM | 5.7 | 2025-06-09 | The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead … | |
| CVE-2025-3581 | MEDIUM | Patched | 4.8 | 2025-06-09 | The Newsletter WordPress plugin before 8.8.5 does not validate and escape some of its Widget options before outputting them back in a page/post where the block is embed, w… |
| CVE-2025-3582 | MEDIUM | Patched | 4.8 | 2025-06-09 | The Newsletter WordPress plugin before 8.85 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored … |
| CVE-2025-47711 | MEDIUM | 6.5 | 2025-06-09 | There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data… | |
| CVE-2025-47712 | MEDIUM | 6.5 | 2025-06-09 | A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large … | |
| CVE-2025-4652 | MEDIUM | Patched | 6.1 | 2025-06-09 | The Broadstreet WordPress plugin before 1.51.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting w… |
| CVE-2025-40675 | MEDIUM | Patched | 6.1 | 2025-06-09 | A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim's brow… |
| CVE-2025-5871 | MEDIUM | 5.3 | 2025-06-09 | A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Web I… | |
| CVE-2025-5872 | MEDIUM | 5.3 | 2025-06-09 | A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as problematic. This affects an unknown part of the component Setting Handler. The m… | |
| CVE-2025-41437 | MEDIUM | 4.3 | 2025-06-09 | Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on… | |
| CVE-2025-5873 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability was detected in eCharge Hardy Barth Salia PLCC up to 2.3.81. Affected by this issue is some unknown functionality of the file /firmware.php of the component… | |
| CVE-2025-5874 | MEDIUM | 4.6 | 2025-06-09 | A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been rated as problematic. This issue affects the function run_query of the file /query_runner/python.py of … | |
| CVE-2025-5876 | MEDIUM | 5.3 | 2025-06-09 | A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321. Affected by this vulnerability is an unknown functiona… | |
| CVE-2025-40668 | MEDIUM | 6.5 | 2025-06-09 | Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a P… | |
| CVE-2025-40669 | MEDIUM | 6.5 | 2025-06-09 | Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's use… | |
| CVE-2025-49131 | MEDIUM | Patched | 6.3 | 2025-06-09 | FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container (fast… |
| CVE-2025-5877 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3.2.2.1. Affected by this issue is some unknown functionality of the file /ap… | |
| CVE-2025-5880 | MEDIUM | 4.3 | 2025-06-09 | A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The man… | |
| CVE-2025-5881 | MEDIUM | 6.3 | 2025-06-09 | A vulnerability was found in code-projects Chat System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /user/confirm_password.p… | |
| CVE-2025-5885 | MEDIUM | Patched | 4.3 | 2025-06-09 | A vulnerability has been found in Konica Minolta bizhub up to 20250202 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cro… |