CVEs from 2025
Total
8,855
critical
critical 1,302
high
high 1,904
medium
medium 1,927
low
low 193
% Critical
14.7%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- microsoft 107
- redhat 106
- portabilis 94
- mayurik 79
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-10539 | medium | 4.8 | 4.8 | 1mo ago | Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime upda… | |||
| CVE-2025-15549 | medium | 4.8 | 4.8 | 4mo ago | FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can… | |||
| CVE-2025-15452 | medium | 4.8 | 4.8 | 5mo ago | A weakness has been identified in xnx3 wangmarket up to 4.9. This affects the function variableList of the file /admin/system/variableList.do of the component Backend Variable Search. Executing a man… | |||
| CVE-2025-15451 | medium | 4.8 | 4.8 | 5mo ago | A security flaw has been discovered in xnx3 wangmarket up to 4.9. Affected by this issue is some unknown functionality of the file /admin/system/variableSave.do of the component System Variables Page… | |||
| CVE-2025-15372 | medium | 4.8 | 4.8 | 5mo ago | A weakness has been identified in youlaitech vue3-element-admin up to 3.4.0. This issue affects some unknown processing of the file src/views/system/notice/index.vue of the component Notice Handler. … | |||
| CVE-2025-15214 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument name/ride results in … | |||
| CVE-2025-15204 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing m… | |||
| CVE-2025-15203 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation re… | |||
| CVE-2025-15202 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation… | |||
| CVE-2025-15200 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/s… | |||
| CVE-2025-15188 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was determined in Campcodes Complete Online Beauty Parlor Management System 1.0. This vulnerability affects unknown code of the file /admin/search-invoices.php. Executing a manipulati… | |||
| CVE-2025-15146 | medium | 4.8 | 4.8 | 5mo ago | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This impacts the function doUserList of the file src/main/java/com/sohu/cache/web/controller/UserManageController.java. Performing manip… | |||
| CVE-2025-15116 | medium | 4.8 | 4.8 | 5mo ago | A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unknown functionality of the component Single-Use Coupon Handler. Performing a manipulation results in ra… | |||
| CVE-2025-14991 | medium | 4.8 | 4.8 | 5mo ago | A weakness has been identified in Campcodes Complete Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/bwdates-reports-details.php. Executing … | |||
| CVE-2025-14801 | medium | 4.8 | 4.8 | 6mo ago | A security vulnerability has been detected in xiweicheng TMS up to 2.28.0. This affects the function createComment of the file /admin/blog/comment/create. Such manipulation of the argument content le… | |||
| CVE-2025-14663 | medium | 4.8 | 4.8 | 6mo ago | A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to c… | |||
| CVE-2025-14244 | medium | 4.8 | 4.8 | 6mo ago | A flaw has been found in GreenCMS 2.3.0603. Affected by this issue is some unknown functionality of the file /Admin/Controller/CustomController.class.php of the component Menu Management Page. This m… | |||
| CVE-2025-14201 | medium | 4.8 | 4.8 | 6mo ago | A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected by this vulnerability is an unknown functionality of th… | |||
| CVE-2025-14013 | medium | 4.8 | 4.8 | 6mo ago | A vulnerability was identified in JIZHICMS up to 2.5.5. The impacted element is an unknown function of the file /index.php/admins/Comment/addcomment.html of the component Comment Handler. The manipul… | |||
| CVE-2025-13784 | medium | 4.8 | 4.8 | 6mo ago | yungifez Skuul School Management System vulnerable to XSS via SVG | |||
| CVE-2025-13182 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability was identified in pojoin h3blog 1.0. The impacted element is an unknown function of the file /admin/cms/category/addtitle. The manipulation of the argument Title leads to cross site s… | |||
| CVE-2025-13181 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability was determined in pojoin h3blog 1.0. The affected element is an unknown function of the file /admin/cms/material/add. Executing a manipulation of the argument Name can lead to cross s… | |||
| CVE-2025-12920 | medium | 4.8 | 4.8 | 7mo ago | A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this vulnerability is the function add/edit of the file app/admin/controller/Product.php. This manipulation of the argument Title cau… | |||
| CVE-2025-12332 | medium | 4.8 | 4.8 | 7mo ago | A flaw has been found in SourceCodester Student Grades Management System 1.0. This affects the function delete_user of the file /admin.php. Executing manipulation can lead to cross site scripting. Th… | |||
| CVE-2025-12330 | medium | 4.8 | 4.8 | 7mo ago | A security flaw has been discovered in Willow CMS up to 1.4.0. This issue affects some unknown processing of the file /admin/articles/add of the component Add Post Page. The manipulation of the argum… | |||
| CVE-2025-12312 | medium | 4.8 | 4.8 | 7mo ago | A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. Impacted is an unknown function of the file view-pass-detail.php. This manipulation of the argument Fullname/Category causes c… | |||
| CVE-2025-12311 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catna… | |||
| CVE-2025-12303 | medium | 4.8 | 4.8 | 7mo ago | A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing a manipulation of the argument adminname/… | |||
| CVE-2025-12282 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability was identified in code-projects Client Details System 1.0. The affected element is an unknown function of the file /admin/manage-users.php. The manipulation leads to cross site script… | |||
| CVE-2025-12279 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability has been found in code-projects Client Details System 1.0. This vulnerability affects unknown code of the file /welcome.php. Such manipulation leads to cross site scripting. The attac… | |||
| CVE-2025-12231 | medium | 4.8 | 4.8 | 7mo ago | A security vulnerability has been detected in projectworlds Expense Management System 1.0. Affected is an unknown function of the file /public/admin/expense_categories/create of the component Expense… | |||
| CVE-2025-12230 | medium | 4.8 | 4.8 | 7mo ago | A weakness has been identified in projectworlds Expense Management System 1.0. This impacts an unknown function of the file /public/admin/currencies/create of the component Currency Page. This manipu… | |||
| CVE-2025-12229 | medium | 4.8 | 4.8 | 7mo ago | A security flaw has been discovered in projectworlds Expense Management System 1.0. This affects an unknown function of the file /public/admin/roles/create of the component Roles Page. The manipulati… | |||
| CVE-2025-12228 | medium | 4.8 | 4.8 | 7mo ago | A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The mani… | |||
| CVE-2025-11485 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function add_user of the file /admin.php of the component Manage Users Page. This manipulation o… | |||
| CVE-2025-11437 | medium | 4.8 | 4.8 | 8mo ago | A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack… | |||
| CVE-2025-11425 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /edit_admin.php. The manipulation of the argument firstname leads t… | |||
| CVE-2025-11069 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability was determined in westboy CicadasCMS 1.0. Affected by this issue is some unknown functionality of the file /system/org/save of the component Add Department Handler. This manipulation … | |||
| CVE-2025-11068 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability was found in westboy CicadasCMS 1.0. Affected by this vulnerability is an unknown functionality of the file /system/cms/category/save. The manipulation of the argument categoryName re… | |||
| CVE-2025-11067 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability has been found in Projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /myform.php of the component Add Visitor Page. The manipulation of the argum… | |||
| CVE-2025-11019 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability has been found in Total.js CMS up to 19.9.0. This impacts an unknown function of the component Files Menu. The manipulation leads to cross site scripting. The attack can be initiated … | |||
| CVE-2025-10940 | medium | 4.8 | 4.8 | 8mo ago | A vulnerability was found in Total.js CMS 1.0.0. Affected by this vulnerability is the function layouts_save of the file /admin/ of the component Layout Page. Performing manipulation of the argument … | |||
| CVE-2025-10758 | medium | 4.8 | 4.8 | 8mo ago | A security vulnerability has been detected in htmly up to 3.1.0. The impacted element is an unknown function of the file /htmly/admin/field/post of the component Custom Field Handler. Such manipulati… | |||
| CVE-2025-10235 | medium | 4.8 | 4.8 | 9mo ago | A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes… | |||
| CVE-2025-10234 | medium | 4.8 | 4.8 | 9mo ago | A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /data_point_edit.shtm of the component Data Point Edit Module. The manipulation of the arg… | |||
| CVE-2025-10099 | medium | 4.8 | 4.8 | 9mo ago | A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuár… | |||
| CVE-2025-9929 | medium | 4.8 | 4.8 | 9mo ago | A weakness has been identified in code-projects Responsive Blog Site 1.0. This affects an unknown function of the file blogs_view.php. Executing manipulation of the argument product_code/gen_name/pro… | |||
| CVE-2025-9753 | medium | 4.8 | 4.8 | 9mo ago | A vulnerability was detected in Campcodes Online Hospital Management System 1.0. The affected element is an unknown function of the file /admin/patient-search.php of the component Patient Search Modu… | |||
| CVE-2025-9746 | medium | 4.8 | 4.8 | 9mo ago | A vulnerability was detected in Campcodes Hospital Management System 1.0. This affects an unknown function of the file /admin/edit-doctor-specialization.php of the component Edit Doctor Specializatio… | |||
| CVE-2025-9430 | medium | 4.8 | 4.8 | 9mo ago | A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scr… | |||
| CVE-2025-9137 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduled_events.shtm. Such manipulation of the argument alias leads to cross site scripting. The att… | |||
| CVE-2025-8919 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation o… | |||
| CVE-2025-8918 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. The manipulation… | |||
| CVE-2025-8545 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_… | |||
| CVE-2025-8544 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation o… | |||
| CVE-2025-8543 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_ra… | |||
| CVE-2025-8542 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the arg… | |||
| CVE-2025-8541 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the ar… | |||
| CVE-2025-8540 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation of the argu… | |||
| CVE-2025-8539 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The manipulati… | |||
| CVE-2025-8538 | medium | 4.8 | 4.8 | 10mo ago | A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation… | |||
| CVE-2025-4373 | medium | 4.8 | 4.8 | 11mo ago | RHSA-2025:11327: glib2 security update (Moderate) | |||
| CVE-2025-7144 | medium | 4.8 | 4.8 | 11mo ago | A vulnerability has been found in SourceCodester Best Salon Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /panel/admin-profile.php of the co… | |||
| CVE-2025-6778 | medium | 4.8 | 4.8 | 11mo ago | A vulnerability, which was classified as problematic, was found in code-projects Food Distributor Site 1.0. Affected is an unknown function of the file /admin/save_settings.php. The manipulation of t… | |||
| CVE-2025-6530 | medium | 4.8 | 4.8 | 11mo ago | A vulnerability was found in 70mai M300 up to 20250611. It has been classified as problematic. This affects an unknown part of the file demo.sh of the component Telnet Service. The manipulation leads… | |||
| CVE-2025-6477 | medium | 4.8 | 4.8 | 11mo ago | A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/a… | |||
| CVE-2025-6475 | medium | 4.8 | 4.8 | 11mo ago | A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/admin/manage_students of… | |||
| CVE-2025-6452 | medium | 4.8 | 4.8 | 1y ago | A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. Th… | |||
| CVE-2025-6131 | medium | 4.8 | 4.8 | 1y ago | A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Par… | |||
| CVE-2025-5725 | medium | 4.8 | 4.8 | 1y ago | A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /script/a… | |||
| CVE-2025-5724 | medium | 4.8 | 4.8 | 1y ago | A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /script/academic/subjects of the c… | |||
| CVE-2025-5723 | medium | 4.8 | 4.8 | 1y ago | A vulnerability was found in SourceCodester Student Result Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /script/academic/classes of the … | |||
| CVE-2025-5722 | medium | 4.8 | 4.8 | 1y ago | A vulnerability has been found in SourceCodester Student Result Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /script/academic/terms of the … | |||
| CVE-2025-20205 | medium | 4.8 | 4.8 | 1y ago | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks agai… | |||
| CVE-2025-20204 | medium | 4.8 | 4.8 | 1y ago | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks agai… | |||
| CVE-2025-8114 | medium | 4.7 | 4.7 | 14d ago | Moderate: libssh security update | |||
| CVE-2025-71274 | medium | 4.7 | 4.7 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: rpmsg: core: fix race in driver_override_show() and use core helper The driver_override_show function reads the driver_override s… | |||
| CVE-2025-52206 | medium | 4.7 | 4.7 | 27d ago | ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS) via the system status webpage. | |||
| CVE-2025-68160 | medium | 4.7 | 4.7 | 4mo ago | Important: openssl security update | |||
| CVE-2025-15414 | medium | 4.7 | 4.7 | 5mo ago | A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/git_fetcher.go of the component Theme Fetching API. Executing a manipula… | |||
| CVE-2025-15250 | medium | 4.7 | 4.7 | 5mo ago | A security vulnerability has been detected in 08CMS Novel System up to 3.4. This issue affects some unknown processing of the file admina/mtpls.inc.php of the component Template Handler. The manipula… | |||
| CVE-2025-15130 | medium | 4.7 | 4.7 | 5mo ago | A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.cl… | |||
| CVE-2025-14694 | medium | 4.7 | 4.7 | 6mo ago | A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in… | |||
| CVE-2025-14116 | medium | 4.7 | 4.7 | 6mo ago | A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument… | |||
| CVE-2025-4598 | medium | 4.7 | 4.7 | 6mo ago | Moderate: systemd security update | |||
| CVE-2025-13275 | medium | 4.7 | 4.7 | 7mo ago | A security vulnerability has been detected in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This affects an unknown part of the file /admin/about.php. The manipulatio… | |||
| CVE-2025-39697 | medium | 4.7 | 4.7 | 7mo ago | RHSA-2025:21920: kernel-rt security update (Moderate) | |||
| CVE-2025-13198 | medium | 4.7 | 4.7 | 7mo ago | A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown function of the file upload/include/file.class.php. The manipulation of the argument File leads to unrestr… | |||
| CVE-2025-12914 | medium | 4.7 | 4.7 | 7mo ago | A vulnerability has been found in aaPanel BaoTa up to 11.2.x. This vulnerability affects unknown code of the file /database?action=GetDatabaseAccess of the component Backend. The manipulation of the … | |||
| CVE-2025-12291 | medium | 4.7 | 4.7 | 7mo ago | A vulnerability was found in ashymuzuro Full-Ecommece-Website and Muzuro Ecommerce System up to 1.1.0. This affects an unknown part of the file /admin/index.php?add_product of the component Add Produ… | |||
| CVE-2025-12250 | medium | 4.7 | 4.7 | 7mo ago | A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is poss… | |||
| CVE-2025-11655 | medium | 4.7 | 4.7 | 8mo ago | A security flaw has been discovered in Total.js Flow up to 673ef9144dd25d4f4fd4fdfda5af27f230198924. The impacted element is an unknown function of the component SVG File Handler. Performing manipula… | |||
| CVE-2025-11628 | medium | 4.7 | 4.7 | 8mo ago | A flaw has been found in jimit105 Project-Online-Shopping-Website up to 7d892f442bd8a96dd242dbe2b9bd5ed641e13e64. This affects an unknown function of the file /delete.php of the component Product Inv… | |||
| CVE-2025-11286 | medium | 4.7 | 4.7 | 8mo ago | A vulnerability was determined in samanhappy MCPHub up to 0.9.10. This affects an unknown part of the file src/controllers/serverController.ts of the component MCPRouter Service. This manipulation of… | |||
| CVE-2025-11141 | medium | 4.7 | 4.7 | 8mo ago | A security flaw has been discovered in Ruijie NBR2100G-E up to 20250919. Affected by this issue is the function listAction of the file /itbox_pi/branch_passw.php?a=list. Performing manipulation of th… | |||
| CVE-2025-11073 | medium | 4.7 | 4.7 | 8mo ago | A vulnerability was detected in Keyfactor RG-EW5100BE EW_3.0B11P280_EW5100BE-PRO_12183019. The affected element is an unknown function of the file /cgi-bin/luci/api/cmd of the component HTTP POST Req… | |||
| CVE-2025-10774 | medium | 4.7 | 4.7 | 8mo ago | A weakness has been identified in Ruijie 6000-E10 up to 2.4.3.6-20171117. This affects an unknown part of the file /view/vpn/autovpn/sub_commit.php. This manipulation of the argument key causes os co… | |||
| CVE-2025-39813 | medium | 4.7 | 4.7 | 9mo ago | In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump When calling ftrace_dump_one() concurrently with reading tra… | |||
| CVE-2025-10107 | medium | 4.7 | 4.7 | 9mo ago | A vulnerability has been found in TRENDnet TEW-831DR 1.0 (601.130.1.1410). Impacted is an unknown function of the file /boafrm/formSysCmd. The manipulation of the argument sysHost leads to command in… | |||
| CVE-2025-39825 | medium | 4.7 | 4.7 | 9mo ago | RHSA-2025:22388: kernel security update (Moderate) |