Showing 1–50 of 319952 results .

CVE ID	Title	Severity	CVSS	EPSS	Published
`CVE-2025-9999`	Improper validation of payload elements	HIGH	7.6	EPSS	2025-09-05 16:41:02
`CVE-2025-9998`	Improper validation of packets sequencing	MEDIUM	6.0	EPSS	2025-09-05 16:40:14
`CVE-2025-9997`		MEDIUM	5.8	EPSS	2025-09-09 21:12:36
`CVE-2025-9996`		MEDIUM	5.8	EPSS	2025-09-09 21:11:15
`CVE-2025-9994`	Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not require authentication	NONE		EPSS	2025-09-09 13:01:05
`CVE-2025-9993`	Bei Fen – WordPress Backup Plugin <= 1.4.2 - Authenticated (Subscriber+) Local File Inclusion	HIGH	8.1	EPSS	2025-09-30 03:35:27
`CVE-2025-9992`	Ghost Kit <= 3.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting	MEDIUM	6.4	EPSS	2025-09-18 09:31:28
`CVE-2025-9991`	Tiny Bootstrap Elements Light <= 4.3.34 - Unauthenticated Local File Inclusion	HIGH	8.1	EPSS	2025-09-30 03:35:31
`CVE-2025-9990`	WordPress Helpdesk Integration <= 5.8.10 - Unauthenticated Local File Inclusion	HIGH	8.1	EPSS	2025-09-05 02:25:02
`CVE-2025-9985`	Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File	MEDIUM	5.3	EPSS	2025-09-26 04:25:17
`CVE-2025-9984`	Featured Image from URL (FIFU) <= 5.2.7 - Missing Authorization to Password Protected Post Disclosure	MEDIUM	5.3	EPSS	2025-09-26 04:25:17
`CVE-2025-9983`	Lack of Authentication for RTSP stream	HIGH	7.1	EPSS	2025-09-22 11:06:54
`CVE-2025-9982`	Hard-coded admin credentials in Quick.CMS	MEDIUM	6.9	EPSS	2025-11-14 13:22:17
`CVE-2025-9981`	Multiple Stored XSS in QuickCMS	MEDIUM	4.8	EPSS	2025-10-23 09:37:44
`CVE-2025-9980`	Multiple Stored XSS in QuickCMS	MEDIUM	4.8	EPSS	2025-10-23 09:37:33
`CVE-2025-9979`	Maspik <= 2.5.6 - Authenticated (Subscriber+) Missing Authorization to Spam Log Export	MEDIUM	4.3	EPSS	2025-09-10 06:38:47
`CVE-2025-9978`	Jeg Elementor Kit < 2.7.0 - Author+ Stored XSS	NONE		EPSS	2025-10-24 06:00:10
`CVE-2025-9977`	Improper neutralization of input in Times Software E-PAYROLL	MEDIUM	5.3	EPSS	2025-11-18 15:46:21
`CVE-2025-9976`	OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x	CRITICAL	9.0	EPSS	2025-10-13 07:33:16
`CVE-2025-9975`	WP Scraper <= 5.8.1 - Authenticated (Administrator+) Server-Side Request Forgery	MEDIUM	6.8	EPSS	2025-10-11 09:28:38
`CVE-2025-9972`	Planet Technology｜Industrial Cellular Gateway - OS Command Injection	CRITICAL	9.3	EPSS	2025-09-17 07:01:52
`CVE-2025-9971`	Planet Technology｜Industrial Cellular Gateway - Missing Authentication	CRITICAL	9.3	EPSS	2025-09-17 06:48:33
`CVE-2025-9970`	Application credential stored in clear text in memory	MEDIUM	5.7	EPSS	2025-10-08 16:32:56
`CVE-2025-9969`	Reflected XSS in Vizly Web Design's Real Estate Packages	HIGH	7.1	EPSS	2025-09-19 11:26:08
`CVE-2025-9968`		HIGH	8.5	EPSS	2025-10-13 08:13:33
`CVE-2025-9967`	Orion SMS OTP Verification <= 1.1.7 - Authentication Bypass via Account Takeover	CRITICAL	9.8	EPSS	2025-10-15 08:26:00
`CVE-2025-9966`	Execution with Unnecessary Privileges	HIGH	7.3	EPSS	2025-09-23 11:41:19
`CVE-2025-9965`	UDP Service Weak Authentication	CRITICAL	9.3	EPSS	2025-09-23 11:36:35
`CVE-2025-9964`	Weak Authentication for Root User	HIGH	8.6	EPSS	2025-09-23 11:33:14
`CVE-2025-9963`	Path Traversal	CRITICAL	9.4	EPSS	2025-09-23 11:11:14
`CVE-2025-9962`	Unauthenticated Buffer Overflow	CRITICAL	10.0	EPSS	2025-09-23 11:02:14
`CVE-2025-9961`	Authenticated RCE by CWMP binary	HIGH	8.6	EPSS	2025-09-06 06:51:00
`CVE-2025-9960`	is-localhost-ip 2.0.0 - SSRF via Restrictions bypass	MEDIUM	6.9	EPSS	2025-09-22 18:35:35
`CVE-2025-9959`	Sandbox escape in smolagents Local Python execution environment via dunder attributes	HIGH	7.6	EPSS	2025-09-03 16:53:46
`CVE-2025-9958`	Insertion of Sensitive Information Into Sent Data in GitLab	HIGH	7.7	EPSS	2025-09-26 09:04:42
`CVE-2025-9955`	Improper Access Control in WSO2 Enterprise Integrator Product via SOAP Admin Services for Logs and User-Store Configuration	MEDIUM	5.7	EPSS	2025-10-16 12:14:56
`CVE-2025-9954`	Acquia DAM - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-105	NONE		EPSS	2025-10-29 23:12:42
`CVE-2025-9952`	Trinity Audio <= 5.20.2 - Reflected Cross-Site Scripting	MEDIUM	6.1	EPSS	2025-10-04 03:33:31
`CVE-2025-9951`	Remote code execution via Heap Buffer Overflow in FFmpeg JPEG2000	HIGH	7.2	EPSS	2025-09-09 13:54:08
`CVE-2025-9950`	Error Log Viewer by BestWebSoft <= 1.1.6 - Authenticated (Administrator+) Arbitrary File Read	MEDIUM	4.9	EPSS	2025-10-11 09:28:40
`CVE-2025-9949`	Internal Links Manager <= 3.0.1 - Cross-Site Request Forgery	MEDIUM	4.3	EPSS	2025-09-20 04:27:57
`CVE-2025-9948`	Chat by Chatwee <= 2.1.3 - Cross-Site Request Forgery to Settings Update	MEDIUM	4.3	EPSS	2025-09-30 03:35:31
`CVE-2025-9947`	Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter	MEDIUM	4.9	EPSS	2025-10-11 09:28:42
`CVE-2025-9946`	LockerPress – WordPress Security Plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting	MEDIUM	6.1	EPSS	2025-09-30 03:35:33
`CVE-2025-9945`	Optimize More! – CSS <= 1.0.3 - Cross-Site Request Forgery to Plugin Settings Reset	MEDIUM	4.3	EPSS	2025-10-03 11:17:14
`CVE-2025-9944`	Professional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email Sending	MEDIUM	4.3	EPSS	2025-09-27 06:47:16
`CVE-2025-9943`	Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider	NONE		EPSS	2025-09-10 06:45:51
`CVE-2025-9942`	CodeAstro Real Estate Management System submitproperty.php unrestricted upload	MEDIUM	5.3	EPSS	2025-09-04 00:32:09
`CVE-2025-9941`	CodeAstro Real Estate Management System register.php unrestricted upload	MEDIUM	5.3	EPSS	2025-09-04 00:32:07
`CVE-2025-9940`	CodeAstro Real Estate Management System feature.php cross site scripting	MEDIUM	5.1	EPSS	2025-09-04 00:02:09