Filter and search through 196,413 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-40652 | Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager booking software. This allows an attacker to inject malicious scripts into the app... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-40651 | Reflected Cross-Site Scripting (XSS) vulnerability in Real Easy Store. This vulnerability allows an attacker to execute JavaScript code in the victim'... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40650 | Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow an attacker to retrieve information about student re... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40649 | Stored Cross-Site Scripting (XSS) in Biobanking and Biomolecular Resources Negotiator v3.15.2 - European Research Infrastructure (BBMRI-ERIC), consist... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40648 | Stored Cross-Site Scripting (XSS) vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, throug... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40647 | Stored Cross-Site Scripting (XSS) vulnerability in Issabel v5.0.0, consisting of a stored XSS due to a lack of proper validation of user input, throug... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40645 | Exposure of sensitive information in Viday. This vulnerability could allow an unauthenticated attacker to obtain sensitive information about customers... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40644 | Reflected Cross-Site Scripting (XSS) vulnerability in Riftzilla's QRGen. This vulnerability allows an attavker to execute JavaScript code in the victi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40642 | Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to execute arbitrary code through the 'q' and 'engine' re... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40641 | Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System, consisting of a stored XSS due to lack of proper validat... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40636 | SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4j3. This vulnerability allows an attacker to retrieve database content via the ‘... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40635 | SQL injection vulnerability in Comerzzia Backoffice: Sales Orchestrator 3.0.15. This vulnerability allows an attacker to retrieve, create, update and ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40634 | Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-40633 | A Stored Cross-Site Scripting (XSS) vulnerability has been found in Koibox for versions prior to e8cbce2. This vulnerability allows an authenticated... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40629 | PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows attackers to perform directory traversal by manipulat... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2025-40628 | SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the “d”... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40587 | A vulnerability has been identified in Polarion V2404 (All versions < V2404.5), Polarion V2410 (All versions < V2410.2). The affected application allo... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4053 | The data stored in Be-Tech Mifare Classic card is stored in cleartext. An attacker having access to a Be-Tech hotel guest Mifare Classic card can crea... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4049 | Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability in SIGNUM-NET FARA allows to read and manipulate local... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4042 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 0.0 | 0 | Neutral | No | No |