Filter and search through 196,383 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-40977 | Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POS... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-40976 | Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's TicketGo, consisting of a lack of proper validation of user input by sending a POST reques... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40975 | Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's HRMGo, consisting of a lack of proper validation of user input by sending a POST request t... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4095 | Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. Whe... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40846 | Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper input validation, allowing attackers to redirect users to... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4081 | Use of entitlement "com.apple.security.cs.disable-library-validation" and lack of launch and library load constraints allows to substitute a legitimat... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40730 | HTML injection in Vox Media's Chorus CMS. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a m... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40727 | A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40726 | Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40725 | Reflected Cross-Site Scripting (XSS) vulnerability in Azon Dominator. This vulnerability allows an attacker to execute JavaScript code in the victim's... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40724 | Stored Cross-Site Scripting (XSS) vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the vi... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40723 | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of prope... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40722 | Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of prope... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40710 | Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN client, which can induce unexpected behaviour when accessing third-party web appli... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40698 | SQL injection vulnerability in Prevengos v2.44 by Nedatec Consulting. This vulnerability allows an attacker to retrieve, create, update, and delete da... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40681 | Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code i... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40680 | Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the proxy credentials and the JWT session token in plain... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40679 | HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POS... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40678 | Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado. This vulnerability allows an attacker to upload a... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-40677 | SQL injection vulnerability in Summar Software´s Portal del Empleado. This vulnerability allows an attacker to retrieve, create, update, and delete th... | 0.0 | 0 | Neutral | Yes | No |