Filter and search through 196,504 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-43880 | Inefficient regular expression complexity issue exists in GROWI prior to v7.1.6. If exploited, a logged-in user may cause a denial of service (DoS) co... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-43879 | WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in the t... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43877 | WRC-1167GHBK2-S contains a stored cross-site scripting vulnerability in WebGUI. If exploited, an arbitrary script may be executed on the web browser o... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43876 | Under certain circumstances a successful exploitation could result in access to the device. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43875 | Under certain circumstances a successful exploitation could result in access to the device. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43873 | Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device. | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43856 | immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oaut... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43855 | ### Summary An unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthentica... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4384 | The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4379 | DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitra... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43774 | A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.17 allows a remote aut... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-43772 | Kaleo Forms Admin in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 27, and older unsupported versions does not r... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-4377 | Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.p... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4376 | Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS). This issue af... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4375 | Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cros... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-4364 | The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files and obt... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43490 | A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow e... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43264 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43219 | No description available | 0.0 | 0 | Neutral | No | No |
| CVE-2025-43210 | No description available | 0.0 | 0 | Neutral | No | No |