Filter and search through 197,017 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-53549 | An SQL injection vulnerability in the `EventCache::find_event_with_relations` method of matrix-sdk 0.11 and 0.12 allows malicious room members to exec... | 0.0 | 0 | Neutral | No |
| Yes |
| CVE-2025-53545 | Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Users can circ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53540 | arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Several OTA update examples and ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53535 | ### Summary An open redirect has been found in the `originCheck` middleware function, which affects the following routes: `/verify-email`, `/reset-pa... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-53534 | ### Summary * When an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-53523 | Stored cross-site scripting vulnerabilities exist in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSes... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53522 | Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticat... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53508 | Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If exploited, an arbitrary OS command may be executed and sen... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53507 | Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information,... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53504 | Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerabili... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53473 | Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, uninten... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-5346 | Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an unsecured broadcast receiver "kr.co.bluebird.android.bb... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53459 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ads by WPQuads Ads by WPQuads allows Stored XSS.... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-5345 | Bluebird devices contain a pre-loaded file manager application. This application exposes an unsecured service provider "com.bluebird.system.koreanpost... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-5344 | Bluebird devices contain a pre-loaded kiosk application. This application exposes an unsecured service provider "com.bluebird.kiosk.launcher.IpartnerK... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53417 | DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53399 | In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inj... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-53396 | Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier), which may all... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53388 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2025-53387 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |