Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

986 matches found

Vulnrichment
Vulnrichmentadded 2025/10/27 11:2 a.m.1 views

CVE-2025-12267 abhicodebox ModernShop search cross site scripting

A flaw has been found in abhicodebox ModernShop 20250922. This issue affects some unknown processing of the file /search. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used...

5.3CVSS3.7AI score0.0028EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/27 8:32 a.m.2 views

EUVD-2025-36133

A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was...

5.8CVSS6AI score0.00412EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/27 4:2 a.m.5 views

EUVD-2025-36078

A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /loginsubmit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

7.5CVSS6.4AI score0.00346EPSS
Exploits1References5
OSV
OSVadded 2025/10/27 3:15 a.m.0 views

UBUNTU-CVE-2025-12206

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. It is still unclear if this...

5.5CVSS5.3AI score0.00199EPSS
Exploits1References6
CVE
CVEadded 2025/10/27 2:32 a.m.13 views

CVE-2025-12206

Kamailio 5.5 is affected by CVE-2025-12206 due to a flaw in the rve_is_constant function in src/core/rvalue.c, causing a null pointer dereference. The attack is local and relies on manipulating configuration files; an exploit has been published, but it is still unclear whether the vulnerability e...

5.5CVSS3.7AI score0.00199EPSS
Exploits1References9Affected Software1
EUVD
EUVDadded 2025/10/27 2:32 a.m.3 views

EUVD-2025-36070

A flaw has been found in Kamailio 5.5. The impacted element is the function rveisconstant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. The vendor was contacted early about...

4.8CVSS5.9AI score0.00199EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.2 views

PT-2025-43934

Name of the Vulnerable Software and Affected Versions abhicodebox ModernShop version 20250922 Description A flaw exists in the processing of the /search file within abhicodebox ModernShop. Manipulation of the q argument can lead to cross site scripting, potentially allowing for remote attacks. Th...

5.3CVSS5.9AI score0.0028EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.2 views

PT-2025-43866

Name of the Vulnerable Software and Affected Versions Kamailio version 5.5 Description A flaw exists in Kamailio where manipulation of the rve is constant function within the src/core/rvalue.c file can lead to a null pointer dereference. The attack requires local access. The exploit for this issu...

5.5CVSS5.6AI score0.00199EPSS
Exploits1References10
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.6 views

PT-2025-44064

Name of the Vulnerable Software and Affected Versions SourceCodester Student Grades Management System version 1.0 Description A flaw exists in the Student Grades Management System that impacts the delete user function within the /admin.php file. Manipulation of this function can lead to cross sit...

4.8CVSS6AI score0.00306EPSS
Exploits1References10
RedhatCVE
RedhatCVEadded 2025/10/20 6:23 p.m.7 views

CVE-2025-11942

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

7.5CVSS7.2AI score0.01027EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/19 6:30 p.m.3 views

EUVD-2025-35006

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

7.5CVSS6AI score0.01027EPSS
Exploits1References5
OSV
OSVadded 2025/10/19 4:15 p.m.3 views

CVE-2025-11942

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

9.8CVSS5.3AI score0.01027EPSS
Exploits1References4
NVD
NVDadded 2025/10/19 4:15 p.m.2 views

CVE-2025-11942

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

9.8CVSS0.01027EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/10/19 4:2 p.m.10 views

CVE-2025-11942 70mai X200 Pairing missing authentication

A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early abo...

7.5CVSS0.01027EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/10/18 2:26 p.m.11 views

CVE-2025-11903

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Th...

7.2CVSS6.3AI score0.00575EPSS
Exploits1References1
OSV
OSVadded 2025/10/17 8:15 p.m.4 views

CVE-2025-11912

A flaw has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected is the function Query of the file /DeviceState.do?Action=Query. This manipulation of the argument orderField causes sql injection. The attack can be initiated remotely. The exploit has been published and may be...

8.8CVSS5.7AI score
Exploits0References4
OSV
OSVadded 2025/10/17 2:15 p.m.2 views

CVE-2025-11903

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Th...

7.2CVSS5.7AI score0.00575EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/17 2:2 p.m.3 views

EUVD-2025-34879

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. The...

6.5CVSS6.4AI score0.00575EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/10/13 10:23 p.m.7 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS3.6AI score0.00516EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/13 6:32 a.m.4 views

EUVD-2025-33955

A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. Affected by this vulnerability is an unknown functionality of the file /assets/uploadNotes.php. This manipulation of the argument File causes unrestricted upload. Remote...

7.5CVSS7AI score0.00535EPSS
Exploits1References5
Rows per page
Query Builder