Total
5229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-53419 | 2025-08-26 | N/A | 7.8 HIGH | ||
| Delta Electronics COMMGR has Code Injection vulnerability. | |||||
| CVE-2022-31491 | 2025-08-25 | N/A | 10.0 CRITICAL | ||
| Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence. | |||||
| CVE-2024-52786 | 2025-08-25 | N/A | 9.8 CRITICAL | ||
| An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted URL. | |||||
| CVE-2025-9416 | 2025-08-25 | 3.3 LOW | 2.4 LOW | ||
| A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been released to the public and may be exploited. | |||||
| CVE-2025-36014 | 1 Ibm | 2 Integration Bus, Z\/os | 2025-08-25 | N/A | 8.2 HIGH |
| IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory. | |||||
| CVE-2025-9237 | 1 Codeastro | 1 Ecommerce Website | 2025-08-25 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | |||||
| CVE-2024-13196 | 1 Donglight | 1 Bookstore | 2025-08-22 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file src/main/java/org/zdd/bookstore/web/controller/BookInfoController.java. The manipulation of the argument keywords leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-13197 | 1 Donglight | 1 Bookstore | 2025-08-22 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been rated as problematic. This issue affects the function updateUser of the file src/main/Java/org/zdd/bookstore/web/controller/admin/AdminUserControlle.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-9306 | 1 Donbermoy | 1 Advanced School Management System | 2025-08-22 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used. | |||||
| CVE-2010-20120 | 2025-08-22 | N/A | N/A | ||
| Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers to craft malicious .maplet files that execute arbitrary code without user interaction. | |||||
| CVE-2024-13202 | 1 Wander-chu | 1 Springboot-blog | 2025-08-22 | 3.3 LOW | 2.4 LOW |
| A vulnerability was found in wander-chu SpringBoot-Blog 1.0 and classified as problematic. This issue affects the function modifiyArticle of the file src/main/java/com/my/blog/website/controller/admin/PageController.java of the component Blog Article Handler. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-1706 | 1 Zkteco | 1 Zkbio Access Ivs | 2025-08-22 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input <marquee>hi causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor explains: "ZKBio Access IVS is no longer maintained and the product has been replaced by ZKBio CVAccess, it is recommended to replace it with the latest version of ZKBio CVAccess." This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-43393 | 1 Phoenixcontact | 72 Fl Mguard 2102, Fl Mguard 2102 Firmware, Fl Mguard 2105 and 69 more | 2025-08-22 | N/A | 8.1 HIGH |
| A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP FW_RULESETS.FROM_IP FW_RULESETS.IN_IP environment variable which can lead to a DoS. | |||||
| CVE-2024-43392 | 1 Phoenixcontact | 60 Fl Mguard Centerport Vpn-1000, Fl Mguard Centerport Vpn-1000 Firmware, Fl Mguard Core Tx and 57 more | 2025-08-22 | N/A | 8.1 HIGH |
| A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP FW_INCOMING.IN_IP FW_OUTGOING.FROM_IP FW_OUTGOING.IN_IP environment variable which can lead to a DoS. | |||||
| CVE-2024-43391 | 1 Phoenixcontact | 72 Fl Mguard 2102, Fl Mguard 2102 Firmware, Fl Mguard 2105 and 69 more | 2025-08-22 | N/A | 8.1 HIGH |
| A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_PORTFORWARDING.SRC_IP environment variable which can lead to a DoS. | |||||
| CVE-2024-43390 | 1 Phoenixcontact | 72 Fl Mguard 2102, Fl Mguard 2102 Firmware, Fl Mguard 2105 and 69 more | 2025-08-22 | N/A | 8.1 HIGH |
| A low privileged remote attacker can perform configuration changes of the firewall services, including packet forwarding or NAT through the FW_NAT.IN_IP environment variable which can lead to a DoS. | |||||
| CVE-2024-43389 | 1 Phoenixcontact | 72 Fl Mguard 2102, Fl Mguard 2102 Firmware, Fl Mguard 2105 and 69 more | 2025-08-22 | N/A | 8.1 HIGH |
| A low privileged remote attacker can perform configuration changes of the ospf service through OSPF_INTERFACE.SIMPLE_KEY, OSPF_INTERFACE.DIGEST_KEY environment variables which can lead to a DoS. | |||||
| CVE-2024-43388 | 1 Phoenixcontact | 72 Fl Mguard 2102, Fl Mguard 2102 Firmware, Fl Mguard 2105 and 69 more | 2025-08-22 | N/A | 8.8 HIGH |
| A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation. | |||||
| CVE-2025-9017 | 1 Phpgurukul | 1 Zoo Management System | 2025-08-21 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-foreigner-ticket.php. The manipulation of the argument visitorname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5309 | 1 Beyondtrust | 2 Privileged Remote Access, Remote Support | 2025-08-21 | N/A | 9.8 CRITICAL |
| The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution. | |||||