| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-44003 | Missing Release of Resource after Effective Lifetime (CWE-772) in the Gallagher T-Series Reader allo... | | |
| CVE-2025-44019 | AVEVA PI Data Archive Uncaught Exception | S | |
| CVE-2025-44021 | OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handlin... | | |
| CVE-2025-44022 | An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbitrary code via the Plugin mech... | E S | |
| CVE-2025-44023 | An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbit... | | |
| CVE-2025-44024 | Cross-Site Scripting (XSS) vulnerability was discovered in the Pichome system v2.1.0 and before. The... | E | |
| CVE-2025-44039 | CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections fo... | E | |
| CVE-2025-44040 | An issue in OrangeHRM v.5.7 allows an attacker to escalate privileges via the UserService.php and th... | | |
| CVE-2025-44043 | Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery (SSRF) in /Keyoti_Sea... | | |
| CVE-2025-44044 | Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can fo... | | |
| CVE-2025-44071 | SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component... | E | |
| CVE-2025-44072 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager... | E | |
| CVE-2025-44073 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment... | E | |
| CVE-2025-44074 | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.p... | E | |
| CVE-2025-44083 | An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login authent... | E | |
| CVE-2025-44084 | D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerabi... | E | |
| CVE-2025-44091 | yangyouwang crud v1.0.0 is vulnerable to Cross Site Scripting (XSS) via the role management function... | E | |
| CVE-2025-44108 | A stored Cross-Site Scripting (XSS) vulnerability exists in the administration panel of Flatpress CM... | E S | |
| CVE-2025-44110 | FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in via the Forum Description Field in admi... | E | |
| CVE-2025-44115 | A vulnerability has been found in Cotonti Siena v0.9.25. Affected by this vulnerability is the file ... | E | |
| CVE-2025-44134 | A vulnerability was found in Code-Projects Online Class and Exam Scheduling System 1.0 in the file /... | E | |
| CVE-2025-44135 | A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 in /Schedulin... | E | |
| CVE-2025-44141 | A Cross-Site Scripting (XSS) vulnerability exists in the node creation form of Backdrop CMS 1.30.... | | |
| CVE-2025-44148 | Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execut... | E | |
| CVE-2025-44163 | RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/get_wgkey.php. An... | | |
| CVE-2025-44172 | Tenda AC6 V15.03.05.16 was discovered to contain a stack overflow via the time parameter in the setS... | E | |
| CVE-2025-44175 | Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.... | E | |
| CVE-2025-44176 | Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.... | E | |
| CVE-2025-44177 | A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-... | | |
| CVE-2025-44180 | Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /edi... | E | |
| CVE-2025-44181 | Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /adm... | E | |
| CVE-2025-44182 | Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the... | | |
| CVE-2025-44183 | Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in /adm... | E | |
| CVE-2025-44184 | SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /... | E | |
| CVE-2025-44185 | SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery (CSR... | E | |
| CVE-2025-44186 | SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery (CSRF... | E | |
| CVE-2025-44192 | SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay... | E | |
| CVE-2025-44193 | SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay... | E | |
| CVE-2025-44194 | SourceCodester Simple Barangay Management System v1.0 has a SQL injection vulnerability in /barangay... | E | |
| CVE-2025-44203 | In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb.ph... | E | |
| CVE-2025-44206 | Hexagon HxGN OnCall Dispatch Advantage (Web) v10.2309.03.00264 and Hexagon HxGN OnCall Dispatch Adva... | | |
| CVE-2025-44251 | Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.... | | |
| CVE-2025-44525 | Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41.00.17 was discovered to utili... | | |
| CVE-2025-44526 | Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize insufficient permission checks ... | | |
| CVE-2025-44528 | An issue in Texas Instruments LP-CC2652RB SimpleLink CC13XX CC26XX SDK 7.41.00.17 allows attackers t... | E | |
| CVE-2025-44531 | An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service... | E | |
| CVE-2025-44557 | A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66 allow... | | |
| CVE-2025-44559 | An issue in the Bluetooth Low Energy (BLE) stack of Realtek RTL8762E BLE SDK v1.4.0 allows attackers... | | |
| CVE-2025-44612 | Tinxy WiFi Lock Controller v1 RF was discovered to transmit sensitive information in plaintext, incl... | | |
| CVE-2025-44614 | Tinxy WiFi Lock Controller v1 RF was discovered to store users' sensitive information, including cre... | | |
| CVE-2025-44619 | Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi networ... | | |
| CVE-2025-44635 | There are multiple unauthorized remote command execution vulnerabilities in the H3C ER2200G2, ERG2-4... | | |
| CVE-2025-44830 | EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in the /project/addprojtemplet i... | E | |
| CVE-2025-44831 | EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in the /project/addproject interf... | E | |
| CVE-2025-44835 | D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which ... | E | |
| CVE-2025-44836 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability ... | E | |
| CVE-2025-44837 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability ... | E | |
| CVE-2025-44838 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability ... | E | |
| CVE-2025-44839 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44840 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44841 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44842 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44843 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44844 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44845 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44846 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44847 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44848 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in th... | E | |
| CVE-2025-44854 | TOTOLINK CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the se... | E | |
| CVE-2025-44860 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the... | E | |
| CVE-2025-44861 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the... | E | |
| CVE-2025-44862 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the... | E | |
| CVE-2025-44863 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the... | E | |
| CVE-2025-44864 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg ... | E | |
| CVE-2025-44865 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg ... | E | |
| CVE-2025-44866 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg ... | E | |
| CVE-2025-44867 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckT... | E | |
| CVE-2025-44868 | Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the ping_test ... | E | |
| CVE-2025-44872 | Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUs... | E | |
| CVE-2025-44877 | Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formSetSa... | E | |
| CVE-2025-44879 | WS-WN572HP3 V230525 was discovered to contain a buffer overflow in the component /www/cgi-bin/upload... | E | |
| CVE-2025-44880 | A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allow... | E | |
| CVE-2025-44881 | A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allow... | E | |
| CVE-2025-44882 | A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 ... | E | |
| CVE-2025-44883 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the tacIp parameter in th... | E | |
| CVE-2025-44884 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_p... | E | |
| CVE-2025-44885 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the remote_ip parameter i... | E | |
| CVE-2025-44886 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the byruleEditName parame... | E | |
| CVE-2025-44887 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radIpkey parameter in... | E | |
| CVE-2025-44888 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stp_conf_name paramet... | E | |
| CVE-2025-44890 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in ... | E | |
| CVE-2025-44891 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in ... | E | |
| CVE-2025-44892 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ownekey parameter in ... | E | |
| CVE-2025-44893 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter... | E | |
| CVE-2025-44894 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the radDftParamKey parame... | E | |
| CVE-2025-44895 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ipv4Aclkey parameter ... | E | |
| CVE-2025-44896 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bindEditMACName param... | E | |
| CVE-2025-44897 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the bytftp_srvip paramete... | E | |
| CVE-2025-44898 | FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter... | E | |
| CVE-2025-44899 | There is a stack overflow vulnerability in Tenda RX3 V1.0br_V16.03.13.11 In the fromSetWifiGusetBasi... | | |
| CVE-2025-44900 | In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetPare... | | |
| CVE-2025-44904 | hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.... | E | |
| CVE-2025-44905 | hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset functi... | E | |
| CVE-2025-44906 | jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c.... | E | |
| CVE-2025-44951 | A missing length check in `ogs_pfcp_dev_add` function from PFCP library, used by both smf and upf in... | E | |
| CVE-2025-44952 | A missing length check in `ogs_pfcp_subnet_add` function from PFCP library, used by both smf and upf... | E | |
| CVE-2025-44998 | A stored cross-site scripting (XSS) vulnerability in the component /tinyfilemanager.php of TinyFileM... | E |