Filter
-Infinity
0

Trending

Last week
Last month
Last year

WooCommerce TicketBAI Facturas para WooCommerceTicketBAI Facturas para WooCommerce <= 3.18 - Unauthenticated Arbitrary File Deletion

critical
9.8
First published (updated )
CVE-2025-4564

I-O DATA HDL-T SeriesCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2025-32002

百度 站长SEO合集百度站长SEO合集(支持百度/神马/Bing/头条推送) <= 2.0.6 - Unauthenticated Arbitrary File Upload

critical
9.8
First published (updated )
CVE-2025-3917

bonigarcia webdrivermanagerXML External Entity (XXE) injection vulnerability in WebDriverManager

critical
9.3
First published (updated )
CVE-2025-4641

PointCloudLibraryImproper Pointer Arithmetic in pcl

critical
9.2
First published (updated )
CVE-2025-4638

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

ChromiumChromium: Monthly Vulnerability Update (May 2025) (Severity: HIGH)

critical
9.4
First published (updated )
PAN-SA-2025-0009

RalllyRallly Insufficient Password Login Token Entropy Leads to Account Takeover

critical
9.8
First published (updated )
CVE-2025-47781

5ire Client5ire Client Vulnerable to Cross-Site Scripting (XSS) and Remote Code Execution (RCE)

critical
9.7
First published (updated )
CVE-2025-47777

OpenText Advanced AuthenticationReflected Cross-Site Scripting vulnerability has been discovered in OpenText Advanced Authentication

critical
9.4
First published (updated )
CVE-2024-10865

Cap CollectifCap Collectif vulnerable to insecure deserialization leading to remote code execution

critical
9.5
EPSS
0.32%
First published (updated )
CVE-2025-47292

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Apache IoTDBApache IoTDB: Remote Code Execution with untrusted URI of User-defined function

critical
9.8
First published (updated )
CVE-2024-24780

Adobe ColdFusionColdFusion | Improper Input Validation (CWE-20)

critical
9.1
EPSS
1.45%
First published (updated )
CVE-2025-43559

Adobe ColdFusionColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

critical
9.1
EPSS
0.89%
First published (updated )
CVE-2025-43562

Adobe ColdFusionColdFusion | Incorrect Authorization (CWE-863)

critical
9.1
EPSS
0.10%
First published (updated )
CVE-2025-43564

Adobe ColdFusionColdFusion | Improper Input Validation (CWE-20)

critical
9.1
EPSS
1.06%
First published (updated )
CVE-2025-43560

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionColdFusion | Improper Access Control (CWE-284)

critical
9.1
EPSS
0.10%
First published (updated )
CVE-2025-43563

Adobe ColdFusionColdFusion | Incorrect Authorization (CWE-863)

critical
9.1
EPSS
0.35%
First published (updated )
CVE-2025-43561

Adobe Connect Enterprise ServerAdobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

critical
9.3
EPSS
0.10%
First published (updated )
CVE-2025-43567

OpenPubkeyAuthentication Bypass in OPKSSH

critical
9.3
EPSS
0.05%
First published (updated )
CVE-2025-4658

OpenPubkeyAuthentication Bypass in OpenPubKey

critical
9.3
First published (updated )
CVE-2025-3757

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Ivanti Neurons for ITSMAn authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 …

critical
9.8
Exploited
Zeroday
Trending
Week
First published (updated )
CVE-2025-22462

FortinetFortinet Multiple Products Stack-Based Buffer Overflow Vulnerability

critical
9.8
Exploited
Zeroday
First published (updated )
CVE-2025-32756

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-33025

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-33024

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-32469

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Siemens OZW672SQL Injection

critical
9.8
First published (updated )
CVE-2025-26390

Siemens OZW672OS Command Injection

critical
10
First published (updated )
CVE-2025-26389

DomainsPROSQL Injection in DomainsPRO

critical
9.3
First published (updated )
CVE-2025-40628

Bitnami Pgpool[pgpool] Unauthenticated access to postgres through pgpool

critical
9.4
First published (updated )
CVE-2025-22248

Microsoft Azure AI Document Intelligence StudioDocument Intelligence Studio On-Prem Elevation of Privilege Vulnerability

critical
9.8
First published (updated )
CVE-2025-30387

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203