Filter
-Infinity
0

Trending

Last week
Last month
Last year

Adobe ColdFusionColdFusion | Improper Input Validation (CWE-20)

critical
9.1
First published (updated )
CVE-2025-43559

Adobe ColdFusionColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

critical
9.1
First published (updated )
CVE-2025-43562

Adobe ColdFusionColdFusion | Incorrect Authorization (CWE-863)

critical
9.1
First published (updated )
CVE-2025-43564

Adobe ColdFusionColdFusion | Improper Input Validation (CWE-20)

critical
9.1
First published (updated )
CVE-2025-43560

Adobe ColdFusionColdFusion | Improper Access Control (CWE-284)

critical
9.1
First published (updated )
CVE-2025-43563

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionColdFusion | Incorrect Authorization (CWE-863)

critical
9.1
First published (updated )
CVE-2025-43561

Adobe Connect Enterprise ServerAdobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79)

critical
9.3
First published (updated )
CVE-2025-43567

OpenPubkeyAuthentication Bypass in OPKSSH

critical
9.3
First published (updated )
CVE-2025-4658

OpenPubkeyAuthentication Bypass in OpenPubKey

critical
9.3
First published (updated )
CVE-2025-3757

Ivanti Neurons for ITSMAn authentication bypass in Ivanti Neurons for ITSM (on-prem only) before 2023.4, 2024.2 and 2024.3 …

critical
9.8
Exploited
Zeroday
First published (updated )
CVE-2025-22462

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Fortinet FortiVoice EnterpriseBuffer Overflow

critical
9.8
Exploited
Zeroday
First published (updated )
CVE-2025-32756

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-33025

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-33024

Siemens RUGGEDCOM ROX MX5000Command Injection

critical
9.9
First published (updated )
CVE-2025-32469

Siemens OZW672SQL Injection

critical
9.8
First published (updated )
CVE-2025-26390

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Siemens OZW672OS Command Injection

critical
10
First published (updated )
CVE-2025-26389

DomainsPROSQL Injection in DomainsPRO

critical
9.3
First published (updated )
CVE-2025-40628

Bitnami Pgpool[pgpool] Unauthenticated access to postgres through pgpool

critical
9.4
First published (updated )
CVE-2025-22248

Microsoft Azure AI Document Intelligence StudioDocument Intelligence Studio On-Prem Elevation of Privilege Vulnerability

critical
9.8
First published (updated )
CVE-2025-30387

Samsung MagicInfo ServerPath Traversal

critical
9.8
EPSS
0.05%
First published (updated )
CVE-2025-4632

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SAP NetWeaver Visual ComposerInsecure Deserialization in SAP NetWeaver (Visual Composer development server)

critical
9.1
First published (updated )
CVE-2025-42999

FortiOSTACACS+ authentication bypass

critical
9
First published (updated )
CVE-2025-22252

FortiOSTACACS+ authentication bypass

critical
9
First published (updated )
FG-IR-24-472

NetAlertxCommand Injection

critical
10
First published (updated )
CVE-2024-46506

Totolink A3002r FirmwareCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2025-45858

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Unknown Billing SoftwareBilling Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi)

critical
9.8
First published (updated )
CVE-2023-49641

Digi One Sp Ia FirmwareImproper authentication handling for Digi PortServer TS; Digi One SP, SP IA, IA; Digi One IAP

critical
9.4
First published (updated )
CVE-2025-3659

Cozy Vision Technologies SMS Alert Order NotificationsWordPress SMS Alert Order Notifications – WooCommerce <= 3.8.2 - SQL Injection Vulnerability

critical
9.3
EPSS
0.03%
First published (updated )
CVE-2025-47682

Netvision ISOinsightNetvision ISOinsight - SQL Injection

critical
9.8
EPSS
0.08%
First published (updated )
CVE-2025-4559

WormHole Tech GPMWormHole Tech GPM - Unverified Password Change

critical
9.8
EPSS
0.08%
First published (updated )
CVE-2025-4558

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203