Browse CVEs
7,911 high risk vulnerabilities
| CVE ID | Title | Severity | CVSS | Risk | Patch | Published |
|---|---|---|---|---|---|---|
| CVE-2025-0133 | A reflected cross-site scripting (XSS) vulnerability in t... | Unknown | - | High Risk | 14-May-25 | |
| CVE-2025-4632 | Improper limitation of a pathname to a restricted directo... | Critical | 9.8 | High Risk | Patched | 13-May-25 |
| CVE-2025-46721 | nosurf is cross-site request forgery (CSRF) protection mi... | Medium | 6.1 | High Risk | Patched | 13-May-25 |
| CVE-2025-4427 | An authentication bypass in the API component of Ivanti E... | Medium | 5.3 | High Risk | 13-May-25 | |
| CVE-2025-44039 | CP-XR-DE21-S -4G Router Firmware version 1.031.022 was di... | Medium | 5.1 | High Risk | 13-May-25 | |
| CVE-2025-3605 | The Frontend Login and Registration Blocks plugin for Wor... | Critical | 9.8 | High Risk | 09-May-25 | |
| CVE-2025-28074 | phpList before 3.6.15 is vulnerable to Cross-Site Scripti... | Medium | 6.1 | High Risk | Patched | 08-May-25 |
| CVE-2025-28073 | phpList before 3.6.15 is vulnerable to Reflected Cross-Si... | Medium | 6.1 | High Risk | Patched | 08-May-25 |
| CVE-2025-32873 | An issue was discovered in Django 4.2 before 4.2.21, 5.1 ... | Medium | 5.3 | High Risk | Patched | 08-May-25 |
| CVE-2025-47729 | The TeleMessage archiving backend through 2025-05-05 hold... | Low | 1.9 | High Risk | 08-May-25 |