Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (83652 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2025-1161 1 Nomysost 1 Nomysem 2026-06-06 7.1 High
Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc. Nomysem allows Privilege Escalation. This issue affects Nomysem: through May 2025.
CVE-2025-1395 1 Codriapp 1 Heygarson 2026-06-06 8.2 High
Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing process but did not respond in any way.
CVE-2025-1469 2026-06-06 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers. This issue affects Eyotek: before 11.03.2025.
CVE-2025-1927 1 Restajet 1 Online Food Delivery System 2026-06-06 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Cross Site Request Forgery. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-1929 2026-06-06 7.2 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi Yazılımı: through 1.0.0.4.
CVE-2025-2155 2026-06-06 8.8 High
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion. This issue affects Specto CM: before 17032025.
CVE-2025-2307 2026-06-06 7.6 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Aidango allows Cross-Site Scripting (XSS). This issue affects Aidango: before 2.144.4.
CVE-2025-2405 2026-06-06 7.6 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Titarus allows Cross-Site Scripting (XSS). This issue affects Titarus: before 2.144.4.
CVE-2025-2406 2026-06-06 7.6 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Verisay Communication and Information Technology Industry and Trade Ltd. Co. Trizbi allows Cross-Site Scripting (XSS). This issue affects Trizbi: before 2.144.4.
CVE-2025-2411 1 Akinsoft 1 Taskpano 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano allows Authentication Bypass. This issue affects TaskPano: from s1.06.04 before v1.06.06.
CVE-2025-2412 1 Akinsoft 1 Qr Menu 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft QR Menu allows Authentication Bypass. This issue affects QR Menu: from s1.05.07 before v1.05.12.
CVE-2025-2413 1 Akinsoft 1 Prokuafor 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor allows Authentication Bypass. This issue affects ProKuafor: from s1.02.08 before v1.02.08.
CVE-2025-2414 1 Akinsoft 1 Octocloud 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass. This issue affects OctoCloud: from s1.09.03 before v1.11.01.
CVE-2026-21029 1 Samsung 2 Android, Mobile Devices 2026-06-06 7.8 High
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations.
CVE-2025-2415 1 Akinsoft 1 Myrezzta 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. This issue affects MyRezzta: from s2.03.01 before v2.05.01.
CVE-2025-2416 1 Akinsoft 1 Limondesk 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. This issue affects LimonDesk: from s1.02.14 before v1.02.17.
CVE-2025-2417 1 Akinsoft 1 E-mutabakat 2026-06-06 8.6 High
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat allows Authentication Bypass. This issue affects e-Mutabakat: from 2.02.06 before v2.02.06.
CVE-2026-11102 1 Google 1 Chrome 2026-06-06 8.8 High
Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: Medium)
CVE-2026-10968 2 Google, Microsoft 2 Chrome, Windows 2026-06-06 7.4 High
Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-21030 2 Samsung, Samsung Mobile 2 Android, Samsung Mobile Devices 2026-06-06 7.8 High
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.