Exploit Database

134,721 exploits tracked across all sources.

Sort: Activity Stars
CVE-2025-45150 WRITEUP CRITICAL
X-D LAB Langchain-chatglm-webui - Incorrect Permission Assignment
Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request.
CVSS 9.8
CVE-2025-45160 WRITEUP MEDIUM
Cacti <=1.2.29 - HTML Injection
A HTML injection vulnerability exists in the file upload functionality of Cacti <= 1.2.29. When a file with an invalid format is uploaded, the application reflects the submitted filename back into an error popup without proper sanitization. As a result, attackers can inject arbitrary HTML elements (e.g., <h1>, <b>, <svg>) into the rendered page. NOTE: Multiple third-parties including the maintainer have stated that they cannot reproduce this issue after 1.2.27.
CVSS 5.4
CVE-2025-45236 WRITEUP MEDIUM
Dbsyncer - XSS
A stored cross-site scripting (XSS) vulnerability in the Edit Profile feature of DBSyncer v2.0.6 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Nickname parameter.
CVSS 5.4
CVE-2025-45237 WRITEUP HIGH
Dbsyncer - Improper Access Control
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the encrypted password.
CVSS 7.5
CVE-2025-45242 WRITEUP HIGH
Rhymix v2.1.22 - File Deletion
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php.
CVSS 7.7
CVE-2025-45331 WRITEUP HIGH
Ricko Brplot - NULL Pointer Dereference
brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerability in the br_dagens_handle_once function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
CVSS 7.5
CVE-2025-45346 WRITEUP HIGH
Bacula-web < 9.7.1 - SQL Injection
SQL Injection vulnerability in Bacula-web before v.9.7.1 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request.
CVSS 8.1
CVE-2025-45406 WRITEUP MEDIUM
Codeigniter4 Framework - XSS
A stored cross-site scripting (XSS) vulnerability in CodeIgniter4 v4.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the debugbar_time parameter. NOTE: this is disputed by the Supplier because attackers cannot influence the value of debugbar_time, and because debugbar-related data is automatically escaped by the CodeIgniter Parser class.
CVSS 6.1
CVE-2025-45424 WRITEUP MEDIUM
Xinference < 1.4.0 - Improper Access Control
Incorrect access control in Xinference before v1.4.0 allows attackers to access the Web GUI without authentication.
CVSS 5.3
CVE-2025-45467 WRITEUP HIGH
Unitree Go1 Firmware - Incorrect Default Permissions
Unitree Go1 <= Go1_2022_05_11 is vulnerable to Insecure Permissions as the firmware update functionality (via Wi-Fi/Ethernet) implements an insecure verification mechanism that solely relies on MD5 checksums for firmware integrity validation.
CVSS 7.1
CVE-2025-45487 WRITEUP CRITICAL
Linksys E5600 Firmware - Command Injection
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.InternetConnection function.
CVSS 9.8
CVE-2025-45488 WRITEUP CRITICAL
Linksys E5600 Firmware - Command Injection
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the mailex parameter.
CVSS 9.8
CVE-2025-45489 WRITEUP CRITICAL
Linksys E5600 Firmware - Command Injection
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the hostname parameter.
CVSS 9.8
CVE-2025-45490 WRITEUP CRITICAL
Linksys E5600 Firmware - Command Injection
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
CVSS 9.8
CVE-2025-45491 WRITEUP CRITICAL
Linksys E5600 Firmware - Command Injection
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
CVSS 9.8
CVE-2025-45492 WRITEUP CRITICAL
Netgear Ex8000 Firmware - Command Injection
Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the Iface parameter in the action_wireless function.
CVSS 9.8
CVE-2025-45493 WRITEUP MEDIUM
Netgear Ex8000 Firmware - Command Injection
Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the iface parameter in the action_bandwidth function.
CVSS 6.5
CVE-2025-45512 WRITEUP MEDIUM
Denx U-boot - Command Injection
A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.
CVSS 6.5
CVE-2025-45512 WRITEUP MEDIUM
Denx U-boot - Command Injection
A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.
CVSS 6.5
CVE-2025-45529 WRITEUP HIGH
SSCMS 7.3.1 - Info Disclosure
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows attackers to read arbitrary files via sending a crafted GET request to /cms/templates/templatesAssetsEditor.
CVSS 7.1
CVE-2025-45766 WRITEUP HIGH
Poco - Broken Cryptographic Algorithm
poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.
CVSS 7.0
CVE-2025-45767 WRITEUP HIGH
jose v6.0.10 - Info Disclosure
jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim of "do not meet recommended security standards" does not reflect guidance in a final publication.
CVSS 7.0
CVE-2025-45767 WRITEUP HIGH
jose v6.0.10 - Info Disclosure
jose v6.0.10 was discovered to contain weak encryption. NOTE: this is disputed by a third party because the claim of "do not meet recommended security standards" does not reflect guidance in a final publication.
CVSS 7.0
CVE-2025-45768 WRITEUP HIGH
Pyjwt - Missing Encryption
pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library (admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement).
CVSS 7.0
CVE-2025-45769 WRITEUP MEDIUM
Google Firebase Php-jwt < 6.11.0 - Weak Encryption
php-jwt v6.11.0 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant to recommend an outcome for this CVE Record.
CVSS 6.5
By Source
All 134,721 Writeup 54,687 Exploitdb 50,186 Nomisec 21,443 Metasploit 3,228 Github 2,587 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,364 ruby 5,960 python 5,949 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24