Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13257 | itsourcecode Inventory Management System index.php sql… |
itsourcecode |
Inventory Management System |
2025-11-17T01:32:06.953Z | 2025-11-17T18:25:07.056Z | |
| cve-2025-24990 | 7.8 (v3.1) | Windows Agere Modem Driver Elevation of Privilege Vuln… |
Microsoft |
Windows 11 Version 25H2 |
2025-10-14T17:00:10.973Z | 2025-11-17T18:23:26.456Z |
| cve-2025-34287 | 8.4 (v4.0) | Nagios XI < 2024R2 Privilege Escalation via process_pe… |
Nagios |
XI |
2025-10-30T21:39:43.482Z | 2025-11-17T18:21:51.502Z |
| cve-2025-34286 | 9.4 (v4.0) | Nagios XI < 2026R1 RCE via Run Check Command in CCM |
Nagios |
XI |
2025-10-30T21:42:44.052Z | 2025-11-17T18:21:51.338Z |
| cve-2025-34284 | 9.4 (v4.0) | Nagios XI < 2024R2 Authenticated Command Injection via… |
Nagios |
XI |
2025-10-30T21:30:19.179Z | 2025-11-17T18:21:51.157Z |
| cve-2025-34283 | 7.1 (v4.0) | Nagios XI < 2024R1.4.2 API Key Disclosure via Neptune Themes |
Nagios |
XI |
2025-10-30T21:29:37.293Z | 2025-11-17T18:21:50.983Z |
| cve-2025-34227 | 8.6 (v4.0) | Nagios XI < 2026R1 Configuration Wizard Authenticated … |
Nagios |
Nagios XI |
2025-09-25T17:08:52.921Z | 2025-11-17T18:21:50.807Z |
| cve-2025-34135 | 5.1 (v4.0) | Nagios XI < 2024R1.4.2 Overly Permissive Permissions o… |
Nagios |
XI |
2025-10-30T21:39:22.649Z | 2025-11-17T18:21:50.638Z |
| cve-2025-34134 | 9.4 (v4.0) | Nagios XI < 2024R1.4.2 RCE via Business Process Intell… |
Nagios |
XI |
2025-10-30T21:41:58.188Z | 2025-11-17T18:21:50.474Z |
| cve-2024-14009 | 9.4 (v4.0) | Nagios XI < 2024R1.0.1 Privilege Escalation via System… |
Nagios |
XI |
2025-10-30T21:41:13.594Z | 2025-11-17T18:21:50.296Z |
| cve-2024-14008 | 9.4 (v4.0) | Nagios XI < 2024R1.3.2 RCE via WinRM Configuration Wizard |
Nagios |
XI |
2025-10-30T21:43:07.355Z | 2025-11-17T18:21:50.058Z |
| cve-2024-14006 | 8.8 (v4.0) | Nagios XI < 2024R1.2.2 Host Header Injection |
Nagios |
XI |
2025-10-30T21:38:42.351Z | 2025-11-17T18:21:49.793Z |
| cve-2024-14005 | 9.4 (v4.0) | Nagios XI < 2024R1.2 Command Injection via Docker Wizard |
Nagios |
XI |
2025-10-30T21:37:28.667Z | 2025-11-17T18:21:49.431Z |
| cve-2024-14004 | 8.7 (v4.0) | Nagios XI < 2024R1.2 Privilege Escalation via NagVis C… |
Nagios |
XI |
2025-10-30T21:40:51.523Z | 2025-11-17T18:21:49.174Z |
| cve-2024-14003 | 9.4 (v4.0) | Nagios XI < 2024R1.2 RCE via NRDP Server Plugins |
Nagios |
XI |
2025-10-30T21:42:19.225Z | 2025-11-17T18:21:48.995Z |
| cve-2024-14002 | 7.1 (v4.0) | Nagios XI < 2024R1.1.4 Authenticated Local File Inclus… |
Nagios |
XI |
2025-10-30T21:30:39.691Z | 2025-11-17T18:21:48.806Z |
| cve-2024-14001 | 5.1 (v4.0) | Nagios XI < 2024R1.1.3 XSS via Executive Summary Report |
Nagios |
XI |
2025-10-30T21:52:13.095Z | 2025-11-17T18:21:48.632Z |
| cve-2024-14000 | 5.1 (v4.0) | Nagios XI < 2024R1.1.3 XSS via Capacity Planning Report |
Nagios |
XI |
2025-10-30T21:51:02.400Z | 2025-11-17T18:21:48.461Z |
| cve-2024-13998 | 6 (v4.0) | Nagios XI < 2024R1.1.3 API Keys & Hashed Passwords Aut… |
Nagios |
XI |
2025-11-03T21:53:51.223Z | 2025-11-17T18:21:48.252Z |
| cve-2024-13997 | 9.4 (v4.0) | Nagios XI < 2024R1.1.3 Privilege Escalation via Migrat… |
Nagios |
XI |
2025-11-03T21:55:48.197Z | 2025-11-17T18:21:47.934Z |
| cve-2024-13996 | 9.2 (v4.0) | Nagios XI < 2024R1.1.3 Session Not Invalidated After P… |
Nagios |
XI |
2025-10-30T21:44:26.053Z | 2025-11-17T18:21:47.755Z |
| cve-2024-13995 | 7.1 (v4.0) | Nagios XI < 2024R1.1.2 API Keys & Hashed Passwords Aut… |
Nagios |
XI |
2025-10-30T21:29:55.745Z | 2025-11-17T18:21:47.489Z |
| cve-2024-13994 | 8.7 (v4.0) | Nagios XI < 2024R1.1.2 Allow Insecure Logins Missing A… |
Nagios |
XI |
2025-10-30T21:29:17.240Z | 2025-11-17T18:21:47.324Z |
| cve-2024-13993 | 5.1 (v4.0) | Nagios XI < 2024R1.1.2 Reflected XSS via Login Page on… |
Nagios |
XI |
2025-10-30T21:43:55.640Z | 2025-11-17T18:21:47.166Z |
| cve-2024-13992 | 5.1 (v4.0) | Nagios XI < 2024R1.1 XSS via Missing Page / 404 |
Nagios |
XI |
2025-10-31T12:35:56.137Z | 2025-11-17T18:21:46.964Z |
| cve-2024-13986 | 8.7 (v4.0) | Nagios XI < 2024R1.3.2 Authenticated Arbitrary File Up… |
Nagios |
Nagios XI |
2025-08-28T15:49:46.119Z | 2025-11-17T18:21:46.809Z |
| cve-2023-7318 | 5.1 (v4.0) | Nagios XI < 2024R1.0.2 XSS via Core Command Expansion |
Nagios |
XI |
2025-10-30T21:51:25.049Z | 2025-11-17T18:21:46.618Z |
| cve-2023-7317 | 9.4 (v4.0) | Nagios XI < 2024R1 Web SSH Terminal Missing Access Control |
Nagios |
XI |
2025-10-30T21:47:19.903Z | 2025-11-17T18:21:46.464Z |
| cve-2023-7316 | 5.1 (v4.0) | Nagios XI < 2024R1 XSS via Graph Explorer |
Nagios |
XI |
2025-10-30T21:52:58.088Z | 2025-11-17T18:21:46.276Z |
| cve-2023-7315 | 5.1 (v4.0) | Nagios XI < 5.11.3 XSS via Graph Explorer |
Nagios |
XI |
2025-10-30T21:52:33.775Z | 2025-11-17T18:21:46.100Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2023-000087 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS) | 2023-08-24T14:12+09:00 | 2024-05-15T17:12+09:00 |
| jvndb-2023-000104 | Improper restriction of XML external entity references (XXE) in Proself | 2023-10-18T18:00+09:00 | 2024-05-15T17:08+09:00 |
| jvndb-2014-000006 | EC-CUBE vulnerable to authorization bypass | 2014-01-22T15:28+09:00 | 2024-05-15T14:59+09:00 |
| jvndb-2023-000091 | Multiple vulnerabilities in F-RevoCRM | 2023-09-05T15:51+09:00 | 2024-05-14T18:06+09:00 |
| jvndb-2023-000089 | Multiple vulnerabilities in i-PRO VI Web Client | 2023-08-31T14:13+09:00 | 2024-05-14T18:05+09:00 |
| jvndb-2023-000088 | Multiple vulnerabilities in SHIRASAGI | 2023-09-04T13:41+09:00 | 2024-05-14T17:58+09:00 |
| jvndb-2014-000123 | GIGAPOD vulnerable to denial-of-service (DoS) | 2014-10-16T13:51+09:00 | 2024-05-13T18:10+09:00 |
| jvndb-2024-002342 | Central Dogma vulnerable to cross-site scripting | 2024-05-13T17:27+09:00 | 2024-05-13T17:27+09:00 |
| jvndb-2024-000047 | Multiple vulnerabilities in Cybozu Garoon | 2024-05-13T15:19+09:00 | 2024-05-13T15:19+09:00 |
| jvndb-2023-003956 | Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Designer | 2023-10-24T16:11+09:00 | 2024-05-10T17:47+09:00 |
| jvndb-2023-000105 | Movable Type vulnerable to cross-site scripting | 2023-10-25T15:18+09:00 | 2024-05-10T17:47+09:00 |
| jvndb-2024-000045 | "OfferBox" App uses a hard-coded secret key | 2024-05-10T15:11+09:00 | 2024-05-10T15:11+09:00 |
| jvndb-2024-003181 | Hidden Functionality vulnerability in DT900 | 2024-05-10T13:59+09:00 | 2024-05-10T13:59+09:00 |
| jvndb-2024-000048 | Phormer vulnerable to cross-site scripting | 2024-05-10T13:48+09:00 | 2024-05-10T13:48+09:00 |
| jvndb-2023-003721 | Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution | 2023-09-20T13:58+09:00 | 2024-05-09T18:22+09:00 |
| jvndb-2015-000040 | LINE vulnerable to script injection | 2015-03-20T16:16+09:00 | 2024-05-09T18:15+09:00 |
| jvndb-2015-000095 | LINE@ vulnerable to script injection | 2015-07-10T14:50+09:00 | 2024-05-09T18:05+09:00 |
| jvndb-2023-000116 | Redmine vulnerable to cross-site scripting | 2023-11-17T14:32+09:00 | 2024-05-09T17:55+09:00 |
| jvndb-2023-000107 | EC-CUBE 3 series and 4 series vulnerable to arbitrary code execution | 2023-11-07T13:47+09:00 | 2024-05-09T17:17+09:00 |
| jvndb-2024-000043 | Multiple vulnerabilities in MosP kintai kanri | 2024-05-09T14:10+09:00 | 2024-05-09T14:10+09:00 |
| jvndb-2023-000111 | Remarshal unlimitedly expanding YAML alias nodes | 2023-11-10T14:41+09:00 | 2024-05-08T17:53+09:00 |
| jvndb-2024-000044 | WordPress Plugin "Heateor Social Login WordPress" vulnerable to cross-site scripting | 2024-05-08T13:43+09:00 | 2024-05-08T13:43+09:00 |
| jvndb-2024-003178 | Trend Micro Maximum Security vulnerable to improper link resolution (CVE-2024-32849) | 2024-05-08T10:19+09:00 | 2024-05-08T10:19+09:00 |
| jvndb-2023-002725 | Multiple vulnerabilities in Command Center RX (CCRX) of Kyocera Document Solutions MFPs and printers | 2023-07-28T18:24+09:00 | 2024-05-07T18:15+09:00 |
| jvndb-2023-000108 | Inkdrop vulnerable to code injection | 2023-10-30T13:48+09:00 | 2024-05-07T16:09+09:00 |
| jvndb-2023-000106 | Multiple vulnerabilities in baserCMS | 2023-10-27T14:46+09:00 | 2024-05-07T15:59+09:00 |
| jvndb-2023-000109 | Cybozu Remote Service vulnerable to uncontrolled resource consumption | 2023-10-31T13:43+09:00 | 2024-05-07T15:51+09:00 |
| jvndb-2023-004919 | FUJIFILM Business Innovation Corp. and Xerox Corporation MFPs export Address Books with insufficient encryption strength | 2023-11-02T17:21+09:00 | 2024-05-07T15:25+09:00 |
| jvndb-2023-000114 | Multiple vulnerabilities in Cisco Firepower Management Center Software | 2023-11-13T14:01+09:00 | 2024-05-07T15:07+09:00 |
| jvndb-2023-000060 | Multiple vulnerabilities in Pleasanter | 2023-06-22T15:49+09:00 | 2024-05-07T14:10+09:00 |