Critical
|
16 Apr 2025 |
16 Apr 2025 |
CPAI-2024-1587
|
|
CVE-2024-24767
|
IceWhale CasaOS Brute Force Login Attempt (CVE-2024-24767)
|
Medium
|
16 Apr 2025 |
16 Apr 2025 |
CPAI-2019-3273
|
|
CVE-2019-13068
|
Grafana Cross-Site Scripting (CVE-2019-13068)
|
Critical
|
16 Apr 2025 |
16 Apr 2025 |
CPAI-2024-1590
|
|
CVE-2024-48307
|
JeecgBoot SQL Injection (CVE-2024-48307)
|
Critical
|
6 Feb 2025 |
16 Apr 2025 |
CPAI-2024-1321
|
|
CVE-2018-3760 CVE-2021-25864 CVE-2024-48914 CVE-2025-2264
|
Static Files Folders Directory Traversal (CVE-2018-3760; CVE-2021-25864; CVE-2024-48914; CVE-2025-2264)
|
High
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2025-0193
|
|
CVE-2025-3102
|
WordPress OttoKit Plugin Authentication Bypass (CVE-2025-3102)
|
Critical
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1591
|
|
CVE-2024-48887
|
Fortinet FortiSwitch Authentication Bypass (CVE-2024-48887)
|
High
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2023-2028
|
|
CVE-2023-22952
|
SugarCRM Code Injection (CVE-2023-22952)
|
Critical
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1581
|
|
CVE-2024-47908
|
Ivanti Cloud Services Appliance Command Injection (CVE-2024-47908)
|
High
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1577
|
|
CVE-2024-54146
|
Cacti SQL Injection (CVE-2024-54146)
|
Medium
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1575
|
|
CVE-2024-55963
|
Appsmith Improper Access Control (CVE-2024-55963)
|
High
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1573
|
|
CVE-2024-23334
|
Aiohttp Directory Traversal (CVE-2024-23334)
|
High
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2023-2026
|
|
CVE-2023-24709
|
Paradox IPR512 Denial of Service (CVE-2023-24709)
|
Medium
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1571
|
|
CVE-2024-34781
|
Ivanti Endpoint Manager SQL Injection (CVE-2024-34781)
|
Critical
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1570
|
|
CVE-2024-39205
|
Python pyLoad-ng Package Remote Code Execution (CVE-2024-39205)
|
Critical
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2025-0164
|
|
CVE-2025-22954
|
Koha SQL Injection (CVE-2025-22954)
|
Critical
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2025-0125
|
|
|
Sensitive Configuration File Disclosure
|
Medium
|
15 Apr 2025 |
15 Apr 2025 |
CPAI-2024-1472
|
|
CVE-2024-3274
|
D-Link DNS Series Information Disclosure (CVE-2024-3274)
|
Critical
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2025-0191
|
|
CVE-2025-3248
|
Langflow Remote Code Execution (CVE-2025-3248)
|
Medium
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2019-3272
|
|
CVE-2019-6842 CVE-2019-6843 CVE-2019-6844
|
Schneider-Electric Modicon Denial of Service (CVE-2019-6842; CVE-2019-6843; CVE-2019-6844)
|
High
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2019-3271
|
|
CVE-2019-6848
|
Schneider Electric Modicon Denial of Service (CVE-2019-6848)
|
Critical
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2025-0190
|
|
CVE-2025-2620
|
D-Link DAP-1620 Buffer Overflow (CVE-2025-2620)
|
Critical
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2017-1955
|
|
CVE-2017-6026
|
Schneider Electric Modicon Remote Code Execution (CVE-2017-6026)
|
Medium
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2019-3270
|
|
CVE-2019-6841
|
Schneider Electric Modicon Denial of Service (CVE-2019-6841)
|
Critical
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2025-0171
|
|
CVE-2025-25579
|
TOTOLINK A3002R Command Injection (CVE-2025-25579)
|
High
|
14 Apr 2025 |
14 Apr 2025 |
CPAI-2023-2023
|
|
CVE-2023-27159
|
Appwrite Server-Side Request Forgery (CVE-2023-27159)
|
High
|
20 Mar 2025 |
14 Apr 2025 |
CPAI-2025-0098
|
|
CVE-2025-0411
|
7-Zip Remote Code Execution (CVE-2025-0411)
|
Critical
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2024-1582
|
|
CVE-2024-45488
|
One Identity SafeGuard for Privileged Passwords Authentication Bypass (CVE-2024-45488)
|
Critical
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2025-0174
|
|
CVE-2025-2945
|
PostgreSQL pgAdmin Remote Code Execution (CVE-2025-2945)
|
High
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2019-3269
|
|
CVE-2019-6851
|
Schneider-Electric Modicon Information Disclosure (CVE-2019-6851)
|
Medium
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2024-1572
|
|
CVE-2024-11716
|
CTFd Privilege Escalation (CVE-2024-11716)
|
Critical
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2018-2910
|
|
CVE-2018-7842
|
Schneider-Electric Modicon Privilege Escalation (CVE-2018-7842)
|
Medium
|
10 Apr 2025 |
10 Apr 2025 |
CPAI-2020-4289
|
|
CVE-2020-2230
|
Jenkins Cross-Site Scripting (CVE-2020-2230)
|
Medium
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0188
|
Adobe APSB25-15
|
CVE-2025-30294
|
Adobe ColdFusion Improper Input Validation (APSB25-15: CVE-2025-30294)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0187
|
Adobe APSB25-15
|
CVE-2025-30285
|
Adobe ColdFusion Deserialization of Untrusted Data (APSB25-15: CVE-2025-30285)
|
Medium
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0186
|
Adobe APSB25-15
|
CVE-2025-30292
|
Adobe ColdFusion Cross-Site Scripting (APSB25-15: CVE-2025-30292)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0185
|
Adobe APSB25-15
|
CVE-2025-30290
|
Adobe ColdFusion Directory Traversal (APSB25-15: CVE-2025-30290)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0183
|
Adobe APSB25-15
|
CVE-2025-30289
|
Adobe ColdFusion Command Injection (APSB25-15: CVE-2025-30289)
|
High
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0182
|
Adobe APSB25-15
|
CVE-2025-30287
|
Adobe ColdFusion Improper Authentication (APSB25-15: CVE-2025-30287)
|
Critical
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2025-0181
|
Adobe APSB25-15
|
CVE-2025-30281
|
Adobe ColdFusion Improper Access Control (APSB25-15: CVE-2025-30281)
|
Critical
|
9 Apr 2025 |
9 Apr 2025 |
CPAI-2024-1545
|
|
CVE-2024-5753 CVE-2024-5827
|
Vanna.AI SQL Injection (CVE-2024-5753; CVE-2024-5827)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0179
|
Microsoft CVE-2025-26670
|
CVE-2025-26670
|
Microsoft Lightweight Directory Access Protocol Client Remote Code Execution (CVE-2025-26670)
|
High
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0178
|
Microsoft CVE-2025-27480
|
CVE-2025-27480
|
Windows Remote Desktop Services Remote Code Execution Vulnerability (CVE-2025-27480)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2025-0173
|
Microsoft CVE-2025-29793
|
CVE-2025-29793
|
Microsoft SharePoint Remote Code Execution (CVE-2025-29793)
|
Critical
|
11 Feb 2025 |
8 Apr 2025 |
CPAI-2025-0030
|
Microsoft CVE-2025-21400
|
CVE-2025-21400 CVE-2025-29794
|
Microsoft SharePoint Remote Code Execution (CVE-2025-21400; CVE-2025-29794)
|
High
|
14 Jan 2025 |
8 Apr 2025 |
CPAI-2025-0003
|
Microsoft CVE-2025-21309
|
CVE-2025-21309 CVE-2025-24035 CVE-2025-24045 CVE-2025-27482
|
Microsoft Windows Remote Desktop Services Remote Code Execution (CVE-2025-21309; CVE-2025-24035; CVE-2025-24045; CVE-2025-27482)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2024-1564
|
|
CVE-2024-39907
|
FIT2CLOUD 1Panel SQL Injection (CVE-2024-39907)
|
Critical
|
31 Mar 2025 |
8 Apr 2025 |
CPAI-2025-0141
|
|
CVE-2025-2825 CVE-2025-31161
|
CrushFTP Authentication Bypass (CVE-2025-2825; CVE-2025-31161)
|
Medium
|
31 Mar 2025 |
8 Apr 2025 |
CPAI-2025-0113
|
|
CVE-2025-27218
|
Sitecore Insecure Deserialization (CVE-2025-27218)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2024-1515
|
|
CVE-2024-43919
|
WordPress YARPP Plugin Authentication Bypass (CVE-2024-43919)
|
Critical
|
8 Apr 2025 |
8 Apr 2025 |
CPAI-2023-2015
|
|
CVE-2023-51092
|
Tenda M3 Stack Overflow (CVE-2023-51092)
|