Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2025-04-03 CVE-2025-3171 SQL Injection vulnerability in Projectworlds Online Lawyer Management System 1.0
A vulnerability classified as critical was found in Project Worlds Online Lawyer Management System 1.0.
network
low complexity
projectworlds CWE-89
critical
9.8
2025-04-03 CVE-2025-22457 Stack-based Buffer Overflow vulnerability in Ivanti products
A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.
network
low complexity
ivanti CWE-121
critical
9.8
2025-04-03 CVE-2025-3164 Code Injection vulnerability in Tencentmusic Supersonic
A vulnerability was found in Tencent Music Entertainment SuperSonic up to 0.9.8.
network
low complexity
tencentmusic CWE-94
critical
9.8
2025-04-03 CVE-2025-3140 SQL Injection vulnerability in Oretnom23 Online Medicine Ordering System 1.0
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2025-04-03 CVE-2025-3141 SQL Injection vulnerability in Oretnom23 Online Medicine Ordering System 1.0
A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2025-04-03 CVE-2025-3137 SQL Injection vulnerability in PHPgurukul Online Security Guards Hiring System 1.0
A vulnerability, which was classified as critical, was found in PHPGurukul Online Security Guards Hiring System 1.0.
network
low complexity
phpgurukul CWE-89
critical
9.8
2025-04-03 CVE-2025-3138 SQL Injection vulnerability in PHPgurukul Online Security Guards Hiring System 1.0
A vulnerability has been found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as critical.
network
low complexity
phpgurukul CWE-89
critical
9.8
2025-04-02 CVE-2025-3119 SQL Injection vulnerability in Oretnom23 Online Tutor Portal 1.0
A vulnerability was found in SourceCodester Online Tutor Portal 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2025-04-02 CVE-2025-3118 SQL Injection vulnerability in Oretnom23 Online Tutor Portal 1.0
A vulnerability was found in SourceCodester Online Tutor Portal 1.0.
network
low complexity
oretnom23 CWE-89
critical
9.8
2025-04-02 CVE-2025-2005 The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and including, 3.2.32.
network
low complexity
CWE-434
critical
9.8