Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.

CVEs published

Track vulnerabilities that matter to your stack

Personalized alerts, dashboards, and weekly digests – free.

Trending Now

Critical Watch

Attack Technique Trend

Prediction based on ZDI Disclosures & CVE data · 30 days

Analytics

Vendor Today – Quick Filter

Techniques

results

Sort:

Base Score

Vector String

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

Integrity (I)

Availability (A)

0 | 3.9| 6.9| 8.9| 10

NONE LOW MEDIUM HIGH CRITICAL

CVSS Filter – CVEs match

No CVEs match the selected criteria

Browse older vulnerabilities in Archive

Live Feed auto-refresh 60s

Vulnerability Intelligence — January 05, 2025

28 CVEs tracked today. 0 Critical, 0 High, 27 Medium, 0 Low.

CVE-2025-0233 MEDIUM CVSS 6.9
A vulnerability was found in Codezips Project Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Project Management System
CVE-2025-0232 MEDIUM CVSS 5.3
A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Blood Bank Management System
CVE-2025-0231 MEDIUM CVSS 5.3
A vulnerability has been found in Codezips Gym Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gym Management System
CVE-2025-0230 MEDIUM CVSS 5.3
A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel Site 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Responsive Hotel Site
CVE-2025-0229 MEDIUM CVSS 5.3
A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Travel Management System
CVE-2025-0228 MEDIUM CVSS 5.1
A vulnerability has been found in code-projects Local Storage Todo App 1.0 and classified as problematic. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Local Storage Todo App
CVE-2025-0227 MEDIUM CVSS 5.3
A vulnerability, which was classified as problematic, was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure
CVE-2025-0226 MEDIUM CVSS 5.3
A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure
CVE-2025-0225 MEDIUM CVSS 5.3
A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal
CVE-2025-0224 MEDIUM CVSS 6.9
A vulnerability was found in Provision-ISR SH-4050A-2, SH-4100A-2L(MM), SH-8100A-2L(MM), SH-16200A-2(1U), SH-16200A-5(1U) and NVR5-8200PX up to 20241220. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
CVE-2025-0223 MEDIUM CVSS 6.8
A vulnerability was found in IObit Protected Folder up to 13.6.0.5. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Protected Folder
CVE-2025-0222 MEDIUM CVSS 6.8
A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic.sys of the component IOCTL Handler. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Protected Folder
CVE-2025-0221 MEDIUM CVSS 6.8
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Protected Folder
CVE-2025-0220 MEDIUM CVSS 5.1
A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
CVE-2025-0219 MEDIUM CVSS 5.1
A vulnerability, which was classified as problematic, has been found in Trimble SPS851 488.01. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
CVE-2024-13142 MEDIUM CVSS 5.1
A vulnerability was found in ZeroWdd studentmanager 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java XSS Studentmanager
CVE-2024-13141 MEDIUM CVSS 5.3
A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload XSS Lightpicture
CVE-2024-13140 MEDIUM CVSS 5.3
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emlog
CVE-2024-13139 MEDIUM CVSS 5.3
A vulnerability was found in wangl1989 mysiteforme 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java SSRF Mysiteforme
CVE-2024-13138 MEDIUM CVSS 5.1
A vulnerability was found in wangl1989 mysiteforme 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Authentication Bypass Java Mysiteforme
CVE-2024-13137 MEDIUM CVSS 5.1
A vulnerability was found in wangl1989 mysiteforme 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Java XSS Mysiteforme
CVE-2024-13136 MEDIUM CVSS 5.3
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization Java Mysiteforme
CVE-2024-13135 MEDIUM CVSS 5.3
A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emlog
CVE-2024-13134 MEDIUM CVSS 5.3
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Authentication Bypass Java Studentmanager
CVE-2024-13133 MEDIUM CVSS 5.3
A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Authentication Bypass Java Studentmanager
CVE-2024-13132 MEDIUM CVSS 5.3
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emlog
CVE-2024-13130 MEDIUM CVSS 5.3
A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dahua Path Traversal
CVE-2024-13131 None
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.

Information Disclosure

Today's Vulnerabilities Vulnerabilities