Export limit exceeded: 342998 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342998 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-33150 | 1 Ibm | 2 Cognos Analytics, Cognos Analytics Certified Containers | 2025-12-12 | 5.3 Medium |
| IBM Cognos Analytics Certified Containers 12.1.0 could disclose package parameter information due to the presence of hidden pages. | ||||
| CVE-2025-60783 | 2 Rajvi-patel-22, Restaurant Management System | 2 Restaurant-management-system-dbms-project, Restaurant Management System | 2025-12-12 | 6.5 Medium |
| There is a SQL injection vulnerability in Restaurant Management System DBMS Project v1.0 via login.php. The vulnerability allows attackers to manipulate the application's database through specially crafted SQL query strings. | ||||
| CVE-2025-65271 | 1 Azuriom | 1 Azuriom | 2025-12-12 | 8.8 High |
| Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user to execute arbitrary template code in the context of an administrator's session. This can occur via plugins or dashboard components that render untrusted user input, potentially enabling privilege escalation to an administrative account. Fixed in Azuriom 1.2.7. | ||||
| CVE-2025-61075 | 1 Adata | 2 Mitarbeiter Portal, Mitarbeiterportal | 2025-12-12 | 8.1 High |
| Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users to carry out administrative functions and manipulate data of other users via unauthorized API calls. | ||||
| CVE-2025-65288 | 2 Mercury, Mercurycom | 3 Mr816v2, Mr816, Mr816 Firmware | 2025-12-12 | 6.5 Medium |
| A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames from LAN hosts without proper length validation. The affected code performs unchecked copies/concatenations into fixed-size buffers. A crafted long hostname can overflow the buffer, cause a crash (DoS) and potentially enabling remote code execution. | ||||
| CVE-2025-65289 | 2 Mercury, Mercurycom | 3 Mr816v2, Mr816, Mr816 Firmware | 2025-12-12 | 6.1 Medium |
| A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the context of an administrator's browser (for example after DHCP release/renew triggers the interface to display the stored hostname). Because the management interface uses weak/basic authentication and does not properly protect or isolate session material, the XSS can be used to exfiltrate the admin session and perform administrative actions. | ||||
| CVE-2025-63848 | 1 Swi-prolog | 2 Swi-prolog, Swish | 2025-12-12 | 6.1 Medium |
| Stored cross site scripting (xss) vulnerability in SWISH prolog thru 2.2.0 allowing attackers to execute arbitrary code via crafted web IDE notebook. | ||||
| CVE-2024-9453 | 2 Jenkins, Redhat | 3 Jenkins, Ocp Tools, Openshift Developer Tools And Services | 2025-12-12 | 6.5 Medium |
| A vulnerability was found in Red Hat OpenShift Jenkins. The bearer token is not obfuscated in the logs and potentially carries a high risk if those logs are centralized when collected. The token is typically valid for one year. This flaw allows a malicious user to jeopardize the environment if they have access to sensitive information. | ||||
| CVE-2025-62605 | 1 Joinmastodon | 1 Mastodon | 2025-12-12 | 4.3 Medium |
| Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon version 4.4, support for verifiable quote posts with quote controls was added, but it is possible for an attacker to bypass these controls in Mastodon versions prior to 4.4.8 and 4.5.0-beta.2. Mastodon internally treats reblogs as statuses. Since they were not special-treated, an attacker could reblog any post, then quote their reblog, technically quoting themselves, but having the quote feature a preview of the post they did not get authorization for with all of the affordances that would be otherwise denied by the quote controls. This issue has been patched in versions 4.4.8 and 4.5.0-beta.2. | ||||
| CVE-2025-65502 | 1 Cesanta | 1 Mongoose | 2025-12-12 | 4.3 Medium |
| Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL. | ||||
| CVE-2025-13372 | 1 Djangoproject | 1 Django | 2025-12-12 | 4.3 Medium |
| An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. `FilteredRelation` is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the `**kwargs` passed to `QuerySet.annotate()` or `QuerySet.alias()` on PostgreSQL. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Stackered for reporting this issue. | ||||
| CVE-2025-65897 | 2 Zdh Web Project, Zhaoyachao | 2 Zdh Web, Zdh Web | 2025-12-12 | 8.8 High |
| zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution. | ||||
| CVE-2025-65878 | 1 Yeqifu | 1 Warehouse Management System | 2025-12-12 | 7.5 High |
| The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint `/file/showImageByPath` does not sanitize user-controlled path parameters. An attacker could exploit directory traversal to read arbitrary files on the server's file system. This could lead to the leakage of sensitive system information. | ||||
| CVE-2025-65879 | 1 Yeqifu | 1 Warehouse Management System | 2025-12-12 | 8.1 High |
| Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a user-controlled goodsimg parameter, which is directly concatenated with the server's UPLOAD_PATH and passed to File.delete() without validation. A remote authenticated attacker can delete arbitrary files on the server by supplying directory traversal payloads. | ||||
| CVE-2025-14111 | 2 Google, Rarlab | 2 Android, Rar | 2025-12-12 | 5 Medium |
| A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: "This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected." | ||||
| CVE-2025-14139 | 1 Utt | 2 520w, 520w Firmware | 2025-12-12 | 5.7 Medium |
| A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Impacted is the function strcpy of the file /goform/formConfigDnsFilterGlobal. Such manipulation of the argument timeRangeName leads to buffer overflow. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14140 | 1 Utt | 2 520w, 520w Firmware | 2025-12-12 | 6.5 Medium |
| A vulnerability was detected in UTT 进取 520W 1.7.7-180627. The affected element is the function strcpy of the file /goform/websHostFilter. Performing manipulation of the argument addHostFilter results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-14224 | 1 Yottamaster | 6 Dm2, Dm200, Dm200 Firmware and 3 more | 2025-12-12 | 4.3 Medium |
| A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this issue is some unknown functionality of the component File Upload. Performing manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-59391 | 1 Libcoap | 1 Libcoap | 2025-12-12 | 6.5 Medium |
| A memory disclosure vulnerability exists in libcoap's OSCORE configuration parser in libcoap before release-4.3.5-patches. An out-of-bounds read may occur when parsing certain configuration values, allowing an attacker to infer or read memory beyond string boundaries in the .rodata section. This could potentially lead to information disclosure or denial of service. | ||||
| CVE-2025-65363 | 1 Ruijie | 2 Rg-ap720-l, Rg-ap720-l Firmware | 2025-12-12 | 7.2 High |
| Authenticated append-style command-injection Ruijie APs (AP_RGOS 11.1.x) allows an authenticated web user to execute appended shell expressions as root, enabling file disclosure, device disruption, and potential network pivoting via the command parameter to the web_action.do endpoint. | ||||