Export limit exceeded: 343533 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343533 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343533 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343533 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24729 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function. | ||||
| CVE-2023-24731 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the query parameter in the user profile update function. | ||||
| CVE-2023-24728 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function. | ||||
| CVE-2023-24656 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function. | ||||
| CVE-2023-24364 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel. | ||||
| CVE-2023-24652 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function. | ||||
| CVE-2023-24653 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function. | ||||
| CVE-2023-24654 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 8.8 High |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function. | ||||
| CVE-2023-24655 | 1 Oretnom23 | 1 Simple Customer Relationship Management System | 2025-06-27 | 9.8 Critical |
| Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function. | ||||
| CVE-2024-57052 | 1 Youdiancms | 1 Youdiancms | 2025-06-27 | 9.8 Critical |
| An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file. | ||||
| CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34733 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In DevmemXIntMapPages of devicemem_server.c, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-34748 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In _DevmemXReservationPageAddress of devicemem_server.c, there is a possible use-after-free due to improper casting. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40649 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40651 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40669 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-40670 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In TBD of TBD, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-33844 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-27 | 5.5 Medium |
| A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash. | ||||
| CVE-2022-31650 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-27 | 5.5 Medium |
| In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a. | ||||
| CVE-2021-3643 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-27 | 9.1 Critical |
| A flaw was found in sox 14.4.1. The lsx_adpcm_init function within libsox leads to a global-buffer-overflow. This flaw allows an attacker to input a malicious file, leading to the disclosure of sensitive information. | ||||