Export limit exceeded: 355314 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355314 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33999 | 1 Redhat | 8 Enterprise Linux, Enterprise Linux Eus, Rhel Aus and 5 more | 2026-06-04 | 7.8 High |
| A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of service (DoS) or other severe impacts. | ||||
| CVE-2026-49077 | 2026-06-04 | 5.3 Medium | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2. | ||||
| CVE-2026-10800 | 1 Paddlepaddle | 1 Fastdeploy | 2026-06-04 | 3.6 Low |
| A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high complexity level is associated with this attack. The exploitation is known to be difficult. This patch is called 374945747652a8d32965591c0c01a00c88b7067f. Applying a patch is advised to resolve this issue. | ||||
| CVE-2025-62582 | 2 Delta Electronics, Deltaww | 2 Diaview, Diaview | 2026-06-04 | 8.1 High |
| Delta Electronics DIAView has multiple vulnerabilities. | ||||
| CVE-2025-62581 | 2 Delta Electronics, Deltaww | 2 Diaview, Diaview | 2026-06-04 | 9.8 Critical |
| Delta Electronics DIAView has multiple vulnerabilities. | ||||
| CVE-2026-46447 | 1 Openstack | 1 Ironic | 2026-06-04 | 5.8 Medium |
| OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info. | ||||
| CVE-2025-14349 | 2 Uni-yaz, Universal Software Inc. | 2 Flexcity, Flexcity/kiosk | 2026-06-04 | 8.8 High |
| Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. | ||||
| CVE-2025-11960 | 1 Aryom | 1 Kvknet | 2026-06-04 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryom Software High Technology Systems Inc. KVKNET allows Reflected XSS. This issue affects KVKNET: before 2.1.8. | ||||
| CVE-2025-11962 | 1 Divvydrive | 1 Digital Corporate Warehouse | 2026-06-04 | 7.3 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in DivvyDrive Information Technologies Inc. Digital Corporate Warehouse allows Stored XSS. This issue affects Digital Corporate Warehouse: before v.4.8.2.22. | ||||
| CVE-2025-11963 | 1 Saysis | 1 Starcities | 2026-06-04 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saysis Computer Systems Trade Ltd. Co. StarCities allows Reflected XSS. This issue affects StarCities: before 1.1.61. | ||||
| CVE-2025-12059 | 1 Logo Software Industry And Trade Inc. | 1 Logo J-platform | 2026-06-04 | 9.8 Critical |
| Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Logo Software Industry and Trade Inc. Logo j-Platform allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Logo j-Platform: from 3.29.6.4 before 3.34.8.9. | ||||
| CVE-2025-12504 | 1 Talentsoft | 1 Unis | 2026-06-04 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software UNIS allows SQL Injection. This issue affects UNIS: before 42321. | ||||
| CVE-2025-13002 | 2 Farktor, Farktor Software E-commerce Services Inc. | 2 E-commerce Package, E-commerce Package | 2026-06-04 | 8.2 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Cross-Site Scripting (XSS). This issue affects E-Commerce Package: through 27112025. | ||||
| CVE-2025-13003 | 1 Aksis Technology | 1 Axonboard | 2026-06-04 | 7.6 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc. AxOnboard allows Exploitation of Trusted Identifiers. This issue affects AxOnboard: from 3.2.0 before 3.3.0. | ||||
| CVE-2025-13004 | 2 Farktor, Farktor Software E-commerce Services Inc. | 2 E-commerce Package, E-commerce Package | 2026-06-04 | 6.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Farktor Software E-Commerce Services Inc. E-Commerce Package allows Manipulating User-Controlled Variables. This issue affects E-Commerce Package: through 27112025. | ||||
| CVE-2025-13124 | 1 Netiket | 1 Applylogic | 2026-06-04 | 7.6 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd. Co. ApplyLogic allows Exploitation of Trusted Identifiers. This issue affects ApplyLogic: through 01.12.2025. | ||||
| CVE-2025-13125 | 1 Im Park | 1 Dijidemi | 2026-06-04 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Trusted Identifiers. This issue affects DijiDemi: through 28.11.2025. | ||||
| CVE-2025-13127 | 2026-06-04 | 3.5 Low | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and External Trade Inc. GoldenHorn allows Cross-Site Scripting (XSS). This issue affects GoldenHorn: before 4.25.1121.1. | ||||
| CVE-2025-13129 | 1 Seneka | 1 Onaylarım | 2026-06-04 | 4.3 Medium |
| Improper Enforcement of Behavioral Workflow vulnerability in Seneka Software Hardware Information Technology Trade Contracting and Industry Ltd. Co. Onaylarım allows Functionality Misuse. This issue affects Onaylarım: from 25.09.26.01 through 18112025. | ||||
| CVE-2025-13183 | 2026-06-04 | 7.3 High | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hotech Software Inc. Otello allows Stored XSS. This issue affects Otello: from 2.4.0 before 2.4.4. | ||||