Export limit exceeded: 335023 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1638 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-34030 | 2025-12-23 | N/A | ||
| An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC. | ||||
| CVE-2025-34042 | 2025-12-23 | N/A | ||
| An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware version M2.1.6.04C014 via the ServerName and TimeZone parameters in the servetest CGI page. An attacker with access to the web interface can inject arbitrary system commands into these parameters, which are unsafely embedded into backend system calls without proper input sanitization. Successful exploitation results in remote code execution with root privileges. Exploitation evidence was observed by the Shadowserver Foundation on 2024-12-02 UTC. | ||||
| CVE-2024-5261 | 2 Libreoffice, The Document Foundation | 2 Libreoffice, Libreoffice | 2025-12-23 | 9.8 Critical |
| Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents. LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers. In affected versions of LibreOffice, when used in LibreOfficeKit mode only, then curl's TLS certification verification was disabled (CURLOPT_SSL_VERIFYPEER of false) In the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true. This issue affects LibreOffice before version 24.2.4. | ||||
| CVE-2025-35452 | 4 Multicam-systems, Ptzoptics, Smtav and 1 more | 121 Mcamii Ptz, Mcamii Ptz Firmware, Ndi Fixed Camera and 118 more | 2025-12-23 | 9.8 Critical |
| PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface. | ||||
| CVE-2025-66216 | 2 Ais-catcher Project, Aiscatcher | 2 Ais-catcher, Ais-catcher | 2025-12-23 | 9.8 Critical |
| AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been patched in version 0.64. | ||||
| CVE-2023-53951 | 1 Gauzy | 1 Ever Gauzy | 2025-12-23 | 9.8 Critical |
| Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions. | ||||
| CVE-2023-53950 | 1 Innovastudio | 1 Wysiwyg Editor | 2025-12-23 | 9.8 Critical |
| InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file upload vulnerability that allows attackers to bypass file extension restrictions through filename manipulation. Attackers can upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent upload controls in the asset manager. | ||||
| CVE-2023-53948 | 1 Cat03 | 1 Lilac-reloaded | 2025-12-23 | 9.8 Critical |
| Lilac-Reloaded for Nagios 2.0.8 contains a remote code execution vulnerability in the autodiscovery feature that allows attackers to inject arbitrary commands. Attackers can exploit the lack of input filtering in the nmap_binary parameter to execute a reverse shell by sending a crafted POST request to the autodiscovery endpoint. | ||||
| CVE-2025-15016 | 1 Ragic | 1 Enterprise Cloud Database | 2025-12-23 | 9.8 Critical |
| Enterprise Cloud Database developed by Ragic has a Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information and log into the system as any user. | ||||
| CVE-2025-11544 | 2025-12-23 | N/A | ||
| Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware. | ||||
| CVE-2025-11545 | 2025-12-23 | N/A | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions. | ||||
| CVE-2025-34392 | 2 Barracuda, Barracuda Networks | 2 Rmm, Rmm | 2025-12-23 | 9.8 Critical |
| Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload. | ||||
| CVE-2025-34393 | 2 Barracuda, Barracuda Networks | 2 Rmm, Rmm | 2025-12-23 | 9.8 Critical |
| Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or deserialization of untrusted types. | ||||
| CVE-2025-34394 | 2 Barracuda, Barracuda Networks | 2 Rmm, Rmm | 2025-12-23 | 9.8 Critical |
| Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution. | ||||
| CVE-2025-64310 | 2 Epson, Seiko Epson Corporation | 2 Webconfig, Web Config | 2025-12-23 | 9.8 Critical |
| EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack. | ||||
| CVE-2025-10351 | 1 Melistechnology | 1 Melis Platform | 2025-12-22 | N/A |
| SQL injection vulnerability based on the melis-cms module of the Melis platform from Melis Technology. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'idPage' parameter in the '/melis/MelisCms/PageEdition/getTinyTemplates' endpoint. | ||||
| CVE-2025-64721 | 2 Microsoft, Sandboxie-plus | 2 Windows, Sandboxie | 2025-12-22 | 10.0 Critical |
| Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. In versions 1.16.6 and below, the SYSTEM-level service SbieSvc.exe exposes SbieIniServer::RC4Crypt to sandboxed processes. The handler adds a fixed header size to a caller-controlled value_len without overflow checking. A large value_len (e.g., 0xFFFFFFF0) wraps the allocation size, causing a heap overflow when attacker data is copied into the undersized buffer. This allows sandboxed processes to execute arbitrary code as SYSTEM, fully compromising the host. This issue is fixed in version 1.16.7. | ||||
| CVE-2024-58307 | 1 Cszcms | 2 Csz Cms, Cszcms | 2025-12-22 | 8.8 High |
| CSZCMS 1.3.0 contains an authenticated SQL injection vulnerability in the members view functionality that allows authenticated attackers to manipulate database queries. Attackers can inject malicious SQL code through the view parameter to potentially execute time-based blind SQL injection attacks and extract database information. | ||||
| CVE-2025-10352 | 1 Melistechnology | 1 Melis Platform | 2025-12-22 | N/A |
| Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'. | ||||
| CVE-2025-25038 | 1 Minidvblinux | 1 Minidvblinux | 2025-12-22 | 9.8 Critical |
| An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system’s web-based management interface fails to properly sanitize user-supplied input before passing it to operating system commands. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary commands as the root user, potentially compromising the entire device. Exploitation evidence was observed by the Shadowserver Foundation on 2024-04-10 UTC. | ||||