Export limit exceeded: 334946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10810 | 1 Campcodes | 1 Online Learning Management System | 2025-09-25 | 7.3 High |
| A vulnerability was detected in Campcodes Online Learning Management System 1.0. The impacted element is an unknown function of the file /admin/edit_user.php. Performing manipulation of the argument firstname results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2025-10811 | 2 Angeljudesuarez, Code-projects | 2 Hostel Management System, Hotel Management System | 2025-09-25 | 7.3 High |
| A flaw has been found in code-projects Hostel Management System 1.0. This affects an unknown function of the file /justines/admin/mod_comments/index.php?view=view. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2025-53910 | 1 Mattermost | 2 Confluence, Mattermost | 2025-09-25 | 4 Medium |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint. | ||||
| CVE-2025-53857 | 1 Mattermost | 2 Confluence, Mattermost | 2025-09-25 | 3.7 Low |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint. | ||||
| CVE-2025-53514 | 1 Mattermost | 2 Confluence, Mattermost | 2025-09-25 | 5.9 Medium |
| Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body. | ||||
| CVE-2025-48731 | 1 Mattermost | 2 Confluence, Mattermost | 2025-09-25 | 6.4 Medium |
| Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have access for via edit subscription endpoint. | ||||
| CVE-2025-44004 | 1 Mattermost | 2 Confluence, Mattermost | 2025-09-25 | 7.2 High |
| Mattermost Confluence Plugin version <1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint. | ||||
| CVE-2025-1277 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-09-25 | 7.8 High |
| A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-1656 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-09-25 | 7.8 High |
| A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-1273 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-09-25 | 7.8 High |
| A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-7675 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2025-09-25 | 7.8 High |
| A maliciously crafted 3DM file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-5043 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2025-09-25 | 7.8 High |
| A maliciously crafted 3DM file, when linked or imported into certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-5038 | 1 Autodesk | 17 3ds Max, Advance Steel, Autocad and 14 more | 2025-09-25 | 7.8 High |
| A maliciously crafted X_T file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-47328 | 1 Qualcomm | 135 Fastconnect 7800, Fastconnect 7800 Firmware, Immersive Home 3210 Platform and 132 more | 2025-09-25 | 7.5 High |
| Transient DOS while processing power control requests with invalid antenna or stream values. | ||||
| CVE-2025-47326 | 1 Qualcomm | 241 Ar8035, Ar8035 Firmware, Csr8811 and 238 more | 2025-09-25 | 7.5 High |
| Transient DOS while handling command data during power control processing. | ||||
| CVE-2025-1274 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2025-09-25 | 7.8 High |
| A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-47327 | 1 Qualcomm | 83 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 80 more | 2025-09-25 | 7.8 High |
| Memory corruption while encoding the image data. | ||||
| CVE-2025-47329 | 2 Google, Qualcomm | 78 Android, Fastconnect 7800, Fastconnect 7800 Firmware and 75 more | 2025-09-25 | 7.8 High |
| Memory corruption while handling invalid inputs in application info setup. | ||||
| CVE-2025-5048 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-09-25 | 7.8 High |
| A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-5047 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-09-25 | 7.8 High |
| A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||