Export limit exceeded: 338086 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10208 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28109 | 1 Play-with-docker | 1 Play With Docker | 2025-02-25 | 6.5 Medium |
| Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking. Because CORS configuration was not correct, an attacker could use `play-with-docker.com` as an example and set the origin header in an http request as `evil-play-with-docker.com`. The domain would echo in response header, which successfully bypassed the CORS policy and retrieved basic user information. This issue has been fixed in commit ed82247c9ab7990ad76ec2bf1498c2b2830b6f1a. There are no known workarounds. | ||||
| CVE-2023-28425 | 1 Redis | 1 Redis | 2025-02-25 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. | ||||
| CVE-2023-28431 | 1 Parity | 1 Frontier | 2025-02-25 | 7.5 High |
| Frontier is an Ethereum compatibility layer for Substrate. Frontier's `modexp` precompile uses `num-bigint` crate under the hood. In the implementation prior to pull request 1017, the cases for modulus being even and modulus being odd are treated separately. Odd modulus uses the fast Montgomery multiplication, and even modulus uses the slow plain power algorithm. This gas cost discrepancy was not accounted for in the `modexp` precompile, leading to possible denial of service attacks. No fixes for `num-bigint` are currently available, and thus this issue is fixed in the short term by raising the gas costs for even modulus, and in the long term fixing it in `num-bigint` or switching to another modexp implementation. The short-term fix for Frontier is deployed at pull request 1017. There are no known workarounds aside from applying the fix. | ||||
| CVE-2023-28433 | 1 Minio | 1 Minio | 2025-02-25 | 8.8 High |
| Minio is a Multi-Cloud Object Storage framework. All users on Windows prior to version RELEASE.2023-03-20T20-16-18Z are impacted. MinIO fails to filter the `\` character, which allows for arbitrary object placement across buckets. As a result, a user with low privileges, such as an access key, service account, or STS credential, which only has permission to `PutObject` in a specific bucket, can create an admin user. This issue is patched in RELEASE.2023-03-20T20-16-18Z. There are no known workarounds. | ||||
| CVE-2022-2237 | 1 Redhat | 3 Keycloak Node.js Adapter, Red Hat Single Sign On, Single Sign-on | 2025-02-24 | 6.1 Medium |
| A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function. | ||||
| CVE-2025-0661 | 1 Detheme | 1 Dethemekit For Elementor | 2025-02-24 | 4.3 Medium |
| The DethemeKit For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the duplicate_post() function due to insufficient restrictions on which posts can be duplicated. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, draft, or scheduled posts that they should not have access to by duplicating the post. | ||||
| CVE-2022-48352 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-24 | 7.5 High |
| Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic. | ||||
| CVE-2024-13740 | 1 Metagauss | 1 Profilegrid | 2025-02-24 | 4.3 Medium |
| The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.4.2 via the pm_messenger_show_messages function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read private conversations of other users. | ||||
| CVE-2023-24625 | 1 Ladybirdweb | 1 Faveo Servicedesk | 2025-02-21 | 6.5 Medium |
| Faveo 5.0.1 allows remote attackers to obtain sensitive information via a modified user ID in an Insecure Direct Object Reference (IDOR) attack. | ||||
| CVE-2025-23001 | 2025-02-21 | 6.1 Medium | ||
| A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE: the Supplier's position is that the end user is supposed to edit the NGINX configuration template to set server_name (with this setting, Host header injection cannot occur). | ||||
| CVE-2023-28683 | 1 Jenkins | 1 Phabricator Differential | 2025-02-21 | 8.2 High |
| Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2020-36691 | 1 Linux | 1 Linux Kernel | 2025-02-21 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference. | ||||
| CVE-2024-12860 | 1 Carspot Project | 1 Carspot | 2025-02-21 | 9.8 Critical |
| The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account. | ||||
| CVE-2023-28684 | 1 Jenkins | 1 Remote-jobs-view | 2025-02-20 | 6.5 Medium |
| Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||||
| CVE-2022-36284 | 1 Storeapps | 1 Affiliate For Woocommerce | 2025-02-20 | 6.4 Medium |
| Authenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user profile page. | ||||
| CVE-2022-29434 | 1 Spiffyplugins | 1 Spiffy Calendar | 2025-02-20 | 6.3 Medium |
| Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. | ||||
| CVE-2025-0352 | 2025-02-20 | 7.5 High | ||
| Rapid Response Monitoring My Security Account App utilizes an API that could be exploited by an attacker to modify request data, potentially causing the API to return information about other users. | ||||
| CVE-2023-20558 | 1 Amd | 178 Athlon Gold 3150u, Athlon Gold 3150u Firmware, Athlon Silver 3050u and 175 more | 2025-02-20 | 8.8 High |
| Insufficient control flow management in AmdCpmOemSmm may allow a privileged attacker to tamper with the SMM handler potentially leading to an escalation of privileges. | ||||
| CVE-2022-43492 | 1 Gvectors | 1 Wpdiscuz | 2025-02-20 | 4.3 Medium |
| Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress. | ||||
| CVE-2022-40206 | 1 Gvectors | 1 Wpforo Forum | 2025-02-20 | 6.3 Medium |
| Insecure direct object references (IDOR) vulnerability in the wpForo Forum plugin <= 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as private/public. | ||||