Export limit exceeded: 339569 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339569 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-35148 | 1 Ibm | 1 Maximo Application Suite | 2025-07-08 | 6.3 Medium |
| IBM Maximo Application Suite 8.10.10, 8.11.7, and 9.0 - Monitor Component is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2025-7176 | 1 Phpgurukul | 1 Hospital Management System | 2025-07-08 | 7.3 High |
| A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view-medhistory.php. The manipulation of the argument viewid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-35150 | 1 Ibm | 1 Maximo Application Suite | 2025-07-08 | 5.3 Medium |
| IBM Maximo Application Suite 8.10.12, 8.11.0, 9.0.1, and 9.1.0 - Monitor Component does not neutralize output that is written to logs, which could allow an attacker to inject false log entries. | ||||
| CVE-2025-53499 | 2025-07-08 | 9.1 Critical | ||
| Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2. | ||||
| CVE-2025-53495 | 2025-07-08 | 9.1 Critical | ||
| Missing Authorization vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Unauthorized Access.This issue affects Mediawiki - AbuseFilter Extension: from 1.43.X before 1.43.2. | ||||
| CVE-2025-31022 | 2025-07-08 | 9.8 Critical | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in PayU PayU India allows Authentication Abuse.This issue affects PayU India: from n/a before 3.8.8. | ||||
| CVE-2025-0158 | 3 Ibm, Linux, Microsoft | 3 Entirex, Linux Kernel, Windows | 2025-07-08 | 5.5 Medium |
| IBM EntireX 11.1 could allow a local user to cause a denial of service due to an unhandled error and fault isolation. | ||||
| CVE-2025-0759 | 3 Ibm, Linux, Microsoft | 3 Entirex, Linux Kernel, Windows | 2025-07-08 | 3.3 Low |
| IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due to improper shared resource synchronization. | ||||
| CVE-2020-1171 | 1 Microsoft | 1 Python | 2025-07-08 | 8.8 High |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192. | ||||
| CVE-2020-1192 | 1 Microsoft | 1 Python | 2025-07-08 | 7.8 High |
| A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171. | ||||
| CVE-2024-38314 | 1 Ibm | 1 Maximo Application Suite | 2025-07-08 | 5.9 Medium |
| IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment. | ||||
| CVE-2025-4128 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2025-07-08 | 3.1 Low |
| Mattermost versions 10.5.x <= 10.5.4, 9.11.x <= 9.11.13 fail to properly restrict API access to team information, allowing guest users to bypass permissions and view information about public teams they are not members of via a direct API call to /api/v4/teams/{team_id}. | ||||
| CVE-2025-7180 | 1 Carmelo | 1 Staff Audit System | 2025-07-08 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in code-projects Staff Audit System 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument User leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7181 | 1 Carmelo | 1 Staff Audit System | 2025-07-08 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in code-projects Staff Audit System 1.0. Affected is an unknown function of the file /test.php. The manipulation of the argument uploadedfile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7179 | 1 Code-projects | 1 Library System | 2025-07-08 | 7.3 High |
| A vulnerability classified as critical was found in code-projects Library System 1.0. This vulnerability affects unknown code of the file /add-teacher.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7178 | 1 Fabian | 1 Food Distributor Site | 2025-07-08 | 7.3 High |
| A vulnerability classified as critical has been found in code-projects Food Distributor Site 1.0. This affects an unknown part of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7177 | 1 Phpgurukul | 1 Car Washing Management System | 2025-07-08 | 4.7 Medium |
| A vulnerability was found in PHPGurukul Car Washing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/editcar-washpoint.php. The manipulation of the argument wpid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7174 | 1 Code-projects | 1 Library System | 2025-07-08 | 7.3 High |
| A vulnerability was found in code-projects Library System 1.0 and classified as critical. This issue affects some unknown processing of the file /teacher-issue-book.php. The manipulation of the argument idn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7165 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-07-08 | 7.3 High |
| A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-7164 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-07-08 | 7.3 High |
| A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||