Export limit exceeded: 337357 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337357 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5242 | 2025-06-07 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-5223 | 2025-06-07 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-5097 | 2025-06-07 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-5026 | 2025-06-07 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-0753 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-06-07 | 6.5 Medium |
| In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. | ||||
| CVE-2025-31027 | 1 Jocoxdesign | 1 Tiger | 2025-06-06 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0. | ||||
| CVE-2025-48146 | 1 Lupsonline | 1 Seo Flow | 2025-06-06 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0. | ||||
| CVE-2025-39509 | 1 Themencode | 1 Tnc Flipbook | 2025-06-06 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode TNC FlipBook allows Stored XSS. This issue affects TNC FlipBook: from n/a through 12.1.0. | ||||
| CVE-2025-39507 | 1 Nasatheme | 1 Nasa Core | 2025-06-06 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Nasa Core allows PHP Local File Inclusion. This issue affects Nasa Core: from n/a through 6.3.2. | ||||
| CVE-2025-39493 | 1 Valvepress | 1 Rankie | 2025-06-06 | 4.3 Medium |
| Missing Authorization vulnerability in ValvePress Rankie allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rankie: from n/a through 1.8.0. | ||||
| CVE-2025-47544 | 1 Acowebs | 1 Dynamic Pricing With Discount Rules For Woocommerce | 2025-06-06 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce allows Blind SQL Injection. This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through 4.5.8. | ||||
| CVE-2024-24262 | 1 Ireader | 1 Media-server | 2025-06-06 | 7.5 High |
| media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c. | ||||
| CVE-2023-51073 | 1 Buffalo | 2 Ls210d, Ls210d Firmware | 2025-06-06 | 8.1 High |
| An issue in Buffalo LS210D v.1.78-0.03 allows a remote attacker to execute arbitrary code via the Firmware Update Script at /etc/init.d/update_notifications.sh. | ||||
| CVE-2024-37826 | 1 Vercot | 1 Serva | 2025-06-06 | 7.5 High |
| A NULL pointer dereference in vercot Serva v4.6.0 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2025-25522 | 1 Linksys | 2 Wap610n, Wap610n Firmware | 2025-06-06 | 7.3 High |
| Buffer overflow vulnerability in Linksys WAP610N v1.0.05.002 due to the lack of length verification, which is related to the time setting operation. The attacker can directly control the remote target device by successfully exploiting this vulnerability. | ||||
| CVE-2024-1021 | 1 Ruifang-tech | 1 Rebuild | 2025-06-06 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252290 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-51066 | 1 Qstar | 1 Archive Storage Manager | 2025-06-06 | 8.8 High |
| An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows attackers to arbitrarily execute commands. | ||||
| CVE-2025-5668 | 1 Phpgurukul | 1 Medical Card Generation System | 2025-06-06 | 6.3 Medium |
| A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/readenq.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5639 | 1 Phpgurukul | 1 Notice Board System | 2025-06-06 | 7.3 High |
| A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5638 | 1 Phpgurukul | 1 Notice Board System | 2025-06-06 | 6.3 Medium |
| A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||