Export limit exceeded: 335276 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335276 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10008 | 1 Masteriyo | 1 Masteriyo | 2025-05-17 | 8.8 High |
| The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. This makes it possible for authenticated attackers, with student-level access and above, to modify the roles of arbitrary users. As a result, attackers can escalate their privileges to the Administrator and demote existing administrators to students. | ||||
| CVE-2024-51242 | 1 Eladmin | 1 Eladmin | 2025-05-17 | 6.5 Medium |
| A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier in ServerDeployController.java. The manipulation of the HTTP Body ip parameter leads to SSRF. | ||||
| CVE-2024-5429 | 1 Logichunt | 1 Logo Slider | 2025-05-17 | 7.6 High |
| The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks | ||||
| CVE-2024-48411 | 2 Mayurik, Online Tours And Travels Management System Project | 2 Online Tours \& Travels Management System, Online Tours And Travels Management System | 2025-05-17 | 9.8 Critical |
| itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to SQL Injection (SQLI) via a crafted payload to the val-email parameter in forget_password.php. | ||||
| CVE-2025-22872 | 2025-05-16 | 6.5 Medium | ||
| The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts). | ||||
| CVE-2025-22235 | 2025-05-16 | 7.3 High | ||
| EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection | ||||
| CVE-2024-8207 | 2 Linux, Mongodb | 2 Linux Kernel, Mongodb | 2025-05-16 | 6.4 Medium |
| In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. This issue affects MongoDB Server v5.0 versions prior to 5.0.14 and MongoDB Server v6.0 versions prior to 6.0.3. Required Configuration: Only environments with Linux as the underlying operating system is affected by this issue | ||||
| CVE-2024-44041 | 1 Northernbeacheswebsites | 1 Ideapush | 2025-05-16 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson IdeaPush allows Stored XSS.This issue affects IdeaPush: from n/a through 8.66. | ||||
| CVE-2024-45983 | 1 Kishan0725 | 1 Hospital Management System | 2025-05-16 | 6.3 Medium |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management System version 6.3.5. The vulnerability allows an attacker to craft a malicious HTML form that submits a request to delete a doctor record. By enticing an authenticated admin user to visit the specially crafted web page, the attacker can leverage the victim's browser to make unauthorized requests to the vulnerable endpoint, effectively allowing the attacker to perform actions on behalf of the admin without their consent. | ||||
| CVE-2024-39928 | 2 Apache, Apache Software Foundation | 2 Linkis, Apache Linkis Spark Engineconn | 2025-05-16 | 7.5 High |
| In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn, random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils. Users are recommended to upgrade to version 1.6.0, which fixes this issue. | ||||
| CVE-2024-3673 | 1 Salephpscripts | 1 Web Directory Free | 2025-05-16 | 9.1 Critical |
| The Web Directory Free WordPress plugin before 1.7.3 does not validate a parameter before using it in an include(), which could lead to Local File Inclusion issues. | ||||
| CVE-2023-24163 | 1 Hutool | 1 Hutool | 2025-05-16 | 9.8 Critical |
| SQL Inection vulnerability in Dromara hutool before 5.8.21 allows attacker to execute arbitrary code via the aviator template engine. | ||||
| CVE-2023-24468 | 1 Microfocus | 1 Netiq Advanced Authentication | 2025-05-16 | 9.8 Critical |
| Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | ||||
| CVE-2022-48425 | 1 Linux | 1 Linux Kernel | 2025-05-16 | 7.8 High |
| In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. | ||||
| CVE-2024-45158 | 2 Arm, Mbed | 2 Mbed Tls, Mbedtls | 2025-05-16 | 9.8 Critical |
| An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.) | ||||
| CVE-2024-7891 | 2 Christoph Nagel, Just-a-web-developer | 2 Floating Contact Button, Floating Contact Button | 2025-05-16 | 4.8 Medium |
| The Floating Contact Button WordPress plugin before 2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | ||||
| CVE-2024-7955 | 1 Squirrly | 1 Starbox | 2025-05-16 | 4.8 Medium |
| The Starbox WordPress plugin before 3.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2024-7846 | 1 Yithemes | 1 Yith Woocommerce Ajax Search | 2025-05-16 | 5.4 Medium |
| YITH WooCommerce Ajax Search is vulnerable to a XSS vulnerability due to insufficient sanitization of user supplied block attributes. This makes it possible for Contributors+ attackers to inject arbitrary scripts. | ||||
| CVE-2025-4196 | 1 Fabianros | 1 Patient Record Management System | 2025-05-16 | 6.3 Medium |
| A vulnerability was found in SourceCodester Patient Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /birthing.php. The manipulation of the argument comp_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-32137 | 2 D-link, Dlink | 6 Dap-1360f1 Firmware, Dap-2020 Firmware, Dap-1360 and 3 more | 2025-05-16 | 6.5 Medium |
| D-Link DAP-1360 webproc WEB_DisplayPage Directory Traversal Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of requests to the /cgi-bin/webproc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of root. . Was ZDI-CAN-18415. | ||||