Export limit exceeded: 350006 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350006 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-31326 | 2026-04-15 | 4.1 Medium | ||
| SAP�BusinessObjects Business�Intelligence Platform (Web Intelligence) is vulnerable to HTML Injection, allowing an attacker with basic user privileges to inject malicious code into specific input fields. This could lead to unintended redirects or manipulation of application behavior, such as redirecting users to attacker-controlled domains. This issue primarily affects the integrity of the system. However, the confidentiality and availability of the system remain unaffected. | ||||
| CVE-2024-2414 | 2026-04-15 | 8.8 High | ||
| The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privileges. | ||||
| CVE-2024-24450 | 2026-04-15 | 5.3 Medium | ||
| Stack-based memcpy buffer overflow in the ngap_handle_pdu_session_resource_setup_response routine in OpenAirInterface CN5G AMF <= 2.0.0 allows a remote attacker with access to the N2 interface to carry out denial of service against the AMF and potentially execute code by sending a PDU Session Resource Setup Response with a suffciently large FailedToSetupList IE. | ||||
| CVE-2024-24446 | 1 Openairinterface | 1 Cn5g Amf | 2026-04-15 | 6.5 Medium |
| An uninitialized pointer dereference in OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialContextSetupResponse message sent to the AMF. | ||||
| CVE-2024-24447 | 2026-04-15 | 5.3 Medium | ||
| A buffer overflow in the ngap_amf_handle_pdu_session_resource_setup_response function of oai-cn5g-amf up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a PDU Session Resource Setup Response with an empty Response Item list. | ||||
| CVE-2024-24449 | 1 Openairinterface | 1 Cn5g Amf | 2026-04-15 | 6.5 Medium |
| An uninitialized pointer dereference in the NasPdu::NasPdu component of OpenAirInterface CN5G AMF up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted InitialUEMessage message sent to the AMF. | ||||
| CVE-2024-24454 | 2026-04-15 | 5.9 Medium | ||
| An invalid memory access when handling the ProtocolIE_ID field of E-RAB Modify Request messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload. | ||||
| CVE-2024-24457 | 2026-04-15 | 5.9 Medium | ||
| An invalid memory access when handling the ProtocolIE_ID field of E-RAB Setup List Context SURes messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload. | ||||
| CVE-2024-2451 | 2026-04-15 | 6.4 Medium | ||
| Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading. | ||||
| CVE-2024-2462 | 2026-04-15 | N/A | ||
| Allow attackers to intercept or falsify data exchanges between the client and the server | ||||
| CVE-2025-5470 | 2 Apple, Yandex | 2 Macos, Disk | 2026-04-15 | N/A |
| Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275. | ||||
| CVE-2020-10367 | 2026-04-15 | 5.5 Medium | ||
| Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack. | ||||
| CVE-2024-24787 | 1 Golang | 1 Go | 2026-04-15 | 6.4 Medium |
| On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive. | ||||
| CVE-2020-10368 | 2026-04-15 | 3.5 Low | ||
| Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack. | ||||
| CVE-2024-2483 | 2026-04-15 | 4.3 Medium | ||
| A vulnerability, which was classified as problematic, has been found in Surya2Developer Hostel Management Service 1.0. This issue affects some unknown processing of the file /change-password.php of the component Password Change Handler. The manipulation of the argument oldpassword leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256889 was assigned to this vulnerability. | ||||
| CVE-2020-10370 | 2026-04-15 | 8.8 High | ||
| Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth outage via a "Spectra" attack. | ||||
| CVE-2020-11921 | 1 Lush 2 | 1 Lush 2 | 2026-04-15 | 8.8 High |
| An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic encryption, it is possible to hijack an ongoing Bluetooth connection between the Lush 2 and a mobile phone. This allows an attacker to gain full control over the device. | ||||
| CVE-2020-12484 | 2026-04-15 | 6.4 Medium | ||
| When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks. | ||||
| CVE-2020-12487 | 2026-04-15 | 7 High | ||
| Due to the flaws in the verification of input parameters, the attacker can input carefully constructed commands to make the ABE service execute some commands with root privilege. | ||||
| CVE-2024-24891 | 2026-04-15 | 6 Medium | ||
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in openEuler kernel on Linux allows Resource Leak Exposure. This vulnerability is associated with program files https://gitee.Com/openeuler/kernel/blob/openEuler-1.0-LTS/drivers/staging/gmjstcm/tcm.C. This issue affects kernel: from 4.19.90-2109.1.0.0108 before 4.19.90-2403.4.0.0244. | ||||