Export limit exceeded: 341483 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341483 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61482 | 2 Google, Privacyidea | 2 Android, Privacyidea | 2025-10-30 | 7.2 High |
| Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets, enabling generation of valid one-time passwords, and bypassing authentication for enrolled accounts. | ||||
| CVE-2025-27810 | 1 Arm | 1 Mbed Tls | 2025-10-30 | 5.4 Medium |
| Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays. | ||||
| CVE-2025-9313 | 1 Mmedica | 1 Mmedica | 2025-10-30 | N/A |
| An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a previously authenticated connection through a "mmBackup" application. This flaw allows attackers to bypass authentication mechanisms and gain unauthorized access to database with sensitive data. This issue affects Asseco mMedica in versions before 11.9.5. | ||||
| CVE-2025-62798 | 1 Code16 | 1 Sharp | 2025-10-30 | 5.4 Medium |
| Sharp is a content management framework built for Laravel as a package. Prior to 9.11.1, a Cross-Site Scripting (XSS) vulnerability was discovered in code16/sharp when rendering content using the SharpShowTextField component. In affected versions, expressions wrapped in {{ & }} were evaluated by Vue. This allowed attackers to inject arbitrary JavaScript or HTML that executes in the browser when the field is displayed. The issue has been fixed in v9.11.1 . | ||||
| CVE-2025-62796 | 1 Privatebin | 1 Privatebin | 2025-10-30 | 5.8 Medium |
| PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename (attachment_name) when attachments are enabled. An attacker can modify attachment_name before encryption so that, after decryption, arbitrary HTML is inserted unescaped into the page near the file size hint, enabling redirect (e.g., meta refresh) and site defacement and related phishing attacks. Script execution is normally blocked by the recommended Content Security Policy, limiting confidentiality impact. The issue was introduced in 1.7.7 and fixed in 2.0.2. Update to 2.0.2 or later. Workarounds include enforcing the recommended CSP, deploying PrivateBin on a separate domain, or disabling attachments. | ||||
| CVE-2025-62793 | 1 Elabftw | 1 Elabftw | 2025-10-30 | 6.8 Medium |
| eLabFTW is an open source electronic lab notebook for research labs. The application served uploaded SVG files inline. Because SVG supports active content, an attacker could upload a crafted SVG that executes script when viewed, resulting in stored XSS under the application origin. A victim who opens the SVG URL or any page embedding it could have their session hijacked, data exfiltrated, or actions performed on their behalf. This vulnerability is fixed n 5.3.0. | ||||
| CVE-2025-62794 | 1 Github-workflow-updater-extension | 1 Github-workflow-updater-extension | 2025-10-30 | 3.8 Low |
| GitHub Workflow Updater is a VS Code extension that automatically pins GitHub Actions to specific commits for enhanced security. Before 0.0.7, any provided Github token would be stored in plaintext in the editor configuration as json on disk, rather than through the more secure "securestorage" api. An attacker with read only access to your home directory could have read this token and used it to perform actions with that token. Update to 0.0.7. | ||||
| CVE-2025-62777 | 1 Planex | 1 Mzk-dp300n | 2025-10-30 | N/A |
| Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may allow an attacker within the local network to log in to the affected device via Telnet and execute arbitrary commands. | ||||
| CVE-2025-62725 | 1 Docker | 1 Composer | 2025-10-30 | 8.0 High |
| Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cache directory and writes the file there. This affects any platform or workflow that resolves remote OCI compose artifacts, Docker Desktop, standalone Compose binaries on Linux, CI/CD runners, cloud dev environments is affected. An attacker can escape the cache directory and overwrite arbitrary files on the machine running docker compose, even if the user only runs read‑only commands such as docker compose config or docker compose ps. This issue is fixed in v2.40.2. | ||||
| CVE-2025-10150 | 1 Softing | 2 Smartlink Hw-dp, Smartlink Hw-pn | 2025-10-30 | N/A |
| Webserver crash caused by scanning on TCP port 80 in Softing Industrial Automation GmbH gateways and switch.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31 | ||||
| CVE-2025-10151 | 1 Softing | 2 Smartlink Hw-dp, Smartlink Hw-pn | 2025-10-30 | N/A |
| Improper locking vulnerability in Softing Industrial Automation GmbH gateways allows infected memory and/or resource leak exposure.This issue affects smartLink HW-PN: from 1.02 through 1.03 smartLink HW-DP: 1.31 | ||||
| CVE-2025-1036 | 1 Hitachienergy | 1 Tropos | 2025-10-30 | N/A |
| Command injection vulnerability exists in the “Logging” page of the web-based configuration utility. An authenticated user with low privileged network access for the configuration utility can execute arbitrary commands on the underlying OS to obtain root SSH access to the TropOS 4th Gen device. | ||||
| CVE-2025-1038 | 1 Hitachienergy | 1 Tropos | 2025-10-30 | N/A |
| The “Diagnostics Tools” page of the web-based configuration utility does not properly validate user-controlled input, allowing an authenticated user with high privileges to inject commands into the command shell of the TropOS 4th Gen device. The injected commands can be exploited to execute several set-uid (SUID) applications to ultimately gain root access to the TropOS device. | ||||
| CVE-2025-1037 | 1 Hitachienergy | 1 Tropos | 2025-10-30 | N/A |
| By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell (SSH) to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allow for certain commands to be run as root from an unprivileged context. | ||||
| CVE-2025-11705 | 2 Anti-malware Security And Brute-force Firewall Project, Wordpress | 2 Anti-malware Security And Brute-force Firewall, Wordpress | 2025-10-30 | 6.5 Medium |
| The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.23.81 due to a missing capability check combined with an information exposure in several GOTMLS_* AJAX actions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. | ||||
| CVE-2025-11735 | 2 Realmag777, Wordpress | 2 Husky, Wordpress | 2025-10-30 | 7.5 High |
| The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to blind SQL Injection via the `phrase` parameter in all versions up to, and including, 1.3.7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | ||||
| CVE-2025-12310 | 1 Virtfusion | 1 Virtfusion | 2025-10-30 | 5.3 Medium |
| A security vulnerability has been detected in VirtFusion up to 6.0.2. This vulnerability affects unknown code of the file /account/_settings of the component Email Change Handler. The manipulation leads to improper restriction of excessive authentication attempts. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12341 | 1 Ermig1979 | 1 Antidupl | 2025-10-30 | 7.8 High |
| A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impacted is an unknown function of the file AntiDupl.NET.WinForms.exe of the component Delete Duplicate Image Handler. The manipulation results in link following. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12342 | 1 Serdar Bayram | 1 Ghost Hot Spot | 2025-10-30 | 7.3 High |
| A flaw has been found in Serdar Bayram Ghost Hot Spot up to 20251014. The affected element is an unknown function of the file /Auth.php of the component Login. This manipulation causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12344 | 1 Yonyou | 2 U8+, Yonyou | 2025-10-30 | 6.3 Medium |
| A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||