Search
59,256 CVEs
CVEs (59,256, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 226–250 of 59,256 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-3898 | MEDIUM | 6.5 | 2025-06-10 | CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an authenticated malicious user sends HTTPS request containing invalid data t… | |
| CVE-2025-3899 | MEDIUM | 5.4 | 2025-06-10 | CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists in Certificates page on Webserver that could cause an unva… | |
| CVE-2025-3905 | MEDIUM | 5.4 | 2025-06-10 | CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists impacting PLC system variables that could cause an unvalid… | |
| CVE-2025-4680 | NONE | Patched | — | 2025-06-10 | Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Exploiting Incorrectly Configured Access Control Security Levels.This… |
| CVE-2025-4681 | NONE | Patched | — | 2025-06-10 | Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Abuse.This issue affects upKeeper Instant Privilege Acc… |
| CVE-2025-5740 | HIGH | 7.2 | 2025-06-10 | CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file writes when an authenticated use… | |
| CVE-2025-5741 | MEDIUM | 4.9 | 2025-06-10 | CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file reads from the charging station.… | |
| CVE-2025-5742 | MEDIUM | 5.4 | 2025-06-10 | CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability exists when an authenticated user modifies configuration paramete… | |
| CVE-2025-5743 | MEDIUM | 5.5 | 2025-06-10 | CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote control over the charging st… | |
| CVE-2025-40654 | CRITICAL | Patched | 9.8 | 2025-06-10 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name … |
| CVE-2025-40655 | CRITICAL | Patched | 9.8 | 2025-06-10 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the name … |
| CVE-2025-40656 | CRITICAL | Patched | 9.8 | 2025-06-10 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the cod p… |
| CVE-2025-40657 | CRITICAL | Patched | 9.8 | 2025-06-10 | A SQL injection vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to retrieve, create, update and delete databases through the codfo… |
| CVE-2025-40658 | HIGH | Patched | 7.5 | 2025-06-10 | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the … |
| CVE-2025-40659 | HIGH | Patched | 7.5 | 2025-06-10 | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the … |
| CVE-2025-40660 | HIGH | Patched | 7.5 | 2025-06-10 | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the … |
| CVE-2025-40661 | HIGH | Patched | 7.5 | 2025-06-10 | An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS. This vulnerability allows an attacker to access the private area setting the … |
| CVE-2025-40662 | HIGH | Patched | 7.5 | 2025-06-10 | Absolute path disclosure vulnerability in DM Corporative CMS. This vulnerability allows an attacker to view the contents of webroot/file, if navigating to a non-existent file. |
| CVE-2024-13089 | HIGH | 7.2 | 2025-06-10 | An OS command injection vulnerability within the update functionality may allow an authenticated administrator to execute unauthorized arbitrary OS commands. Users with … | |
| CVE-2024-13090 | HIGH | 7.0 | 2025-06-10 | A privilege escalation vulnerability may enable a service account to elevate its privileges. The sudo rules configured for a local service account were excessively permi… | |
| CVE-2025-41657 | MEDIUM | 4.3 | 2025-06-10 | Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker. | |
| CVE-2025-2918 | MEDIUM | Patched | 6.4 | 2025-06-10 | The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 3… |
| CVE-2025-43697 | HIGH | 7.5 | 2025-06-10 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (DataMapper) allows exposure of encrypted data. This impacts OmniStudio: before Spring 2025 | |
| CVE-2025-43698 | CRITICAL | 9.1 | 2025-06-10 | Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of field level security controls for Salesforce objects. This impacts… | |
| CVE-2025-43699 | MEDIUM | 5.3 | 2025-06-10 | Client-Side Enforcement of Server-Side Security vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of required permission check. This impacts OmniStudio: be… |