Search
59,256 CVEs
CVEs (59,256, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 59,256 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-27206 | MEDIUM | 5.3 | 2025-06-10 | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in a Securit… | |
| CVE-2025-27207 | MEDIUM | 6.5 | 2025-06-10 | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege… | |
| CVE-2025-30220 | CRITICAL | Patched | 9.9 | 2025-06-10 | GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure … |
| CVE-2025-40567 | MEDIUM | 6.5 | 2025-06-10 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324… | |
| CVE-2025-40568 | MEDIUM | 4.3 | 2025-06-10 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324… | |
| CVE-2025-40569 | MEDIUM | 4.8 | 2025-06-10 | A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324… | |
| CVE-2025-40585 | CRITICAL | 9.9 | 2025-06-10 | A vulnerability has been identified in Energy Services (All versions with G5DFR). Affected solutions using G5DFR contain default credentials. This could allow an attacker t… | |
| CVE-2025-40591 | HIGH | 7.7 | 2025-06-10 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM ROX MX5000RE (All versions < V2.16.5), RUGGEDCOM ROX RX1400 (All versions < … | |
| CVE-2025-43585 | HIGH | 8.2 | 2025-06-10 | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Authorization vulnerability that could result in a Security… | |
| CVE-2025-43586 | HIGH | 8.1 | 2025-06-10 | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by an Improper Access Control vulnerability that could result in privilege… | |
| CVE-2025-44043 | MEDIUM | 5.4 | 2025-06-10 | Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery (SSRF) in /Keyoti_SearchEngine_Web_Common/SearchService.svc/GetResults and /Keyoti_SearchEngi… | |
| CVE-2025-44044 | HIGH | 7.5 | 2025-06-10 | Keyoti SearchUnit prior to 9.0.0. is vulnerable to XML External Entity (XXE). An attacker who can force a vulnerable SearchUnit host into parsing maliciously crafted XML an… | |
| CVE-2025-47110 | HIGH | 8.4 | 2025-06-10 | Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused … | |
| CVE-2025-48067 | MEDIUM | Patched | 5.4 | 2025-06-10 | OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows an attacker wi… |
| CVE-2025-48879 | MEDIUM | Patched | 6.5 | 2025-06-10 | OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request t… |
| CVE-2025-48937 | MEDIUM | Patched | 4.9 | 2025-06-10 | matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sende… |
| CVE-2025-49142 | HIGH | Patched | 7.1 | 2025-06-10 | Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions prior to 2.4.10 or prior to 1.6.32 are potentially affected. Due to in… |
| CVE-2025-49143 | MEDIUM | Patched | 5.9 | 2025-06-10 | Nautobot is a Network Source of Truth and Network Automation Platform. Prior to v2.4.10 and v1.6.32 , files uploaded by users to Nautobot's MEDIA_ROOT directory, including … |
| CVE-2025-4653 | NONE | — | 2025-06-10 | Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105. | |
| CVE-2025-4678 | NONE | — | 2025-06-10 | Improper Neutralization of Special Elements in the chromium_path variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105. | |
| CVE-2025-4801 | NONE | — | 2025-06-10 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have be… | |
| CVE-2023-20599 | HIGH | 7.9 | 2025-06-10 | Improper register access control in ASP may allow a privileged attacker to perform unauthorized access to ASP’s Crypto Co-Processor (CCP) registers from x86 resulting in po… | |
| CVE-2023-29184 | LOW | Patched | 3.2 | 2025-06-10 | An incomplete cleanup vulnerability [CWE-459] in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2 and before 7.0.8 allows a VDOM privileged att… |
| CVE-2023-48786 | MEDIUM | Patched | 4.3 | 2025-06-10 | A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0 through 7.4.2 and before 7.2.6 may allow an authenticated attacker to perform… |
| CVE-2024-32119 | MEDIUM | Patched | 4.8 | 2025-06-10 | An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and before 7.2.4 allows an unauthenticated attacker with the knowledge of the ta… |