Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 76–100 of 1,557 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2025-5090 | MEDIUM | 6.5 | 2026-06-05 | CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this b… | |
| CVE-2025-52606 | MEDIUM | 4.3 | 2026-06-04 | HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is … | |
| CVE-2025-52608 | LOW | 3.1 | 2026-06-04 | HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure … | |
| CVE-2025-52609 | LOW | 3.7 | 2026-06-04 | HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS filtering mechanisms of m… | |
| CVE-2025-52611 | LOW | 3.1 | 2026-06-04 | HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the applicat… | |
| CVE-2025-52612 | HIGH | 7.1 | 2026-06-04 | HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficien… | |
| CVE-2025-52759 | HIGH | 7.1 | 2026-06-02 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects … | |
| CVE-2025-52766 | MEDIUM | 6.5 | 2026-06-02 | Missing Authorization vulnerability in Printeers Printeers Print & Ship allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Printee… | |
| CVE-2025-53209 | CRITICAL | 9.8 | 2026-06-02 | Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: from n/a through 2.20.0. | |
| CVE-2025-53302 | MEDIUM | 5.3 | 2026-06-02 | Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a… | |
| CVE-2025-53345 | HIGH | 8.8 | 2026-06-02 | Missing Authorization vulnerability leading to code execution after installing malicious vulnerable plugin in ThimPress Thim Core. This issue affects Thim Core: from n/a t… | |
| CVE-2025-53346 | MEDIUM | 4.3 | 2026-06-02 | Missing Authorization vulnerability in ThimPress Thim Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Thim Core: from n/a … | |
| CVE-2025-53440 | HIGH | 8.1 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Confidant allows PHP Local File Inclusi… | |
| CVE-2025-58024 | HIGH | 7.5 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in UnboundStudio Accordion FAQ allows PHP Local File I… | |
| CVE-2025-58705 | HIGH | 8.1 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Crafti allows PHP Local File Inclusion.… | |
| CVE-2025-58707 | HIGH | 8.1 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Spin allows PHP Local File Inclusion. … | |
| CVE-2025-58897 | HIGH | 8.1 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axiomthemes Fermentio allows PHP Local File Inclusi… | |
| CVE-2025-59174 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause servic… |
| CVE-2025-59874 | HIGH | 8.1 | 2026-06-04 | HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential di… | |
| CVE-2025-60477 | MEDIUM | Patched | 5.0 | 2026-06-03 | A NULL pointer dereference in the gf_filter_pid_resolve_file_template_ex function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to caus… |
| CVE-2025-62338 | LOW | 3.3 | 2026-06-04 | HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure. | |
| CVE-2025-64390 | HIGH | 7.4 | 2026-06-02 | A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed … | |
| CVE-2025-65640 | MEDIUM | 6.3 | 2026-06-04 | Cross Site Scripting (XSS) vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input i… | |
| CVE-2025-67446 | CRITICAL | 9.8 | 2026-06-04 | Improper Authentication (Authentication Bypass) exists in Neterbit NW-431F Router 20241014-IR03 and before. The router uses a weak/predictable cookie value for authenticati… | |
| CVE-2025-67447 | CRITICAL | 9.8 | 2026-06-04 | The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize us… |