Search
59,162 CVEs
CVEs (59,162, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 59,162 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-5889 | LOW | 3.1 | 2025-06-09 | A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of… | |
| CVE-2025-5890 | MEDIUM | 4.3 | 2025-06-09 | A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-patte… | |
| CVE-2025-5891 | MEDIUM | Patched | 4.3 | 2025-06-09 | A vulnerability classified as problematic was found in Unitech pm2 up to 6.0.6. This vulnerability affects unknown code of the file /lib/tools/Config.js. The manipulation l… |
| CVE-2025-5892 | MEDIUM | Patched | 4.3 | 2025-06-09 | A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1. This issue affects the function parseMessage of the file /apps/meteor/app/ir… |
| CVE-2025-5895 | MEDIUM | 4.3 | 2025-06-09 | A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects the function parseDataUri of the file frontend/src/metabase/lib/dom.js. The… | |
| CVE-2025-5914 | HIGH | Patched | 7.8 | 2025-06-09 | A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow … |
| CVE-2025-5915 | MEDIUM | Patched | 6.6 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lem… |
| CVE-2025-5916 | LOW | Patched | 3.9 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that c… |
| CVE-2025-5917 | LOW | Patched | 2.8 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This ca… |
| CVE-2025-5918 | LOW | Patched | 3.9 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the… |
| CVE-2025-49004 | HIGH | Patched | 7.5 | 2025-06-09 | Caido is a web security auditing toolkit. Prior to version 0.48.0, due to the lack of protection for DNS rebinding, Caido can be loaded on an attacker-controlled domain. Th… |
| CVE-2025-49137 | HIGH | Patched | 8.5 | 2025-06-09 | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing… |
| CVE-2025-49138 | MEDIUM | Patched | 6.5 | 2025-06-09 | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, an authenticated Local File Inclusion (LFI) vulnerability in the HA… |
| CVE-2025-49139 | MEDIUM | Patched | 5.3 | 2025-06-09 | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, in the HAX site editor, users can create a website block to load an… |
| CVE-2025-49141 | HIGH | Patched | 8.5 | 2025-06-09 | HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the `gitImportSite` functionality obtains a URL string from a POST … |
| CVE-2025-5896 | MEDIUM | Patched | 4.3 | 2025-06-09 | A vulnerability was found in tarojs taro up to 4.1.1. It has been declared as problematic. This vulnerability affects unknown code of the file taro/packages/css-to-react-na… |
| CVE-2025-5897 | MEDIUM | Patched | 4.3 | 2025-06-09 | A vulnerability was found in vuejs vue-cli up to 5.0.8. It has been rated as problematic. This issue affects the function HtmlPwaPlugin of the file packages/@vue/cli-plugin… |
| CVE-2025-30184 | CRITICAL | Patched | 9.8 | 2025-06-09 | CyberData 011209 Intercom could allow an unauthenticated user access to the Web Interface through an alternate path. |
| CVE-2025-49140 | HIGH | Patched | 7.5 | 2025-06-09 | Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited t… |
| CVE-2025-5898 | MEDIUM | 5.3 | 2025-06-09 | A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file util… | |
| CVE-2025-5899 | MEDIUM | 5.3 | 2025-06-09 | A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option… | |
| CVE-2025-5900 | MEDIUM | 4.3 | 2025-06-09 | A vulnerability, which was classified as problematic, was found in Tenda AC9 15.03.02.13. This affects an unknown part. The manipulation leads to cross-site request forgery… | |
| CVE-2025-26468 | HIGH | Patched | 7.5 | 2025-06-09 | CyberData 011209 Intercom exposes features that could allow an unauthenticated to gain access and cause a denial-of-service condition or system disruption. |
| CVE-2025-30183 | HIGH | Patched | 7.5 | 2025-06-09 | CyberData 011209 Intercom does not properly store or protect web server admin credentials. |
| CVE-2025-30507 | MEDIUM | Patched | 5.3 | 2025-06-09 | CyberData 011209 Intercom could allow an unauthenticated user to gather sensitive information through blind SQL injections. |