Search
6,811 CVEs
CVEs (6,811, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 6,811 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-61305 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_firmware.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to exec… | |
| CVE-2025-61306 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_coveragealerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers t… | |
| CVE-2025-61307 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_papers.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execut… | |
| CVE-2025-61308 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_maintenance.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to e… | |
| CVE-2025-61309 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_departments.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to e… | |
| CVE-2025-61310 | MEDIUM | 6.1 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_billings.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to exec… | |
| CVE-2025-61311 | HIGH | 7.3 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_alerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execut… | |
| CVE-2025-61312 | HIGH | 7.3 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the acc-menu_pricess.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to execu… | |
| CVE-2025-61313 | HIGH | 7.3 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_markeralerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to … | |
| CVE-2025-61314 | HIGH | 7.3 | 2026-05-11 | A reflected cross-site scripted (XSS) vulnerability in the dfm-menu_orderopt.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c allows attackers to exec… | |
| CVE-2025-63750 | NONE | — | 2026-05-11 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2026-21709. Reason: This record is a duplicate of CVE-2026-21709. Notes: All CVE users should reference CVE-202… | |
| CVE-2025-65415 | MEDIUM | 5.4 | 2026-05-11 | docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application. | |
| CVE-2025-65416 | MEDIUM | 6.3 | 2026-05-11 | docuFORM Managed Print Service Client 11.11c is vulnerable to arbitrary file upload via pmupdate.php. | |
| CVE-2025-65417 | MEDIUM | 6.1 | 2026-05-11 | docuFORM Managed Print Service Client 11.11c is vulnerable to a reflected cross site scripting attack via the login page of the application. | |
| CVE-2025-65418 | HIGH | 7.5 | 2026-05-11 | docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url. | |
| CVE-2026-31246 | MEDIUM | 6.5 | 2026-05-11 | GPT-Pilot thru commit 0819827ce20346ef5f25b3fe29293cb448840565 (2025-09-03) contains a command injection vulnerability (CWE-78) in the Executor.run() method. During project… | |
| CVE-2026-31247 | HIGH | 7.5 | 2026-05-11 | Docling's JATS XML backend is vulnerable to XML Entity Expansion (XXE) attacks thru 2.61.0. The backend uses etree.parse() to parse XML files without disabling entity resol… | |
| CVE-2026-34086 | NONE | Patched | — | 2026-05-11 | Vulnerability in Wikimedia Foundation AbuseFilter. This issue affects AbuseFilter: from * before 1.43.7, 1.44.4, 1.45.2. |
| CVE-2026-34087 | HIGH | Patched | 7.5 | 2026-05-11 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation OATHAuth. This issue affects OATHAuth: from * before 1.43.7, 1.44.4, 1.45.2. |
| CVE-2026-34088 | HIGH | Patched | 7.5 | 2026-05-11 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2. |
| CVE-2026-34089 | NONE | Patched | — | 2026-05-11 | Vulnerability in Wikimedia Foundation Scribunto. This issue affects Scribunto: from 1.45.0 before 1.45.2. |
| CVE-2026-34090 | HIGH | Patched | 7.5 | 2026-05-11 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation CheckUser. This issue affects CheckUser: from 1.45.0 before 1.45.2. |
| CVE-2026-34091 | HIGH | Patched | 7.5 | 2026-05-11 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This issue affects MediaWiki: from * before 1.43.7, 1.44.4, 1.45.2. |
| CVE-2026-34092 | HIGH | Patched | 7.5 | 2026-05-11 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/S… |
| CVE-2026-3319 | NONE | — | 2026-05-11 | Reflected Cross-Site Scripting (XSS) in the latest demo version of the Cradle eCommerce platform. User-controlled input is insecurely reflected in the HTML output in the en… |