Search
534 CVEs · High severity
CVEs (534, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 534 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2019-25719 | HIGH | 8.6 | 2026-06-02 | Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulne… | |
| CVE-2019-25722 | HIGH | 7.6 | 2026-06-02 | Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service vulnerabil… | |
| CVE-2019-25726 | HIGH | 8.2 | 2026-06-04 | All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code t… | |
| CVE-2019-25728 | HIGH | 8.2 | 2026-06-04 | Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie param… | |
| CVE-2019-25730 | HIGH | 8.2 | 2026-06-04 | Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id… | |
| CVE-2019-25731 | HIGH | 7.2 | 2026-06-04 | Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact fo… | |
| CVE-2019-25732 | HIGH | 8.2 | 2026-06-04 | PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the … | |
| CVE-2019-25733 | HIGH | 8.4 | 2026-06-04 | NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious i… | |
| CVE-2019-25735 | HIGH | 8.4 | 2026-06-04 | AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an exces… | |
| CVE-2019-25736 | HIGH | 8.4 | 2026-06-04 | LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP f… | |
| CVE-2019-25737 | HIGH | 7.2 | 2026-06-04 | Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input fiel… | |
| CVE-2019-25745 | HIGH | 8.2 | 2026-06-04 | WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by in… | |
| CVE-2021-4478 | HIGH | Patched | 8.2 | 2026-06-02 | Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can … |
| CVE-2021-4480 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2021-4481 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2022-49036 | HIGH | Patched | 7.8 | 2026-06-03 | An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.… |
| CVE-2022-49042 | HIGH | Patched | 7.8 | 2026-06-03 | An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to e… |
| CVE-2022-4992 | HIGH | 8.6 | 2026-06-02 | Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected) contain a network messa… | |
| CVE-2023-54350 | HIGH | 7.5 | 2026-06-08 | WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbi… | |
| CVE-2023-54351 | HIGH | 7.2 | 2026-06-08 | WordPress Sonaar Music Plugin 4.7 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the comment… | |
| CVE-2024-14036 | HIGH | 7.5 | 2026-06-02 | Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sendi… | |
| CVE-2025-14772 | HIGH | 8.8 | 2026-06-03 | Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | |
| CVE-2025-14773 | HIGH | 8.0 | 2026-06-03 | Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | |
| CVE-2025-14774 | HIGH | 7.4 | 2026-06-03 | Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | |
| CVE-2025-15654 | HIGH | 7.1 | 2026-06-03 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fox-themes Prague allows Reflected XSS. This issue affects Prague: fr… |