Search

Search Results (301065 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-32032 1 Trustedfirmware 1 Trusted Firmware-m 2026-06-08 7.5 High
In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure) can prevent the abort() operation in the associated cryptographic library from freeing internal resources, causing a memory leak.
CVE-2024-56122 2026-06-08 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56121 2026-06-08 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56120 2026-06-08 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56123 2026-06-08 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2020-25900 1 Hellotalk 1 Hellotalk 2026-06-07 5.3 Medium
HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed into a database on the client of other users. (The client side was changed in 2019 to encrypt that database.)
CVE-2025-12656 2 Wordpress, Wpvividplugins 2 Wordpress, Wpvivid — Backup, Migration & Staging 2026-06-07 3.8 Low
The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the delete_cancel_staging_site() function in all versions up to, and including, 0.9.128. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary folders on the server, which leads to a loss of data.
CVE-2025-0419 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zirve Information Technologies Inc. Zirve Nova allows Cross-Site Scripting (XSS). This issue affects Zirve Nova: from 235 through 20250131.
CVE-2025-0420 1 Parasut Software 1 Parasut 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Software Paraşüt allows Cross-Site Scripting (XSS). This issue affects Paraşüt: from 0.0.0.65efa44e through 20250204.
CVE-2025-0421 1 Shopside 1 Shopside 2026-06-06 4.7 Medium
Improper Restriction of Rendered UI Layers or Frames vulnerability in Shopside Software Technologies Inc. Shopside allows iFrame Overlay. This issue affects Shopside: through 05022025.
CVE-2025-0545 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tekrom Technology T-Soft E-Commerce allows Cross-Site Scripting (XSS). This issue affects T-Soft E-Commerce: before v5.
CVE-2025-0546 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Restriction of Rendered UI Layers or Frames vulnerability in Mevzuattr Software MevzuatTR allows Phishing, iFrame Overlay, Clickjacking, Forceful Browsing. This issue needs high privileges.  This issue affects MevzuatTR: before 12.02.2025.
CVE-2025-0547 1 Parasut Software 1 Bizmu 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paraşüt Software Bizmu allows Cross-Site Scripting (XSS). This issue affects Bizmu: from 2.27.0 through 20250212.
CVE-2025-0603 1 Callvision Healthcare 1 Callvision Emergency Code 2026-06-06 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Callvision Healthcare Callvision Emergency Code allows SQL Injection, Blind SQL Injection. This issue affects Callvision Emergency Code: before V3.0.
CVE-2025-0606 1 Logo Software 1 Logo Cloud 2026-06-06 6 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure. This issue affects Logo Cloud: before 0.67.
CVE-2025-0607 1 Logo Software 1 Logo Cloud 2026-06-06 4.3 Medium
Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects Logo Cloud: before 2.57.
CVE-2025-0608 1 Logo Software 1 Logo Cloud 2026-06-06 5.5 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful Browsing. This issue affects Logo Cloud: before 2025.R6.
CVE-2025-0609 1 Logo Software 1 Logo Cloud 2026-06-06 4.7 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Logo Software Inc. Logo Cloud allows Cross-Site Scripting (XSS). This issue affects Logo Cloud: before 1.18.
CVE-2025-0610 1 Akinsoft 1 Qr Menu 2026-06-06 8.6 High
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request Forgery. This issue affects QR Menü: from s1.05.06 before v1.05.12.
CVE-2025-0616 1 Teknolojik Center 1 Netsis Panel 2026-06-06 8.2 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel allows SQL Injection. This issue affects B2B - Netsis Panel: through 20251003. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.