Search

Search Results (363341 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-36353 1 Ibm 1 Db2 2026-02-05 6.2 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic.
CVE-2025-36123 1 Ibm 1 Db2 2026-02-05 6.2 Medium
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow a local user to cause a denial of service when copying large table containing XML data due to improper allocation of system resources.
CVE-2025-36098 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper allocation of resources.
CVE-2025-36070 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables.
CVE-2025-36001 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service using a specially crafted SQL statement including XML that performs uncontrolled recursion.
CVE-2025-2668 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 is vulnerable to a denial of service as the server may crash when an authenticated user creates a specially crafted query.
CVE-2025-36387 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5.0 - 11.5.9 could allow an authenticated user to cause a denial of service when given specially crafted query.
CVE-2025-36366 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service by executing a query that invokes the JSON_Object scalar function, which may trigger an unhandled exception leading to abnormal server termination.
CVE-2025-71063 1 Mrvladus 1 Errands 2026-02-05 8.2 High
Errands before 46.2.10 does not verify TLS certificates for CalDAV servers.
CVE-2025-36423 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic.
CVE-2025-36428 1 Ibm 1 Db2 2026-02-05 5.3 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled.
CVE-2025-36442 1 Ibm 1 Db2 2026-02-05 6.5 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query with XML columns.
CVE-2026-25630 2026-02-05 N/A
Reason: This candidate was issued in error.
CVE-2025-62840 2 Qnap, Qnap Systems Inc. 2 Hybrid Backup Sync, Hbs 3 Hybrid Backup Sync 2026-02-05 3.3 Low
A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later
CVE-2025-62842 2 Qnap, Qnap Systems Inc. 2 Hybrid Backup Sync, Hbs 3 Hybrid Backup Sync 2026-02-05 7.8 High
An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read or modify files or directories. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later
CVE-2025-20908 1 Samsung 1 Android 2026-02-05 6.5 Medium
Use of insufficiently random values in Auracast prior to SMR Mar-2025 Release 1 allows adjacent attackers to access Auracast broadcasting.
CVE-2024-10930 1 Carrier 1 Block Load 2026-02-05 7.8 High
An Uncontrolled Search Path Element vulnerability exists which could allow a malicious actor to perform DLL hijacking and execute arbitrary code with escalated privileges.
CVE-2025-13225 1 Tanium 1 Tanos 2026-02-05 5.6 Medium
Tanium addressed an arbitrary file deletion vulnerability in TanOS.
CVE-2025-41024 2 Nikhil-bhalerao, Poultry Farm Management System Project 2 Poultry Farm Management System, Poultry Farm Management System 2026-02-05 5.4 Medium
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:  'companyaddress', 'companyemail', 'companyname', 'country', 'mobilenumber' y 'regno' parameters in '/farm/farmprofile.php'.
CVE-2025-41025 2 Nikhil-bhalerao, Poultry Farm Management System Project 2 Poultry Farm Management System, Poultry Farm Management System 2026-02-05 5.4 Medium
Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1.0 due to the lack of proper validation of user input by sending a POST request. The relationship between parameters and assigned identifiers is as follows:   'category' y 'product' parameters in '/farm/sell_product.php'.