Search

Search Results (364862 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-21917 1 Rockwellautomation 1 Factorytalk Services Platform 2026-01-15 9.8 Critical
A vulnerability exists in Rockwell Automation FactoryTalk® Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory.  If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication.
CVE-2025-4531 1 Seeyon 1 Oa Web Application System 2026-01-15 6.3 Medium
A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template Handler. The manipulation of the argument payrollId leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-0324 1 Axis 2 Axis Os, Axis Os 2024 2026-01-15 9.4 Critical
The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
CVE-2025-0358 1 Axis 1 Axis Os 2026-01-15 8.8 High
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the VAPIX Device Configuration framework that allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.
CVE-2023-45832 1 Northernbeacheswebsites 1 Wp Gotowebinar 2026-01-15 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson WP GoToWebinar plugin <= 14.45 versions.
CVE-2024-50566 1 Fortinet 3 Fortimanager, Fortimanager Cloud, Fortimanagercloud 2026-01-15 7.2 High
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiManager Cloud 7.6.0 through 7.6.1, FortiManager Cloud 7.4.0 through 7.4.4, FortiManager Cloud 7.2.2 through 7.2.7, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5, FortiManager 7.2.1 through 7.2.8 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests.
CVE-2025-26507 1 Hp 403 115p9aw, 115q0aw, 17f27aw and 400 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2025-26506 1 Hp 190 499m6a, 499m6a Firmware, 499m7a and 187 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2025-26508 1 Hp 593 115p9aw, 115q0aw, 17f27aw and 590 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2024-1869 1 Hp 4 Cq891c, Cq891c Firmware, Cq893c and 1 more 2026-01-15 7.5 High
Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.
CVE-2024-27778 1 Fortinet 1 Fortisandbox 2026-01-15 8.3 High
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0.0 through 4.0.4, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0.5 through 3.0.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.
CVE-2026-23582 2026-01-15 N/A
Not used
CVE-2026-23581 2026-01-15 N/A
Not used
CVE-2026-23580 2026-01-15 N/A
Not used
CVE-2026-23579 2026-01-15 N/A
Not used
CVE-2026-23578 2026-01-15 N/A
Not used
CVE-2026-23577 2026-01-15 N/A
Not used
CVE-2026-23576 2026-01-15 N/A
Not used
CVE-2026-23575 2026-01-15 N/A
Not used
CVE-2026-23574 2026-01-15 N/A
Not used