Export limit exceeded: 363819 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363819 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68689 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68688 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-68687 | 2025-12-24 | N/A | ||
| Not used | ||||
| CVE-2025-47325 | 1 Qualcomm | 89 Csr8811, Csr8811 Firmware, Ipq8070 and 86 more | 2025-12-23 | 6.5 Medium |
| Information disclosure while processing system calls with invalid parameters. | ||||
| CVE-2025-47350 | 1 Qualcomm | 37 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 34 more | 2025-12-23 | 7.8 High |
| Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application. | ||||
| CVE-2025-47372 | 1 Qualcomm | 47 Qam8255p, Qam8255p Firmware, Qam8620p and 44 more | 2025-12-23 | 9 Critical |
| Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication. | ||||
| CVE-2024-23789 | 2 Sharp, Sharp Corporation | 5 Jh-rv11, Jh-rv11 Firmware, Jh-rvb1 and 2 more | 2025-12-23 | 8.8 High |
| Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command on the affected product. | ||||
| CVE-2025-59479 | 1 Inaba | 2 Ib-mct001, Ib-mct001 Firmware | 2025-12-23 | 6.1 Medium |
| CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper restriction of rendered UI layers or frames. If a user clicks on content on a malicious web page while logged into the product, unintended operations may be performed on the product. | ||||
| CVE-2025-66357 | 1 Inaba | 2 Ib-mct001, Ib-mct001 Firmware | 2025-12-23 | N/A |
| CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally. | ||||
| CVE-2025-61976 | 1 Inaba | 2 Ib-mct001, Ib-mct001 Firmware | 2025-12-23 | N/A |
| CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive. | ||||
| CVE-2025-66173 | 1 Hikvision | 4 Ds-7104hghi-f1, Ds-7104hghi-f1 Firmware, Ds-7204hghi-f1 and 1 more | 2025-12-23 | 6.2 Medium |
| There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment. | ||||
| CVE-2025-66174 | 1 Hikvision | 4 Ds-7104hghi-f1, Ds-7104hghi-f1 Firmware, Ds-7204hghi-f1 and 1 more | 2025-12-23 | 6.5 Medium |
| There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands. | ||||
| CVE-2025-14701 | 2 Arcadia Technology, Craftycontrol | 2 Crafty Controller, Crafty Controller | 2025-12-23 | 7.1 High |
| An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification. | ||||
| CVE-2025-14700 | 2 Arcadia Technology, Craftycontrol | 2 Crafty Controller, Crafty Controller | 2025-12-23 | 9.9 Critical |
| An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection. | ||||
| CVE-2025-67739 | 1 Jetbrains | 1 Teamcity | 2025-12-23 | 3.1 Low |
| In JetBrains TeamCity before 2025.11.2 improper repository URL validation could lead to local paths disclosure | ||||
| CVE-2025-68269 | 1 Jetbrains | 1 Intellij Idea | 2025-12-23 | 5.4 Medium |
| In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening of untrusted remote projects over SSH | ||||
| CVE-2025-11247 | 1 Gitlab | 1 Gitlab | 2025-12-23 | 4.3 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 13.2 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to disclose sensitive information from private projects by executing specifically crafted GraphQL queries. | ||||
| CVE-2025-14157 | 1 Gitlab | 1 Gitlab | 2025-12-23 | 6.5 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to cause a Denial of Service condition by sending crafted API calls with large content parameters. | ||||
| CVE-2025-13978 | 1 Gitlab | 1 Gitlab | 2025-12-23 | 4.3 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests. | ||||
| CVE-2025-12734 | 1 Gitlab | 1 Gitlab | 2025-12-23 | 3.5 Low |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to, under certain conditions, render content in dialogs to other users by injecting malicious HTML content into merge request titles. | ||||