Search

Search Results (367102 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-61632 2025-09-30 N/A
Not used
CVE-2025-61631 2025-09-30 N/A
Not used
CVE-2025-61630 2025-09-30 N/A
Not used
CVE-2025-61629 2025-09-30 N/A
Not used
CVE-2025-61628 2025-09-30 N/A
Not used
CVE-2025-61627 2025-09-30 N/A
Not used
CVE-2025-61626 2025-09-30 N/A
Not used
CVE-2024-39950 1 Dahuasecurity 121 Ipc-hf8xxx Firmware, Ipc-hfs8449g-z7-led, Ipc-hfs8449g-z7-led Firmware and 118 more 2025-09-30 8.6 High
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities to initiate device initialization.
CVE-2024-39949 1 Dahuasecurity 115 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 112 more 2025-09-30 7.5 High
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
CVE-2024-39948 1 Dahuasecurity 115 Nvr4104-4ks2\/l, Nvr4104-4ks2\/l Firmware, Nvr4104-4ks3 and 112 more 2025-09-30 7.5 High
A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
CVE-2024-39944 1 Dahuasecurity 121 Ipc-hf8xxx Firmware, Ipc-hfs8449g-z7-led, Ipc-hfs8449g-z7-led Firmware and 118 more 2025-09-30 7.5 High
A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.
CVE-2024-34739 1 Google 1 Android 2025-09-29 7.8 High
In shouldRestrictOverlayActivities of UsbProfileGroupSettingsManager.java, there is a possible escape from SUW due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-26442 1 Google 1 Android 2025-09-29 5.5 Medium
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible incorrect verification of proper intent filters in NLS due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-40907 2 Fastcgi, Redhat 7 Fcgi, Enterprise Linux, Rhel Aus and 4 more 2025-09-29 5.3 Medium
FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library. The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.
CVE-2025-1828 1 Timlegge 1 Crypt\ 2025-09-29 8.8 High
Crypt::Random Perl package 1.05 through 1.55 may use rand() function, which is not cryptographically strong, for cryptographic functions. If the Provider is not specified and /dev/urandom or an Entropy Gathering Daemon (egd) service is not available Crypt::Random will default to use the insecure Crypt::Random::rand provider. In particular, Windows versions of perl will encounter this issue by default.
CVE-2024-58036 1 Norbu09 1 Net\ 2025-09-29 5.5 Medium
Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test programs". Data::Random uses the rand() function.
CVE-2024-43176 3 Ibm, Linux, Microsoft 4 Openpages, Openpages With Watson, Linux Kernel and 1 more 2025-09-29 5.4 Medium
IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users.
CVE-2024-3088 1 Phpgurukul 1 Emergency Ambulance Hiring Portal 2025-09-29 7.3 High
A vulnerability, which was classified as critical, was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. This affects an unknown part of the file /admin/forgot-password.php of the component Forgot Password Page. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258681 was assigned to this vulnerability.
CVE-2024-33542 1 Crelly Slider Project 1 Crelly Slider 2025-09-29 4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5.
CVE-2024-32085 1 Ait-themes 1 Citadela Listing 2025-09-29 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in AitThemes Citadela Listing.This issue affects Citadela Listing: from n/a before 5.20.0.