Search

Search Results (366900 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-37041 1 Qnap 2 Qts, Quts Hero 2025-09-23 7.2 High
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-11149 1 Openbsd 1 Openbsd 2025-09-23 7.9 High
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
CVE-2025-59885 2025-09-23 N/A
Not used
CVE-2025-59884 2025-09-23 N/A
Not used
CVE-2025-59883 2025-09-23 N/A
Not used
CVE-2025-59882 2025-09-23 N/A
Not used
CVE-2025-59881 2025-09-23 N/A
Not used
CVE-2025-59880 2025-09-23 N/A
Not used
CVE-2025-59879 2025-09-23 N/A
Not used
CVE-2025-59878 2025-09-23 N/A
Not used
CVE-2025-59877 2025-09-23 N/A
Not used
CVE-2025-59876 2025-09-23 N/A
Not used
CVE-2025-59813 2025-09-23 N/A
Not used
CVE-2025-59812 2025-09-23 N/A
Not used
CVE-2025-59811 2025-09-23 N/A
Not used
CVE-2024-37404 1 Ivanti 2 Connect Secure, Policy Secure 2025-09-23 8.8 High
Improper Input Validation in the admin portal of Ivanti Connect Secure before 22.7R2.1 and 9.1R18.9, or Ivanti Policy Secure before 22.7R1.1 allows a remote authenticated attacker to achieve remote code execution.
CVE-2020-26308 2 Ansman, Validatejs 2 Validate.js, Validate.js 2025-09-23 7.5 High
Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.
CVE-2024-50354 1 Consensys 1 Gnark 2025-09-23 5.5 Medium
gnark is a fast zk-SNARK library that offers a high-level API to design circuits. In gnark 0.11.0 and earlier, deserialization of Groth16 verification keys allocate excessive memory, consuming a lot of resources and triggering a crash with the error fatal error: runtime: out of memory.
CVE-2024-48463 1 Usebruno 1 Bruno 2025-09-23 6.5 Medium
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for opening windows within the Markdown docs viewer.
CVE-2024-6238 1 Pgadmin 1 Pgadmin 4 2025-09-23 7.4 High
pgAdmin <= 8.8 has an installation Directory permission issue. Because of this issue, attackers can gain unauthorised access to the installation directory on the Debian or RHEL 8 platforms.