Export limit exceeded: 364918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364918 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53011 1 Linuxfoundation 1 Materialx 2025-08-20 7.5 High
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses MaterialX by sending a malicious MTLX file. This is fixed in version 1.39.3.
CVE-2025-54117 1 Namelessmc 1 Nameless 2025-08-20 9.1 Critical
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4.
CVE-2025-54421 1 Namelessmc 1 Nameless 2025-08-20 7.2 High
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4.
CVE-2025-54118 1 Namelessmc 1 Nameless 2025-08-20 5.3 Medium
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is fixed in 2.2.4.
CVE-2024-43058 1 Qualcomm 12 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 9 more 2025-08-20 7.8 High
Memory corruption while processing IOCTL calls.
CVE-2025-30034 1 Siemens 1 Simatic Rtls Locating Manager 2025-08-20 6.2 Medium
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition.
CVE-2025-40746 1 Siemens 1 Simatic Rtls Locating Manager 2025-08-20 9.1 Critical
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.
CVE-2025-40751 1 Siemens 1 Simatic Rtls Locating Manager 2025-08-20 6.3 Medium
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.
CVE-2025-40770 1 Siemens 1 Sinec Traffic Analyzer 2025-08-20 7.4 High
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.
CVE-2025-27031 1 Qualcomm 43 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 40 more 2025-08-20 7.8 High
memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed.
CVE-2025-27029 1 Qualcomm 134 Fastconnect 7800, Fastconnect 7800 Firmware, Immersive Home 3210 Platform and 131 more 2025-08-20 7.5 High
Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.
CVE-2024-53019 1 Qualcomm 162 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 159 more 2025-08-20 8.2 High
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources.
CVE-2024-53018 1 Qualcomm 38 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 35 more 2025-08-20 6.6 Medium
Memory corruption may occur while processing the OIS packet parser.
CVE-2024-53017 1 Qualcomm 8 Sdm429w, Sdm429w Firmware, Snapdragon 429 Mobile Platform and 5 more 2025-08-20 6.6 Medium
Memory corruption while handling test pattern generator IOCTL command.
CVE-2025-7949 2 Publiccms, Sanluan 2 Publiccms, Publiccms 2025-08-20 3.5 Low
A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. The manipulation of the argument url leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named c1e79f124e3f4c458315d908ed7dee06f9f12a76/f1af17af004ca9345c6fe4d5936d87d008d26e75. It is recommended to apply a patch to fix this issue.
CVE-2024-53016 1 Qualcomm 69 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 66 more 2025-08-20 6.6 Medium
Memory corruption while processing I2C settings in Camera driver.
CVE-2024-53013 1 Qualcomm 120 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 117 more 2025-08-20 6.6 Medium
Memory corruption may occur while processing voice call registration with user.
CVE-2025-7953 2 Publiccms, Sanluan 2 Publiccms, Publiccms 2025-08-20 3.5 Low
A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS up to 5.202506.a. This issue affects some unknown processing of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. The manipulation of the argument File leads to open redirect. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named f1af17af004ca9345c6fe4d5936d87d008d26e75. It is recommended to apply a patch to fix this issue.
CVE-2025-8019 2 Shenzhen Libituo Technology, Szlbt 3 Lbt-t300-t310, Lbt-t300-t310, Lbt-t300-t310 Firmware 2025-08-20 8.8 High
A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 2.2.3.6. It has been rated as critical. Affected by this issue is the function sub_40B6F0 of the file at/appy.cgi. The manipulation of the argument wan_proto leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-46198 1 Getgrav 1 Grav 2025-08-20 8.8 High
Cross Site Scripting vulnerability in grav v.1.7.48, v.1.7.47 and v.1.7.46 allows an attacker to execute arbitrary code via the onerror attribute of the img element