Search

Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-53184 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53183 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2012-4687 1 Postoaktraffic 1 Awam Bluetooth Reader 2025-07-09 N/A
Post Oak AWAM Bluetooth Reader Traffic System does not use a sufficient source of entropy for private keys, which makes it easier for man-in-the-middle attackers to spoof a device by predicting a key value.
CVE-2025-53182 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53181 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53179 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-53180 1 Huawei 1 Harmonyos 2025-07-09 6.5 Medium
Null pointer dereference vulnerability in the PDF preview module Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2024-44905 1 Uptrace 1 Pg 2025-07-09 6.5 Medium
go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.
CVE-2023-48978 1 Ncr 1 Itm Web Terminal 2025-07-09 9.8 Critical
An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component.
CVE-2023-50450 1 Sensopart 2 Visor Vision Sensors, Visor Vision Sensors Firmware 2025-07-09 8.4 High
An issue was discovered in Sensopart VISOR Vision Sensors before 2.10.0.2 allows local users to perform unspecified actions with elevated privileges.
CVE-2025-6534 1 Xxyopen 1 Novel-plus 2025-07-09 4.2 Medium
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation leads to improper control of resource identifiers. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-6535 1 Xxyopen 1 Novel-plus 2025-07-09 6.3 Medium
A vulnerability has been found in xxyopen/201206030 novel-plus up to 5.1.3 and classified as critical. This vulnerability affects the function list of the file novel-admin/src/main/resources/mybatis/system/UserMapper.xml of the component User Management Module. The manipulation of the argument sort/order leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2021-41691 1 Os4ed 1 Opensis 2025-07-09 9.8 Critical
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "student_id" and "TRANSFER{SCHOOL]" parameters in POST request sent to /TransferredOutModal.php.
CVE-2025-44531 1 Realtek 2 Rtl8762e Software Development Kit, Rtl8762ekf-evb 2025-07-09 7.5 High
An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attackers to cause a Denial of Service (DoS) via sending a crafted before a pairing public key is received during a Bluetooth connection attempt.
CVE-2024-37743 1 Mmz-001 1 Knowledgegpt 2025-07-09 9.8 Critical
An issue in mmzdev KnowledgeGPT V.0.0.5 allows a remote attacker to execute arbitrary code via the Document Display Component.
CVE-2025-45332 1 Vkoskiv 1 C-ray 2025-07-09 7.5 High
vkoskiv c-ray 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the parse_mtllib function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
CVE-2025-45333 1 Berkeley-abc 1 Abc 2025-07-09 7.5 High
berkeley-abc abc 1.1 contains a Null Pointer Dereference (NPD) vulnerability in the Abc_NtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes.
CVE-2023-51574 1 Voltronicpower 1 Viewpower 2025-07-09 N/A
Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateManagerPassword method. The issue results from the exposure of a dangerous function. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22010.
CVE-2025-48923 1 Toc.js Project 1 Toc.js 2025-07-09 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Toc.Js allows Cross-Site Scripting (XSS).This issue affects Toc.Js: from 0.0.0 before 3.2.1.
CVE-2025-49003 1 Dataease 1 Dataease 2025-07-09 9.8 Critical
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor may take advantage of a feature in Java in which the character "ı" becomes "I" when converted to uppercase, and the character "ſ" becomes "S" when converted to uppercase. A threat actor who uses a carefully crafted message that exploits this character conversion can cause remote code execution. The vulnerability has been fixed in v2.10.11. No known workarounds are available.