Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363262 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-0900 1 Pdf-xchange 3 Pdf-tools, Pdf-xchange Editor, Pdf-xchange Pro 2025-07-07 N/A
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-25368.
CVE-2024-56494 3 Ibm, Linux, Microsoft 3 Entirex, Linux Kernel, Windows 2025-07-07 3.3 Low
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVE-2024-56495 3 Ibm, Linux, Microsoft 3 Entirex, Linux Kernel, Windows 2025-07-07 3.3 Low
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVE-2024-56496 3 Ibm, Linux, Microsoft 3 Entirex, Linux Kernel, Windows 2025-07-07 3.3 Low
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system.
CVE-2022-40847 1 Tenda 2 W15e, W15e Firmware 2025-07-07 7.8 High
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.
CVE-2022-40845 1 Tenda 2 W15e, W15e Firmware 2025-07-07 6.5 Medium
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure vulnerability. When combined with the improper authorization/improper session management vulnerability, an attacker with access to the router may be able to expose sensitive information which they're not explicitly authorized to have.
CVE-2022-40843 1 Tenda 2 W15e, W15e Firmware 2025-07-07 4.9 Medium
The Tenda AC1200 V-W15Ev2 V15.11.0.10(1576) router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password of the Administrator's user account.
CVE-2022-42053 1 Tenda 2 W15e, W15e Firmware 2025-07-07 7.8 High
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection vulnerability via the PortMappingServer parameter in the setPortMapping function.
CVE-2022-40846 1 Tenda 2 W15e, W15e Firmware 2025-07-07 4.8 Medium
In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) vulnerability exists allowing an attacker to execute JavaScript code via the applications stored hostname.
CVE-2025-25763 1 Crmeb 1 Crmeb 2025-07-07 9.8 Critical
crmeb CRMEB-KY v5.4.0 and before has a SQL Injection vulnerability at getRead() in /system/SystemDatabackupServices.php
CVE-2022-40844 1 Tenda 2 W15e, W15e Firmware 2025-07-07 5.4 Medium
In Tenda (Shenzhen Tenda Technology Co., Ltd) AC1200 Router model W15Ev2 V15.11.0.10(1576), a Stored Cross Site Scripting (XSS) issue exists allowing an attacker to execute JavaScript code via the applications website filtering tab, specifically the URL body.
CVE-2025-40733 1 Code-projects 1 Daily Expense Manager 2025-07-07 6.1 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the username parameter in /login.php.
CVE-2024-56518 1 Hazelcast 1 Management Center 2025-07-07 9.8 Critical
Hazelcast Management Center through 6.0 allows remote code execution via a JndiLoginModule user.provider.url in a hazelcast-client XML document (aka a client configuration file), which can be uploaded at the /cluster-connections URI.
CVE-2025-40734 1 Code-projects 1 Daily Expense Manager 2025-07-07 6.1 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Manager v1.0. This vulnerability allows an attacker to execute JavaScript code by sending a POST request through the password and confirm_password parameters in /register.php.
CVE-2025-25929 1 Openmrs 1 Openmrs 2025-07-07 5.4 Medium
A reflected cross-site scripting (XSS) vulnerability in the component /legacyui/quickReportServlet of Openmrs 2.4.3 Build 0ff0ed allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the reportType parameter.
CVE-2025-25680 1 Lsc 2 Ptz Dual Band Camera, Ptz Dual Band Camera Firmware 2025-07-07 7.7 High
LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera.
CVE-2019-0887 1 Microsoft 10 Remote Desktop Client, Windows 10, Windows 11 21h2 and 7 more 2025-07-07 8.0 High
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVE-2021-1669 1 Microsoft 14 Remote Desktop, Remote Desktop Client, Windows 10 and 11 more 2025-07-07 8.8 High
Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2021-34535 1 Microsoft 17 Remote Desktop Client, Windows 10, Windows 10 1507 and 14 more 2025-07-07 8.8 High
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2021-38665 1 Microsoft 21 Remote Desktop, Remote Desktop Client, Windows 10 and 18 more 2025-07-07 7.4 High
Remote Desktop Protocol Client Information Disclosure Vulnerability