Search

Search Results (363915 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52875 1 Jetbrains 1 Teamcity 2025-06-27 5.4 Medium
In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
CVE-2025-52878 1 Jetbrains 1 Teamcity 2025-06-27 4.3 Medium
In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions
CVE-2025-52877 1 Jetbrains 1 Teamcity 2025-06-27 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVE-2025-52879 1 Jetbrains 1 Teamcity 2025-06-27 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
CVE-2023-47298 1 Ncr 1 Terminal Handler 2025-06-27 4.3 Medium
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.
CVE-2023-47297 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.
CVE-2023-47031 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component.
CVE-2023-47030 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.
CVE-2023-47032 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function.
CVE-2023-47295 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
CVE-2025-50349 1 Phpgurukul 1 Pre-school Enrollment System 2025-06-27 7.5 High
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
CVE-2025-53166 2025-06-27 N/A
Not used
CVE-2025-53165 2025-06-27 N/A
Not used
CVE-2025-53164 2025-06-27 N/A
Not used
CVE-2025-53163 2025-06-27 N/A
Not used
CVE-2025-53162 2025-06-27 N/A
Not used
CVE-2025-53161 2025-06-27 N/A
Not used
CVE-2025-53160 2025-06-27 N/A
Not used
CVE-2025-53159 2025-06-27 N/A
Not used
CVE-2025-53158 2025-06-27 N/A
Not used