Search
Search Results (364156 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47055 | 1 Adobe | 2 Adobe Experience Manager, Experience Manager | 2025-06-24 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
| CVE-2025-5975 | 1 Phpgurukul | 1 Rail Pass Management System | 2025-06-24 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-47021 | 1 Adobe | 2 Adobe Experience Manager, Experience Manager | 2025-06-24 | 5.4 Medium |
| Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | ||||
| CVE-2025-52979 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52978 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52977 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52976 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52975 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52974 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52973 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52972 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2025-52971 | 2025-06-24 | N/A | ||
| Not used | ||||
| CVE-2024-28715 | 1 Html-js | 1 Doracms | 2025-06-24 | 8.8 High |
| Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint. | ||||
| CVE-2024-41712 | 1 Mitel | 1 Micollab | 2025-06-24 | 6.6 Medium |
| A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system within the context of the user. | ||||
| CVE-2024-41714 | 1 Mitel | 3 Micollab, Mivoice Business Solution Virtual Instance, Mivoice Business Solutions Virtual Instance | 2025-06-24 | 8.8 High |
| A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges within the context of the system. | ||||
| CVE-2024-47224 | 1 Mitel | 1 Micollab | 2025-06-24 | 6.5 Medium |
| A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A successful exploit could allow an attacker to perform a phishing attack. | ||||
| CVE-2024-31029 | 2 Keith-cullen, Keithcullen | 2 Freecoap, Freecoap | 2025-06-24 | 8.2 High |
| An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets. | ||||
| CVE-2024-40494 | 2 Keith-cullen, Keithcullen | 2 Freecoap, Freecoap | 2025-06-24 | 9.8 Critical |
| Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet. | ||||
| CVE-2024-46478 | 1 Htmldoc Project | 1 Htmldoc | 2025-06-24 | 9.8 Critical |
| HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. | ||||
| CVE-2024-40113 | 1 Sitecom | 2 Wlx-2006, Wlx-2006 Firmware | 2025-06-24 | 6.5 Medium |
| Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials. | ||||