Export limit exceeded: 366430 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366430 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52877 1 Jetbrains 1 Teamcity 2025-06-27 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible
CVE-2025-52879 1 Jetbrains 1 Teamcity 2025-06-27 4.8 Medium
In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible
CVE-2023-47298 1 Ncr 1 Terminal Handler 2025-06-27 4.3 Medium
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses.
CVE-2023-47297 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations.
CVE-2023-47031 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to escalate privileges via a crafted POST request to the grantRolesToUsers, grantRolesToGroups, and grantRolesToOrganization SOAP API component.
CVE-2023-47030 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a GET request to a UserService SOAP API endpoint to validate if a user exists.
CVE-2023-47032 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
Password Vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code via a crafted script to the UserService SOAP API function.
CVE-2023-47295 1 Ncr 1 Terminal Handler 2025-06-27 9.8 Critical
A CSV injection vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands via injecting a crafted payload into any text field that accepts strings.
CVE-2025-50349 1 Phpgurukul 1 Pre-school Enrollment System 2025-06-27 7.5 High
PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.
CVE-2025-53166 2025-06-27 N/A
Not used
CVE-2025-53165 2025-06-27 N/A
Not used
CVE-2025-53164 2025-06-27 N/A
Not used
CVE-2025-53163 2025-06-27 N/A
Not used
CVE-2025-53162 2025-06-27 N/A
Not used
CVE-2025-53161 2025-06-27 N/A
Not used
CVE-2025-53160 2025-06-27 N/A
Not used
CVE-2025-53159 2025-06-27 N/A
Not used
CVE-2025-53158 2025-06-27 N/A
Not used
CVE-2025-53157 2025-06-27 N/A
Not used
CVE-2012-1977 1 Wellintech 1 Kingview 2025-06-26 N/A
WellinTech KingSCADA 3.0 uses a cleartext base64 format for storage of passwords in user.db, which allows context-dependent attackers to obtain sensitive information by reading this file.