Export limit exceeded: 366284 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366284 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-6114 2 D-link, Dlink 3 Dir-619l, Dir-619l, Dir-619l Firmware 2025-06-20 8.8 High
A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. Affected by this vulnerability is the function form_portforwarding of the file /goform/form_portforwarding. The manipulation of the argument ingress_name_%d/sched_name_%d/name_%d leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-6113 1 Tenda 2 Fh1203, Fh1203 Firmware 2025-06-20 8.8 High
A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. Affected is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-6111 1 Tenda 2 Fh1205, Fh1205 Firmware 2025-06-20 8.8 High
A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-7804 1 Pytorch 1 Pytorch 2025-06-20 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-7773 1 Ollama 1 Ollama 2025-06-20 N/A
** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-45436. Notes: All CVE users should reference CVE-2024-45436 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2025-26468 1 Cyberdata 1 011209 Sip Emergency Intercom 2025-06-20 7.5 High
CyberData  011209 Intercom exposes features that could allow an unauthenticated to gain access and cause a denial-of-service condition or system disruption.
CVE-2025-48448 1 Admin Audit Trail Project 1 Admin Audit Trail 2025-06-20 6.5 Medium
Allocation of Resources Without Limits or Throttling vulnerability in Drupal Admin Audit Trail allows Excessive Allocation.This issue affects Admin Audit Trail: from 0.0.0 before 1.0.5.
CVE-2025-6005 1 Kicode111 1 Like-girl 2025-06-20 4.7 Medium
A vulnerability classified as critical was found in kiCode111 like-girl 5.2.0. This vulnerability affects unknown code of the file /admin/aboutPost.php. The manipulation of the argument title/aboutimg/info1/info2/info3/btn1/btn2/infox1/infox2/infox3/infox4/infox5/infox6/btnx2/infof1/infof2/infof3/infof4/btnf3/infod1/infod2/infod3/infod4/infod5 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-6006 1 Kicode111 1 Like-girl 2025-06-20 4.7 Medium
A vulnerability, which was classified as critical, has been found in kiCode111 like-girl 5.2.0. This issue affects some unknown processing of the file /admin/ImgUpdaPost.php. The manipulation of the argument id/imgText/imgDatd/imgUrl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-2901 1 Redhat 1 Jboss Enterprise Application Platform 2025-06-20 4.6 Medium
This vulnerability is redundant to CVE-2025-23366 and CVE-2024-10234.
CVE-2025-31676 1 Email Tfa Project 1 Email Tfa 2025-06-19 8.8 High
Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email TFA: from 0.0.0 before 2.0.3.
CVE-2023-25719 1 Connectwise 1 Control 2025-06-19 8.8 High
ConnectWise Control before 22.9.10032 (formerly known as ScreenConnect) fails to validate user-supplied parameters such as the Bin/ConnectWiseControl.Client.exe h parameter. This results in reflected data and injection of malicious code into a downloaded executable. The executable can be used to execute malicious queries or as a denial-of-service vector. NOTE: this CVE Record is only about the parameters, such as the h parameter (this CVE Record is not about the separate issue of signed executable files that are supposed to have unique configurations across customers' installations).
CVE-2023-25718 1 Connectwise 1 Control 2025-06-19 9.8 Critical
In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations.
CVE-2006-2192 2025-06-19 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-44955 2025-06-19 4.4 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-36022 1 Redhat 1 Enterprise Linux 2025-06-19 4.4 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2022-49299 2025-06-19 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2021-47144 2025-06-19 6.0 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-57920 2025-06-19 3.3 Low
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-56786 2025-06-19 4.4 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.