Search

Search Results (365367 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-29652 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2025-29651 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2025-29650 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2025-29649 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2025-29648 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2024-57050 2025-06-16 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11714. Reason: This candidate is a reservation duplicate of CVE-2018-11714. Notes: All CVE users should reference CVE-2018-11714 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2024-33781 2 Csiro, Data61 2 Multi-protocol Spdz, Mp-spdz 2025-06-16 7.5 High
MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function octetStream::get_bytes in /Tools/octetStream.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message.
CVE-2024-33782 2 Fundanmpc, Csiro 2 Mp-spdz, Multi-protocol Spdz 2025-06-16 7.5 High
MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function OTExtensionWithMatrix::extend in /OT/OTExtensionWithMatrix.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message.
CVE-2024-33783 2 Csiro, Data61 2 Multi-protocol Spdz, Mp-spdz 2025-06-16 6.5 Medium
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto::SilentMultiPprfReceiver::expand in /Tools/SilentPprf.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message.
CVE-2024-33780 2 Csiro, Data61 2 Multi-protocol Spdz, Mp-spdz 2025-06-16 6.5 Medium
MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via the function osuCrypto::copyOut at /Tools/SilentPprf.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message.
CVE-2025-30321 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 5.5 Medium
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-47104 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 5.5 Medium
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-47105 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 5.5 Medium
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-47106 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 5.5 Medium
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-37289 1 Trendmicro 1 Apex One 2025-06-16 7.8 High
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2025-3638 1 Moodle 1 Moodle 2025-06-16 8.8 High
A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery (CSRF) risk.
CVE-2024-36304 1 Trendmicro 1 Apex One 2025-06-16 7.8 High
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2025-29573 1 Jupo 1 Mezzanine 2025-06-16 6.1 Medium
Cross-Site Scripting (XSS) vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module.
CVE-2025-45607 1 Liaoxuefeng 1 Itranswarp 2025-06-16 9.8 Critical
An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request.
CVE-2024-23900 2 Jenkins, Redhat 2 Matrix Project, Ocp Tools 2025-06-16 4.3 Medium
Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.