Export limit exceeded: 366043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366043 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-47768 2025-05-10 N/A
Not used
CVE-2025-47767 2025-05-10 N/A
Not used
CVE-2025-47766 2025-05-10 N/A
Not used
CVE-2025-47765 2025-05-10 N/A
Not used
CVE-2025-47764 2025-05-10 N/A
Not used
CVE-2025-47763 2025-05-10 N/A
Not used
CVE-2025-47762 2025-05-10 N/A
Not used
CVE-2022-42983 1 Anji-plus 1 Aj-report 2025-05-10 8.8 High
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
CVE-2022-42980 1 Go-admin 1 Go-admin 2025-05-10 9.8 Critical
go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key.
CVE-2022-42975 1 Phoenixframework 1 Phoenix 2025-05-10 7.5 High
socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.
CVE-2022-42237 1 Merchandise Online Store Project 1 Merchandise Online Store 2025-05-10 9.8 Critical
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.
CVE-2022-42114 1 Liferay 2 Dxp, Liferay Portal 2025-05-10 5.4 Medium
A Cross-site scripting (XSS) vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 through 7.4.3.36, and Liferay DXP 7.4 before update 37 allows remote attackers to inject arbitrary web script or HTML.
CVE-2022-42113 1 Liferay 2 Dxp, Liferay Portal 2025-05-10 6.1 Medium
A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the `redirect` parameter.
CVE-2022-41547 1 Opensecurity 1 Mobile Security Framework 2025-05-10 7.5 High
Mobile Security Framework (MobSF) v0.9.2 and below was discovered to contain a local file inclusion (LFI) vulnerability in the StaticAnalyzer/views.py script. This vulnerability allows attackers to read arbitrary files via a crafted HTTP request.
CVE-2022-3368 1 Avira 1 Avira Security 2025-05-10 7.3 High
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed an attacker with write access to the filesystem, to escalate his privileges in certain scenarios. The issue was fixed with Avira Security version 1.1.72.30556.
CVE-2022-2052 1 Trumpf 5 Job Order Interface, Oseon, Trutops Boost and 2 more 2025-05-10 9.8 Critical
Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary may use these accounts to remotely gain full access to the system.
CVE-2022-3281 1 Wago 156 750-8100, 750-8100 Firmware, 750-8101 and 153 more 2025-05-10 7.5 High
WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter.
CVE-2022-39052 1 Otrs 1 Otrs 2025-05-10 7.5 High
An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system
CVE-2022-3501 1 Otrs 1 Otrs 2025-05-10 3.5 Low
Article template contents with sensitive data could be accessed from agents without permissions.
CVE-2022-22235 1 Juniper 29 Junos, Srx100, Srx110 and 26 more 2025-05-10 5.9 Medium
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue cannot be directly exploited. The issue will only be observed when endpoint address validation is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.