Search

Search Results (364158 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-2046 1 Mayurik 1 Best Employee Management System 2025-04-29 6.3 Medium
A vulnerability was found in SourceCodester Best Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/print1.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-25774 1 Open5gs 1 Open5gs 2025-04-29 6.5 Medium
An issue was discovered in Open5GS v2.7.2. When a UE switches between two gNBs and sends a handover request at a specific time, it may cause an exception in the AMF's internal state machine, leading to an AMF crash and resulting in a Denial of Service (DoS).
CVE-2021-34579 1 Phoenixcontact 1 Fl Mguard Dm 2025-04-29 7.5 High
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download and therefore read mGuard configuration profiles (“ATV profiles”). Such configuration profiles may contain sensitive information, e.g. private keys associated with IPsec VPN connections.
CVE-2022-42786 1 Wut 34 At-modem-emulator, At-modem-emulator Firmware, Com-server 20ma and 31 more 2025-04-29 5.4 Medium
Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage
CVE-2024-13884 1 Rivercitygraphix 1 Limit Bio 2025-04-29 7.1 High
The Limit Bio WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2022-41158 2 Eyoom, Linux 2 Eyoom Builder, Linux Kernel 2025-04-29 7.2 High
Remote code execution vulnerability can be achieved by using cookie values as paths to a file by this builder program. A remote attacker could exploit the vulnerability to execute or inject malicious code.
CVE-2022-34320 1 Ibm 1 Cics Tx 2025-04-29 5.9 Medium
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 229464.
CVE-2024-13885 1 Webtechglobal 1 Wp E-customers Beta 2025-04-29 7.1 High
The WP e-Customers Beta WordPress plugin through 0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
CVE-2022-40751 1 Ibm 1 Urbancode Deploy 2025-04-29 4.9 Medium
IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7.1.2.8, and 7.2.0.0 through 7.2.3.1 could allow a user with administrative privileges including "Manage Security" permissions may be able to recover a credential previously saved for performing authenticated LDAP searches.  IBM X-Force ID:   236601.
CVE-2024-13891 1 Scheduler 1 Schedule 2025-04-29 7.1 High
The Schedule WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2022-31606 2 Microsoft, Nvidia 7 Windows, Cloud Gaming Guest, Geforce and 4 more 2025-04-29 7.8 High
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering.
CVE-2022-31607 2 Linux, Nvidia 6 Linux Kernel, Cloud Gaming Guest, Geforce and 3 more 2025-04-29 7.8 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure.
CVE-2022-31610 2 Microsoft, Nvidia 7 Windows, Cloud Gaming Guest, Geforce and 4 more 2025-04-29 7.8 High
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
CVE-2025-1401 1 S-a 1 Wp Click Info 2025-04-29 7.1 High
The WP Click Info WordPress plugin through 2.7.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2022-31612 2 Microsoft, Nvidia 7 Windows, Cloud Gaming Guest, Geforce and 4 more 2025-04-29 7.1 High
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to a system crash or a leak of internal kernel information.
CVE-2022-31613 2 Microsoft, Nvidia 7 Windows, Cloud Gaming Guest, Geforce and 4 more 2025-04-29 7.1 High
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where any local user can cause a null-pointer dereference, which may lead to a kernel panic.
CVE-2022-31615 1 Nvidia 4 Geforce, Gpu Display Driver, Rtx and 1 more 2025-04-29 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-31616 2 Microsoft, Nvidia 7 Windows, Cloud Gaming Guest, Geforce and 4 more 2025-04-29 6.1 Medium
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a local user with basic capabilities can cause an out-of-bounds read, which may lead to denial of service, or information disclosure.
CVE-2025-29208 1 Codezips 1 Gym Management System 2025-04-29 6.5 Medium
CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php.
CVE-2025-30356 1 Nasa 1 Cryptolib 2025-04-29 9.8 Critical
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent unsafe calculations. As a result, an attacker can still craft malicious frames that cause a negative tf_payload_len, which is then interpreted as a large unsigned value, leading to a heap buffer overflow in a memcpy call.