Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364491 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26234 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer <= 7.5 is affected by a user mode write access violation at 0x00402d8a, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | ||||
| CVE-2021-26233 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer <= 7.5 is affected by a user mode write access violation near NULL at 0x005bdfcb, triggered when a user opens or views a malformed CUR file that is mishandled by FSViewer.exe. Attackers could exploit this issue for a Denial of Service (DoS) or possibly to achieve code execution. | ||||
| CVE-2021-26232 | 1 Simple College Website Project | 1 Simple College Website | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester Simple College Website v 1.0 allows remote attackers to execute arbitrary SQL statements via the id parameter to news.php. | ||||
| CVE-2021-26231 | 1 Fantastic Blog Cms Project | 1 Fantastic Blog Cms | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php. | ||||
| CVE-2021-26230 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php. | ||||
| CVE-2021-26229 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php. | ||||
| CVE-2021-26228 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php. | ||||
| CVE-2021-26227 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php. | ||||
| CVE-2021-26226 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_user.php. | ||||
| CVE-2021-26224 | 1 Fantastic Blog Project | 1 Fantastic Blog | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in SourceCodester Fantastic-Blog-CMS V 1.0 allows remote attackers to inject arbitrary web script or HTML via the search field to search.php. | ||||
| CVE-2021-26223 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_pay.php. | ||||
| CVE-2021-26222 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26221 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26220 | 1 Ezxml Project | 1 Ezxml | 2024-11-21 | 8.1 High |
| The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | ||||
| CVE-2021-26216 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 4.3 Medium |
| SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php. | ||||
| CVE-2021-26215 | 1 Seeddms | 1 Seeddms | 2024-11-21 | 4.3 Medium |
| SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php. | ||||
| CVE-2021-26201 | 1 Casap Automated Enrollment System Project | 1 Casap Automated Enrollment System | 2024-11-21 | 9.8 Critical |
| The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page. | ||||
| CVE-2021-26200 | 1 Library System Project | 1 Library System | 2024-11-21 | 9.8 Critical |
| The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user. | ||||
| CVE-2021-26199 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.5 Medium |
| An issue was discovered in JerryScript 2.4.0. There is a heap-use-after-free in ecma_bytecode_ref in ecma-helpers.c file. | ||||
| CVE-2021-26198 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.5 Medium |
| An issue was discovered in JerryScript 2.4.0. There is a SEVG in ecma_deref_bigint in ecma-helpers.c file. | ||||