Export limit exceeded: 364197 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364197 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-12653 1 Myadrenalin 1 Adrenalin 2026-03-02 N/A
A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via 'ReportId' parameter.
CVE-2018-12652 1 Myadrenalin 1 Adrenalin 2026-03-02 N/A
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.
CVE-2024-9397 2 Mozilla, Redhat 9 Firefox, Firefox Esr, Thunderbird and 6 more 2026-03-02 6.1 Medium
A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2023-5870 2 Postgresql, Redhat 22 Postgresql, Advanced Cluster Security, Codeready Linux Builder Eus and 19 more 2026-03-02 2.2 Low
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.
CVE-2025-3572 1 Intumit 1 Smartrobot 2026-03-02 7.5 High
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.
CVE-2018-12651 1 Myadrenalin 1 Human Resource Management Software 2026-03-02 N/A
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the ShiftEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter.
CVE-2018-12650 1 Myadrenalin 1 Human Resource Management Software 2026-03-02 N/A
Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'.
CVE-2018-12234 1 Myadrenalin 1 Adrenalin 2026-03-02 N/A
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.
CVE-2024-12652 1 Intumit 1 Smartrobot 2026-03-02 8.8 High
A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to perform arbitrary system commands via Groovy code.
CVE-2025-48023 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 6.5 Medium
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2025-48020 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 6.5 Medium
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2025-48019 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 6.5 Medium
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2025-48022 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 6.5 Medium
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2025-48021 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 6.5 Medium
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2025-1924 2 Yokogawa, Yokogawa Electric Corporation 3 Centum Vp, Vnet\/ip Interface Package, Vnet/ip Interface Package 2026-03-02 8.2 High
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receive maliciously crafted packets, a DoS attack may cause Vnet/IP communication functions to stop or arbitrary programs to be executed. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2019-25347 1 Kostasmitroglou 2 Password Management Application, Thesystem 2026-03-02 7.5 High
thesystem App 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the username parameter. Attackers can inject malicious SQL code like ' or '1=1 to the username field to gain unauthorized access to user accounts.
CVE-2019-25346 1 Kostasmitroglou 2 Password Management Application, Thesystem 2026-03-02 7.5 High
TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to bypass authentication by manipulating the 'server_name' parameter. Attackers can inject malicious SQL code like ' or '1=1 to retrieve unauthorized database records and potentially access sensitive system information.
CVE-2019-25298 1 Lolypop55 1 Html5 Snmp 2026-03-02 9.1 Critical
html5_snmp 1.11 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through Router_ID and Router_IP parameters. Attackers can exploit error-based, time-based, and union-based injection techniques to potentially extract or modify database information by sending crafted payloads.
CVE-2019-25294 1 Lolypop55 1 Html5 Snmp 2026-03-02 6.1 Medium
html5_snmp 1.11 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through the 'Remark' parameter in add_router_operation.php. Attackers can craft a POST request with a script payload in the Remark field to execute arbitrary JavaScript in victim browsers when the page is loaded.
CVE-2025-14577 1 Slican 19 Ipl, Ipl-256.3u, Ipl-256.wm and 16 more 2026-03-02 9.8 Critical
Slican NCP/IPL/IPM/IPU devices are vulnerable to PHP Function Injection. An unauthenticated remote attacker is able to execute arbitrary PHP commands by sending specially crafted requests to /webcti/session_ajax.php endpoint. This issue was fixed in version 1.24.0190 (Slican NCP) and 6.61.0010 (Slican IPL/IPM/IPU).