Export limit exceeded: 364939 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364939 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66597 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 7.5 High |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports weak cryptographic algorithms, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66596 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 6.1 Medium |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate request headers. When an attacker inserts an invalid host header, users could be redirected to malicious sites. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66595 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 5.4 Medium |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product is vulnerable to Cross-Site Request Forgery (CSRF). When a user accesses a link crafted by an attacker, the user’s account could be compromised. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66594 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 5.3 Medium |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Detailed messages are displayed on the error page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66608 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 7.5 High |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly validate URLs. An attacker could send specially crafted requests to steal files from the web server. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66607 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 5.3 Medium |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The response header contains an insecure setting. Users could be redirected to malicious sites by an attacker. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-66598 | 1 Yokogawa | 2 Fast/tools, Fast\/tools | 2026-03-06 | 7.5 High |
| A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product supports old SSL/TLS versions, potentially allowing an attacker to decrypt communications with the web server. The affected products and versions are as follows: FAST/TOOLS (Packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB) R9.01 to R10.04 | ||||
| CVE-2025-61645 | 2 Mediawiki, Wikimedia | 2 Mediawiki, Mediawiki | 2026-03-06 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. This issue affects MediaWiki: from * before 1.44.1. | ||||
| CVE-2022-37007 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2026-03-06 | 7.5 High |
| The chinadrm module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect the availability. | ||||
| CVE-2022-32148 | 2 Golang, Redhat | 19 Go, Acm, Application Interconnect and 16 more | 2026-03-06 | 6.5 Medium |
| Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. | ||||
| CVE-2022-30629 | 2 Golang, Redhat | 15 Go, Acm, Ceph Storage and 12 more | 2026-03-06 | 3.1 Low |
| Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. | ||||
| CVE-2022-2719 | 2 Fedoraproject, Imagemagick | 3 Extra Packages For Enterprise Linux, Fedora, Imagemagick | 2026-03-06 | 5.5 Medium |
| In ImageMagick, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denial of service. This was fixed in upstream ImageMagick version 7.1.0-30. | ||||
| CVE-2022-1962 | 2 Golang, Redhat | 16 Go, Acm, Application Interconnect and 13 more | 2026-03-06 | 5.5 Medium |
| Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations. | ||||
| CVE-2025-46108 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. | ||||
| CVE-2021-31869 | 1 Pimcore | 1 Pimcore | 2026-03-06 | 6.5 Medium |
| Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product. | ||||
| CVE-2020-24932 | 1 Razormist | 1 Complaint Management System | 2026-03-06 | 9.8 Critical |
| An SQL Injection vulnerability exists in Sourcecodester Complaint Management System 1.0 via the cid parameter in complaint-details.php. | ||||
| CVE-2022-42965 | 1 Snowflake | 1 Snowflake Connector | 2026-03-06 | 3.7 Low |
| An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method | ||||
| CVE-2023-2881 | 1 Pimcore | 1 Customer Management Framework | 2026-03-06 | 4.9 Medium |
| Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10. | ||||
| CVE-2023-4145 | 1 Pimcore | 2 Customer-data-framework, Customer Management Framework | 2026-03-06 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/customer-data-framework prior to 3.4.2. | ||||
| CVE-2023-41655 | 1 Heiglandreas | 1 Authldap | 2026-03-06 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Andreas Heigl authLdap plugin <= 2.5.9 versions. | ||||