Export limit exceeded: 365444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 365444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365444 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-6430 1 Opensolution 2 Quick.cart, Quick Cms 2026-03-16 N/A
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
CVE-2025-54758 2026-03-16 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. Notes: none.
CVE-2025-53815 2026-03-16 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. Notes: none.
CVE-2025-53517 2026-03-16 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2025. Notes: none.
CVE-2026-2326 2026-03-16 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2026-27264 1 Adobe 1 Adobe Experience Manager 2026-03-16 N/A
This CVE ID was issued in error by its CVE Numbering Authority.
CVE-2026-27263 1 Adobe 1 Adobe Experience Manager 2026-03-16 N/A
This CVE ID was issued in error by its CVE Numbering Authority.
CVE-2026-27261 1 Adobe 1 Adobe Experience Manager 2026-03-16 N/A
This CVE ID was issued in error by its CVE Numbering Authority.
CVE-2026-27260 1 Adobe 1 Adobe Experience Manager 2026-03-16 N/A
This CVE ID was issued in error by its CVE Numbering Authority.
CVE-2026-27259 1 Adobe 1 Adobe Experience Manager 2026-03-16 N/A
This CVE ID was issued in error by its CVE Numbering Authority.
CVE-2025-36064 1 Ibm 1 Sterling Connect\ 2026-03-13 5.9 Medium
IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
CVE-2024-39745 3 Ibm, Linux, Microsoft 5 Aix, Sterling Connect\, Sterling Connect Direct Web Services and 2 more 2026-03-13 5.9 Medium
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVE-2024-39744 3 Ibm, Linux, Microsoft 5 Aix, Sterling Connect\, Sterling Connect Direct Web Services and 2 more 2026-03-13 4.3 Medium
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2023-29385 1 Kevonadonis 1 Wp Abstracts 2026-03-13 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions.
CVE-2023-36517 1 Kevonadonis 1 Wp Abstracts 2026-03-13 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions.
CVE-2024-6539 1 Jrecms 1 Springbootcms 2026-03-13 3.5 Low
A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function of the file /guestbook of the component Guestbook Handler. The manipulation of the argument Content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270450 is the identifier assigned to this vulnerability.
CVE-2023-25164 1 Ssw 1 Tinacms\/cli 2026-03-13 8.6 High
Tinacms is a Git-backed headless content management system with support for visual editing. Sites being built with @tinacms/cli >= 1.0.0 && < 1.0.9 which store sensitive values in the process.env variable are impacted. These values will be added in plaintext to the index.js file. If you're on a version prior to 1.0.0 this vulnerability does not affect you. If you are affected and your Tina-enabled website has sensitive credentials stored as environment variables (eg. Algolia API keys) you should rotate those keys immediately. This issue has been patched in @tinacms/cli@1.0.9. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2025-70046 1 Miazzy 2 Oa-font-service, Oa Front Service 2026-03-13 9.8 Critical
An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master.
CVE-2025-70047 2 Nexus, Nexusoft 2 Nexusinterface, Nexusinterface 2026-03-13 7.5 High
An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2.
CVE-2025-70048 2 Nexus, Nexusoft 2 Nexusinterface, Nexusinterface 2026-03-13 7.5 High
An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2.