Export limit exceeded: 23250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364396 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364396 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0635 | 1 M-files | 1 M-files Server | 2026-02-23 | 7.5 High |
| Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions. | ||||
| CVE-2025-0619 | 1 M-files | 1 M-files Server | 2026-02-23 | 4.9 Medium |
| Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords | ||||
| CVE-2024-9174 | 1 M-files | 1 Hubshare | 2026-02-23 | 5.4 Medium |
| Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI | ||||
| CVE-2024-6881 | 1 M-files | 1 Hubshare | 2026-02-23 | 5.4 Medium |
| Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session | ||||
| CVE-2024-6789 | 1 M-files | 1 M-files Server | 2026-02-23 | 6.5 Medium |
| A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authenticated user to read files | ||||
| CVE-2024-6124 | 1 M-files | 1 Hubshare | 2026-02-23 | 5.4 Medium |
| Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's browser session | ||||
| CVE-2024-5142 | 1 M-files | 1 Hubshare | 2026-02-23 | 5.4 Medium |
| Stored Cross-Site Scripting vulnerability in Social Module in M-Files Hubshare before version 5.0.6.0 allows authenticated attacker to run scripts in other users browser | ||||
| CVE-2024-4056 | 1 M-files | 1 M-files Server | 2026-02-23 | 7.5 High |
| Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 (excluding 24.2 LTS) allows unauthenticated user to consume computing resources. | ||||
| CVE-2024-10127 | 1 M-files | 2 M-files, M-files Server | 2026-02-23 | 9.8 Critical |
| Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration. | ||||
| CVE-2024-10126 | 1 M-files | 1 M-files Server | 2026-02-23 | 4.3 Medium |
| Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7) allows an authenticated user to read server local files of a limited set of filetypes via document preview. | ||||
| CVE-2024-0563 | 1 M-files | 1 M-files Server | 2026-02-23 | 4.3 Medium |
| Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users. | ||||
| CVE-2023-6912 | 1 M-files | 1 M-files Server | 2026-02-23 | 7.5 High |
| Lack of protection against brute force attacks in M-Files Server before 23.12.13205.0 allows an attacker unlimited authentication attempts, potentially compromising targeted M-Files user accounts by guessing passwords. | ||||
| CVE-2025-15572 | 2 Wasm3, Wasm3 Project | 2 Wasm3, Wasm3 | 2026-02-23 | 3.3 Low |
| A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no active maintainer at the moment. | ||||
| CVE-2025-15539 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.3 Medium |
| A vulnerability was determined in Open5GS up to 2.7.6. Impacted is the function sgwc_s11_handle_downlink_data_notification_ack of the file src/sgwc/s11-handler.c of the component sgwc. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Patch name: b4707272c1caf6a7d4dca905694ea55557a0545f. To fix this issue, it is recommended to deploy a patch. The issue report is flagged as already-fixed. | ||||
| CVE-2025-15537 | 1 Mapnik | 1 Mapnik | 2026-02-23 | 5.3 Medium |
| A security vulnerability has been detected in Mapnik up to 4.2.0. This issue affects the function mapnik::dbf_file::string_value of the file plugins/input/shape/dbfile.cpp. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15536 | 1 Byvoid | 2 Open Chinese Convert, Opencc | 2026-02-23 | 5.3 Medium |
| A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. Patch name: 345c9a50ab07018f1b4439776bad78a0d40778ec. To fix this issue, it is recommended to deploy a patch. | ||||
| CVE-2025-15534 | 1 Raylib | 1 Raylib | 2026-02-23 | 5.3 Medium |
| A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The identifier of the patch is 5a3391fdce046bc5473e52afbd835dd2dc127146. It is suggested to install a patch to address this issue. | ||||
| CVE-2025-15533 | 1 Raylib | 1 Raylib | 2026-02-23 | 5.3 Medium |
| A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. This patch is called 5a3391fdce046bc5473e52afbd835dd2dc127146. Applying a patch is advised to resolve this issue. | ||||
| CVE-2025-15531 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.3 Medium |
| A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed. | ||||
| CVE-2025-15530 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.3 Medium |
| A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The issue report is flagged as already-fixed. | ||||