Export limit exceeded: 366291 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366291 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-61145 1 Libtiff 1 Libtiff 2026-02-25 5.5 Medium
libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.
CVE-2025-61144 1 Libtiff 1 Libtiff 2026-02-25 9.8 Critical
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.
CVE-2025-61143 1 Libtiff 1 Libtiff 2026-02-25 5.5 Medium
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.
CVE-2022-31595 1 Sap 1 Adaptive Server Enterprise 2026-02-25 8.8 High
SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
CVE-2022-2845 2 Fedoraproject, Vim 2 Fedora, Vim 2026-02-25 7.8 High
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
CVE-2022-2824 1 Open-emr 1 Openemr 2026-02-25 8.8 High
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2820 1 Namelessmc 1 Nameless 2026-02-25 7 High
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2.
CVE-2022-2818 1 Agentejo 1 Cockpit 2026-02-25 9.8 Critical
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2.
CVE-2022-2732 1 Open-emr 1 Openemr 2026-02-25 8.3 High
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1.
CVE-2022-2637 1 Hitachi 1 Storage Plug-in 2026-02-25 5.4 Medium
Incorrect Privilege Assignment vulnerability in Hitachi Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation.This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.8.0 before 04.9.0.
CVE-2022-2636 1 Hestiacp 1 Control Panel 2026-02-25 8.5 High
Improper Control of Generation of Code ('Code Injection') in GitHub repository hestiacp/hestiacp prior to 1.6.6.
CVE-2022-2598 2 Debian, Vim 2 Debian Linux, Vim 2026-02-25 6.5 Medium
Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100.
CVE-2022-2596 1 Node-fetch Project 1 Node-fetch 2026-02-25 5.9 Medium
Inefficient Regular Expression Complexity in GitHub repository node-fetch/node-fetch prior to 3.2.10.
CVE-2022-2368 1 Microweber 1 Microweber 2026-02-25 6.5 Medium
Authentication Bypass by Spoofing in GitHub repository microweber/microweber prior to 1.2.20.
CVE-2022-2054 1 Nuitka 1 Nuitka 2026-02-25 8.4 High
Code Injection in GitHub repository nuitka/nuitka prior to 0.9.
CVE-2022-28773 1 Sap 2 Netweaver, Web Dispatcher 2026-02-25 7.5 High
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
CVE-2022-28771 1 Sap 1 Business One License Service Api 2026-02-25 7.5 High
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated attacker to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
CVE-2023-38010 1 Ibm 2 Cloud Pak System, Os Image For Red Hat Linux Systems 2026-02-25 5.3 Medium
IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system.
CVE-2023-30754 1 Wpfoxly 1 Adfoxly 2026-02-25 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions.
CVE-2023-38017 1 Ibm 2 Cloud Pak System, Os Image For Red Hat Linux Systems 2026-02-25 5.3 Medium
IBM Cloud Pak System is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.