Export limit exceeded: 364428 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364428 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-25469 1 Ffmpeg 1 Ffmpeg 2026-01-29 6.5 Medium
FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c.
CVE-2025-1555 1 Hzmanyun 1 Education And Training System 2026-01-29 7.3 High
A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. This vulnerability affects the function saveImage. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-1618 1 Vtiger 2 Crm, Vtiger Crm 2026-01-29 4.3 Medium
A vulnerability has been found in vTiger CRM 6.4.0/6.5.0 and classified as problematic. This vulnerability affects unknown code of the file /modules/Mobile/index.php. The manipulation of the argument _operation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2025-1676 1 Hzmanyun 1 Education And Training System 2026-01-29 6.3 Medium
A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-25948 1 Academiaerp 1 Student Information System 2026-01-29 9.1 Critical
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.
CVE-2025-25949 1 Academiaerp 1 Student Information System 2026-01-29 5.4 Medium
A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the User ID parameter at /rest/staffResource/update.
CVE-2025-9914 1 Sick 4 Baggage Analytics, Logistic Diagnostic Analytics, Package Analytics and 1 more 2026-01-29 4.3 Medium
The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the confidentiality of the application.
CVE-2025-9913 1 Sick 4 Baggage Analytics, Logistic Diagnostic Analytics, Package Analytics and 1 more 2026-01-29 4.5 Medium
JavaScript can be ran inside the address bar via the dashboard "Open in new Tab" Button, making the application vulnerable to session hijacking.
CVE-2025-10213 2 Microsoft, Updf 2 Windows, Updf 2026-01-29 7.8 High
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a dxtn.dll file of their choice in the 'C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\' directory, which could lead to arbitrary code execution and persistence.
CVE-2025-59379 1 Dwyeromega 2 Isensix Advanced Remote Monitoring System, Isensix Advanced Remote Monitoring System Firmware 2026-01-29 7.5 High
DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from existing users (and admins) and use them to authenticate to the application.
CVE-2025-60262 1 H3c 6 Ba1500l, M102g, Magic Ba1500l and 3 more 2026-01-29 9.8 Critical
An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote attackers could gain root-level control over the devices.
CVE-2025-65212 1 Njhyst 2 Hy511, Hy511 Firmware 2026-01-29 9.8 Critical
An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerability stems from the device's insufficient cookie verification, allowing an attacker to directly request the configuration file address and download the core configuration file without logging into the device management backend. By reading the corresponding username and self-decrypted MD5 password in the core configuration file, the attacker can directly log in to the backend, thereby bypassing the front-end backend login page.
CVE-2025-60534 2 Blue Access, Blueaccesstech 2 Cobalt X1, Cobalt X1 2026-01-29 9.8 Critical
Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.
CVE-2025-15479 2 Data Illusion Zumbrunn, Ngsurvey 2 Ngsurvey, Ngsurvey 2026-01-29 5.4 Medium
Stored cross-site scripting (XSS, CWE-79) in the survey content and administration functionality in Data Illusion Zumbrunn NGSurvey Enterprise Edition 3.6.4 on all supported platforms ( on Windows and Linux servers ) allows authenticated remote users with survey creation or edit privileges to execute arbitrary JavaScript in other users’ browsers, steal session information and perform unauthorized actions on their behalf via crafted survey content that is rendered without proper output encoding.
CVE-2025-62327 2 Hcltech, Hcltechsw 2 Devops Deploy, Hcl Devops Deploy 2026-01-29 4.9 Medium
In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries.
CVE-2025-61489 1 Sonirico 1 Mcp-shell 2026-01-29 6.5 Medium
A command injection vulnerability in the shell_exec function of sonirico mcp-shell v0.3.1 allows attackers to execute arbitrary commands via supplying a crafted command string.
CVE-2025-65805 1 Openairinterface 2 Cn5g Amf, Oai-cn5g-amf 2026-01-29 7.5 High
OpenAirInterface CN5G AMF<=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF.
CVE-2025-66786 1 Openairinterface 2 Cn5g Amf, Oai-cn5g-amf 2026-01-29 7.5 High
OpenAirInterface CN5G AMF<=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send malicious JSON data to AMF's SBI interface to launch a denial-of-service attack.
CVE-2025-67364 1 Efforthye 1 Fast-filesystem-mcp 2026-01-29 7.5 High
fast-filesystem-mcp version 3.4.0 contains a critical path traversal vulnerability in its file operation tools including fast_read_file. This vulnerability arises from improper path validation that fails to resolve symbolic links to their actual physical paths. The safePath and isPathAllowed functions use path.resolve() which does not handle symlinks, allowing attackers to bypass directory access restrictions by creating symlinks within allowed directories that point to restricted system paths. When these symlinks are accessed through valid path references, the validation checks are circumvented, enabling access to unauthorized files.
CVE-2025-67366 1 Sylphx 1 Filesystem-mcp 2026-01-29 7.5 High
@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp contains a critical path traversal vulnerability in its "read_content" tool. This vulnerability arises from improper symlink handling in the path validation mechanism: the resolvePath function checks path validity before resolving symlinks, while fs.readFile resolves symlinks automatically during file access. This allows attackers to bypass directory restrictions by leveraging symlinks within the allowed directory that point to external files, enabling unauthorized access to files outside the intended operational scope.