Export limit exceeded: 364353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364353 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-58578 1 Sick 1 Enterprise Analytics 2026-01-27 3.8 Low
A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation.
CVE-2025-58579 1 Sick 5 Baggage Analytics, Enterprise Analytics, Logistic Diagnostic Analytics and 2 more 2026-01-27 5.3 Medium
Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.
CVE-2025-56091 1 Ruijie 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more 2026-01-27 8.8 High
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.
CVE-2025-58580 1 Sick 1 Enterprise Analytics 2026-01-27 6.5 Medium
An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient validation of the input data, an attacker can create manipulated log entries and thus falsify or dilute logs, for example.
CVE-2023-23442 1 Honor 1 Magicos 2026-01-27 4.6 Medium
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak.
CVE-2023-23435 1 Honor 1 Magicos 2026-01-27 4 Medium
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
CVE-2023-23428 1 Honor 1 Magicos 2026-01-27 3.3 Low
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
CVE-2025-56097 1 Ruijie 4 Rg-ew1800gx Pro, Rg-ew1800gx Pro Firmware, Rg-ew300n and 1 more 2026-01-27 8.8 High
OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua.
CVE-2023-23436 1 Honor 1 Magicos 2026-01-27 7.3 High
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file
CVE-2023-23429 1 Honor 1 Magicos 2026-01-27 4 Medium
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
CVE-2023-23427 1 Honor 1 Magicos 2026-01-27 4 Medium
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions.
CVE-2025-56102 1 Ruijie 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more 2026-01-27 8.8 High
OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua.
CVE-2024-25218 1 Code-projects 1 Task Manager 2026-01-27 4.6 Medium
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Project Name parameter /TaskManager/Projects.php.
CVE-2024-25220 1 Code-projects 1 Task Manager 2026-01-27 9.8 Critical
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php.
CVE-2024-25222 2 Code-projects, Task Manager In Php With Source Code Project 2 Task Manager, Task Manager In Php With Source Code 2026-01-27 9.8 Critical
Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php.
CVE-2024-25219 2 Code-projects, Task Manager App 2 Task Manager, Task Manager App 2026-01-27 6.1 Medium
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Task Name parameter /TaskManager/Task.php.
CVE-2024-25221 1 Code-projects 1 Task Manager 2026-01-27 6.1 Medium
A cross-site scripting (XSS) vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php.
CVE-2023-31594 1 Icrealtime 2 Icip-p2012t, Icip-p2012t Firmware 2026-01-27 7.5 High
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network.
CVE-2023-31595 1 Icrealtime 2 Icip-p2012t, Icip-p2012t Firmware 2026-01-27 7.5 High
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access.
CVE-2025-58581 1 Sick 1 Enterprise Analytics 2026-01-27 4.3 Medium
When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application.