Export limit exceeded: 26282 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363821 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-14932 2 Nsf Unidata, Unidata 2 Netcdf-c, Netcdf 2026-01-13 N/A
NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of time units. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-27273.
CVE-2025-62864 1 Amperecomputing 27 Ampereone, Ampereone A128-34x, Ampereone A128-34x Firmware and 24 more 2026-01-13 9.8 Critical
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context.
CVE-2025-62863 1 Amperecomputing 27 Ampereone, Ampereone A128-34x, Ampereone A128-34x Firmware and 24 more 2026-01-13 9.8 Critical
Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result in an out-of-bounds write within PCIe driver’s S-EL0 address space.
CVE-2025-30669 1 Zoom 7 Meeting Software Development Kit, Workplace, Workplace App and 4 more 2026-01-13 4.8 Medium
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
CVE-2025-62482 2 Microsoft, Zoom 6 Windows, Meeting Software Development Kit, Workplace and 3 more 2026-01-13 4.3 Medium
Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access.
CVE-2025-62483 1 Zoom 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more 2026-01-13 5.3 Medium
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-64738 2 Apple, Zoom 6 Macos, Meeting Software Development Kit, Workplace and 3 more 2026-01-13 5 Medium
External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access.
CVE-2025-64739 1 Zoom 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more 2026-01-13 4.3 Medium
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-15394 2 Icmsdev, Idreamsoft 2 Icms, Icms 2026-01-13 4.7 Medium
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-28867 1 Apple 1 Swift Prometheus 2026-01-13 5.9 Medium
Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies _un-sanitized string values into metric names or labels_, an attacker could make use of this and send a `?lang` query parameter containing newlines, `}` or similar characters which can lead to the attacker taking over the exported format -- including creating unbounded numbers of stored metrics, inflating server memory usage, or causing "bogus" metrics. This vulnerability is fixed in2.0.0-alpha.2.
CVE-2021-24977 1 Dineshkarki 1 Use Any Font 2026-01-13 6.1 Medium
The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation and escaping in the backend, it could also lead to Stored XSS issues
CVE-2025-32457 1 Onsemi 36 Qcs-ax2-a12, Qcs-ax2-a12 Firmware, Qcs-ax2-s5 and 33 more 2026-01-13 7.7 High
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the get_file_from_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
CVE-2025-32456 1 Onsemi 36 Qcs-ax2-a12, Qcs-ax2-a12 Firmware, Qcs-ax2-s5 and 33 more 2026-01-13 7.7 High
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the put_file_to_qtn argument), that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
CVE-2025-32455 1 Onsemi 36 Qcs-ax2-a12, Qcs-ax2-a12 Firmware, Qcs-ax2-s5 and 33 more 2026-01-13 7.7 High
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd argument), that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')," and is estimated as a CVSS 7.7 (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
CVE-2025-3461 1 Onsemi 36 Qcs-ax2-a12, Qcs-ax2-a12 Firmware, Qcs-ax2-s5 and 33 more 2026-01-13 9.1 Critical
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an instance of CWE-306, "Missing Authentication for Critical Function," and is estimated as a CVSS 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N). This issue affects Quantenna Wi-Fi chipset through version 8.0.0.28 of the latest SDK, and appears to be unpatched at the time of this CVE record's first publishing, though the vendor has released a best practices guide for implementors of this chipset.
CVE-2025-36573 1 Dell 4 Pro Smart Dock Sd25, Pro Smart Dock Sd25 Firmware, Pro Thunderbolt 4 Smart Dock Sd25tb4 and 1 more 2026-01-13 7.1 High
Dell Smart Dock Firmware, versions prior to 01.00.08.01, contain an Insertion of Sensitive Information into Log File vulnerability. A user with local access could potentially exploit this vulnerability, leading to Information disclosure.
CVE-2025-52560 1 Kanboard 1 Kanboard 2026-01-13 8.1 High
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the application_url configuration is unset (default behavior). This allows an attacker to craft a malicious password reset link that leaks the token to an attacker-controlled domain. If a victim (including an administrator) clicks the poisoned link, their account can be taken over. This affects all users who initiate a password reset while application_url is not set. This issue has been patched in version 1.2.46.
CVE-2023-3852 1 Openrapid 1 Rapidcms 2026-01-13 4.7 Medium
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/upload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-235204.
CVE-2025-7622 1 Axis 2 Camera Station, Camera Station Pro 2026-01-13 5.7 Medium
During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.
CVE-2025-7616 1 Gmg137 1 Snap7-rs 2026-01-13 5.5 Medium
A vulnerability, which was classified as critical, has been found in gmg137 snap7-rs up to 1.142.1. Affected by this issue is the function pthread_cond_destroy of the component Public API. The manipulation leads to memory corruption. The exploit has been disclosed to the public and may be used.