Export limit exceeded: 364910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364910 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364910 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24026 2026-01-21 N/A
Not used
CVE-2026-24025 2026-01-21 N/A
Not used
CVE-2026-24024 2026-01-21 N/A
Not used
CVE-2026-24023 2026-01-21 N/A
Not used
CVE-2026-24022 2026-01-21 N/A
Not used
CVE-2026-24021 2026-01-21 N/A
Not used
CVE-2026-24020 2026-01-21 N/A
Not used
CVE-2020-10188 7 Arista, Debian, Fedoraproject and 4 more 10 Eos, Debian Linux, Fedora and 7 more 2026-01-21 9.8 Critical
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
CVE-2023-23354 1 Qnap 4 Qts, Qulog Center, Quts Hero and 1 more 2026-01-20 7.3 High
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later
CVE-2023-23357 1 Qnap 4 Qts, Qulog Center, Quts Hero and 1 more 2026-01-20 4.8 Medium
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later
CVE-2025-55089 1 Eclipse 1 Threadx Filex 2026-01-20 9.8 Critical
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets
CVE-2025-8944 2 Oceanwp, Wordpress 3 Oceanwp, Oceanwp Plugin, Wordpress 2026-01-20 4.3 Medium
The OceanWP WordPress theme before 4.1.2 is vulnerable to an option update due to a missing capability check on one of its AJAX request handler, allowing any authenticated users, such as subscriber to update the darkMod` setting.
CVE-2025-44137 1 Maptiler 1 Tileserver Php 2026-01-20 8.2 High
MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web server. Affected GET parameters are "TileMatrix", "TileRow", "TileCol" and "Format"
CVE-2025-15236 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 4.3 Medium
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability.
CVE-2025-15237 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 4.3 Medium
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability.
CVE-2025-15235 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 6.5 Medium
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing authenticated remote attackers to modify specific network packet parameters, enabling certain system functions to access other users' files.
CVE-2025-15240 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 8.8 High
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVE-2025-15238 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 6.5 Medium
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-15239 2 Quanta Computer, Quantatw 2 Qoca Aim Ai Medical Cloud Platform, Qoca Aim 2026-01-20 6.5 Medium
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-10215 2 Microsoft, Updf 2 Windows, Updf 2026-01-20 7.8 High
DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a FREngine.dll file of their choice in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\' directory, which could lead to arbitrary code execution and persistence.