Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363775 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363775 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36072 | 1 Ibm | 1 Webmethods Integration | 2025-12-15 | 8.8 High |
| IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11.1 through 11.1_Core_Fix6 IBM webMethods Integration allow an authenticated user to execute arbitrary code on the system, caused by the deserialization of untrusted object graphs data. | ||||
| CVE-2025-64524 | 1 Openprinting | 2 Cups-filters, Libcupsfilters | 2025-12-15 | 3.3 Low |
| cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault when processing maliciously crafted input data. This issue can be exploited to trigger memory corruption, potentially leading to arbitrary code execution. This issue has been patched via commit 956283c. | ||||
| CVE-2025-9624 | 2 Amazon, Opensearch | 2 Opensearch, Opensearch | 2025-12-15 | 7.5 High |
| A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue affects all OpenSearch versions between 3.0.0 and < 3.3.0 and OpenSearch < 2.19.4. | ||||
| CVE-2025-65094 | 1 Wbce | 1 Wbce Cms | 2025-12-15 | 8.8 High |
| WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators group by manipulating the groups[] parameter in the /admin/users/save.php request. The UI restricts users to assigning only their existing group, but server-side validation is missing, allowing attackers to overwrite their group membership and obtain full administrative access. This results in a complete compromise of the CMS. This issue has been patched in version 1.6.4. | ||||
| CVE-2025-59693 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2025-12-15 | 9.8 Critical |
| The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing the JTAG connector. This is called F02. | ||||
| CVE-2025-59694 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2025-12-15 | 6.8 Medium |
| The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the (insecurely configured) appliance boot process. To exploit this, the attacker must modify the firmware via JTAG or perform an upgrade to the chassis management board firmware. This is called F03. | ||||
| CVE-2025-59695 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2025-12-15 | 9.8 Critical |
| Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board (without Authentication). This is called F04. | ||||
| CVE-2023-36690 | 1 Vibethemes | 1 Wordpress Learning Management System | 2025-12-15 | 8.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in VibeThemes WPLMS theme <= 4.900 versions. | ||||
| CVE-2025-67907 | 2025-12-15 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candidate is a reservation duplicate of CVE-2025-67906. Notes: All CVE users should reference CVE-2025-67906 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2025-13832 | 2025-12-13 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-67871 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67870 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67869 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67868 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67867 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67866 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67865 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67864 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-67863 | 2025-12-13 | N/A | ||
| Not used | ||||
| CVE-2025-14066 | 2025-12-12 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||