Export limit exceeded: 364863 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364863 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-26784 1 Microsoft 6 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 3 more 2025-12-09 6.5 Medium
Windows Cluster Shared Volume (CSV) Denial of Service Vulnerability
CVE-2025-14218 2 Code-projects, Fabian 2 Currency Exchange System, Currency Exchange System 2025-12-09 7.3 High
A security flaw has been discovered in code-projects Currency Exchange System 1.0. The affected element is an unknown function of the file /editotheraccount.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.
CVE-2025-14217 2 Code-projects, Fabian 2 Currency Exchange System, Currency Exchange System 2025-12-09 7.3 High
A vulnerability was identified in code-projects Currency Exchange System 1.0. Impacted is an unknown function of the file /edittrns.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used.
CVE-2022-48470 1 Huawei 1 Hilink Ai Life 2025-12-09 4 Medium
Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploitation of this vulnerability may allow attackers to access restricted functions.(Vulnerability ID:HWPSIRT-2022-42291) This vulnerability has been assigned a (CVE)ID:CVE-2022-48470
CVE-2025-14216 2 Code-projects, Fabian 2 Currency Exchange System, Currency Exchange System 2025-12-09 7.3 High
A vulnerability was determined in code-projects Currency Exchange System 1.0. This issue affects some unknown processing of the file /viewserial.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-14215 2 Code-projects, Fabian 2 Currency Exchange System, Currency Exchange System 2025-12-09 7.3 High
A vulnerability was found in code-projects Currency Exchange System 1.0. This vulnerability affects unknown code of the file /edit.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
CVE-2025-66322 1 Huawei 1 Harmonyos 2025-12-09 5.1 Medium
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-66321 1 Huawei 1 Harmonyos 2025-12-09 5.1 Medium
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-66320 1 Huawei 1 Harmonyos 2025-12-09 5.1 Medium
Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-14221 2 Oretnom23, Sourcecodester 2 Banking System, Online Banking System 2025-12-09 3.5 Low
A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.
CVE-2025-34351 1 Anyscale 1 Ray 2025-12-09 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. At the request of the MITRE TL-Root and following the CVE Program’s Dispute Policy, it has been determined that this assignment did not identify a valid vulnerability based on the vendor's product security model. Additionally, this assignment conflicts with an existing CVE (CVE-2023-48022).
CVE-2025-66551 1 Nextcloud 1 Tables 2025-12-09 6.3 Medium
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.6 and 0.9.3, a malicious user was able to create their own table and then move a column to a victims table. This vulnerability is fixed in 0.8.6 and 0.9.3.
CVE-2025-66513 1 Nextcloud 1 Tables 2025-12-09 4.3 Medium
Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.9, 0.9.6, and 1.0.1, the information which table (numeric ID) is shared with which groups or users and the respective permissions was not limited to privileged users. This vulnerability is fixed in 0.8.9, 0.9.6, and 1.0.1.
CVE-2025-66514 1 Nextcloud 1 Mail 2025-12-09 3.5 Low
Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Prior to 5.5.3, a stored HTML injection in the Mail app's message list allowed an authenticated user to inject HTML into the email subjects. Javascript was correctly blocked by the content security policy of the Nextcloud Server code.
CVE-2022-37057 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2025-12-09 9.8 Critical
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Command Injection via cgibin, ssdpcgi_main.
CVE-2022-37056 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2025-12-09 9.8 Critical
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command Injection via /cgibin, hnap_main,
CVE-2022-37055 1 Dlink 2 Go-rt-ac750, Go-rt-ac750 Firmware 2025-12-09 9.8 Critical
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,
CVE-2019-9082 3 Opensourcebms, Thinkphp, Zzzcms 3 Open Source Background Management System, Thinkphp, Zzzphp 2025-12-09 8.8 High
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.
CVE-2025-66545 1 Nextcloud 1 Group Folders 2025-12-09 3.5 Low
Nextcloud Groupfolders provides admin-configured folders shared by everyone in a group or team. Prior to 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2, a user with read-only permission can restore a file from the trash bin. This vulnerability is fixed in 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2.
CVE-2025-66548 1 Nextcloud 1 Deck 2025-12-09 3.3 Low
Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension than what is displayed. This vulnerability is fixed in 1.12.7, 1.14.4, and 1.15.1.