Export limit exceeded: 366859 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366859 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-40602 1 Sonicwall 10 Sma1000, Sma6200, Sma6200 Firmware and 7 more 2025-12-19 6.6 Medium
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console (AMC).
CVE-2025-10226 3 Axxonsoft, Linux, Microsoft 4 Axxon One, Linux, Linux Kernel and 1 more 2025-12-19 9.8 Critical
Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs present in PostgreSQL v10.x, which are resolved in PostgreSQL 17.4.
CVE-2025-10227 3 Axxonsoft, Linux, Microsoft 4 Axxon One, Linux, Linux Kernel and 1 more 2025-12-19 4.6 Medium
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.
CVE-2025-36035 1 Ibm 24 Power9 System Firmware, Power System E1050 \(9043-mrx\), Power System E1080 \(9080-hex\) and 21 more 2025-12-19 6.7 Medium
IBM PowerVM Hypervisor FW950.00 through FW950.E0, FW1050.00 through FW1050.50, and FW1060.00 through FW1060.40 could allow a local privileged user to cause a denial of service by issuing a specially crafted IBM i hypervisor call that would disclose memory contents or consume excessive memory resources.
CVE-2025-35436 1 Cisa 1 Thorium 2025-12-19 5.3 Medium
CISA Thorium uses '.unwrap()' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27.
CVE-2025-35041 2 Airship.ai, Airship Ai 2 Acropolis, Acropolis 2025-12-19 7.5 High
Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9.
CVE-2025-35042 2 Airship.ai, Airship Ai 2 Acropolis, Acropolis 2025-12-19 9.8 Critical
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.21, and 11.1.9.
CVE-2025-68491 2025-12-19 N/A
Not used
CVE-2025-68490 2025-12-19 N/A
Not used
CVE-2025-68489 2025-12-19 N/A
Not used
CVE-2025-68488 2025-12-19 N/A
Not used
CVE-2025-68487 2025-12-19 N/A
Not used
CVE-2025-68486 2025-12-19 N/A
Not used
CVE-2025-68485 2025-12-19 N/A
Not used
CVE-2025-68484 2025-12-19 N/A
Not used
CVE-2025-68483 2025-12-19 N/A
Not used
CVE-2019-3863 5 Debian, Libssh2, Netapp and 2 more 15 Debian Linux, Libssh2, Ontap Select Deploy Administration Utility and 12 more 2025-12-19 N/A
A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error.
CVE-2023-38913 1 Anirbandutta9 1 News-buzz 2025-12-18 5.3 Medium
SQL injection vulnerability in anirbandutta9 NEWS-BUZZ v.1.0 allows a remote attacker to execute arbitrary code via a crafted script.
CVE-2023-36338 1 Inventory Management System Project 1 Inventory Management System 2025-12-18 5.3 Medium
Inventory Management System 1 was discovered to contain a SQL injection vulnerability.
CVE-2025-55310 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-12-18 7.3 High
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts.