Export limit exceeded: 366088 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366088 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-14256 2 Angeljudesuarez, Itsourcecode 2 Student Management System, Student Management System 2025-12-09 7.3 High
A vulnerability was detected in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /newcurriculm.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.
CVE-2025-14257 2 Angeljudesuarez, Itsourcecode 2 Student Management System, Student Management System 2025-12-09 7.3 High
A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /newrecord.php. Executing manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
CVE-2025-14258 2 Angeljudesuarez, Itsourcecode 2 Student Management System, Student Management System 2025-12-09 7.3 High
A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /newsubject.php. The manipulation of the argument sub leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-66330 1 Huawei 1 Harmonyos 2025-12-09 4.9 Medium
App lock verification bypass vulnerability in the file management app. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-66331 1 Huawei 1 Harmonyos 2025-12-09 3.3 Low
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-66334 1 Huawei 1 Harmonyos 2025-12-09 3.3 Low
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-66333 1 Huawei 1 Harmonyos 2025-12-09 3.3 Low
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-66332 1 Huawei 1 Harmonyos 2025-12-09 3.3 Low
Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-48606 1 Google 1 Android 2025-12-09 7.8 High
In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2023-5554 1 Linecorp 1 Line 2025-12-09 4.8 Medium
Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0.
CVE-2025-64081 1 Pamzey 1 Patients Waiting Area Queue Management System 2025-12-08 9.8 Critical
SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to execute arbitrary SQL commands via the appointmentID parameter.
CVE-2025-66399 1 Cacti 1 Cacti 2025-12-08 8.8 High
Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters (including newlines) that are accepted, stored verbatim in the database, and later embedded into backend SNMP operations. In environments where downstream SNMP tooling or wrappers interpret newline-separated tokens as command boundaries, this can lead to unintended command execution with the privileges of the Cacti process. This vulnerability is fixed in 1.2.29.
CVE-2025-54639 1 Huawei 1 Harmonyos 2025-12-08 5.5 Medium
ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.
CVE-2025-54612 1 Huawei 1 Harmonyos 2025-12-08 5.9 Medium
Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-54613 1 Huawei 1 Harmonyos 2025-12-08 5.9 Medium
Iterator failure vulnerability in the card management module. Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-54621 1 Huawei 1 Harmonyos 2025-12-08 5.3 Medium
Iterator failure issue in the WantAgent module. Impact: Successful exploitation of this vulnerability may cause memory release failures.
CVE-2025-54626 1 Huawei 1 Harmonyos 2025-12-08 4.4 Medium
Pointer dangling vulnerability in the cjwindow module. Impact: Successful exploitation of this vulnerability may affect function stability.
CVE-2025-48608 1 Google 1 Android 2025-12-08 5.5 Medium
In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-48569 1 Google 1 Android 2025-12-08 5.5 Medium
In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-13639 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2025-12-08 8.1 High
Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)