Export limit exceeded: 364967 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364967 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-29479 2 Redhat, Ribose 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2025-11-21 5.3 Medium
Ribose RNP before 0.16.3 may hang when the input is malformed.
CVE-2023-22745 2 Redhat, Tpm2 Software Stack Project 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2025-11-21 6.4 Medium
tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to add a handler for higher-numbered layers or decode a response code with such a layer number reads/writes past the end of the buffer. This Buffer overrun, could result in arbitrary code execution. An example attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. Given the common use case of TPM modules an attacker must have local access to the target machine with local system privileges which allows access to the TPM system. Usually TPM access requires administrative privilege. Versions 4.1.0-rc0, 4.0.1, and 3.2.2-rc1 fix the issue.
CVE-2025-13449 1 Oretnom23 1 Online Shop Project 2025-11-21 7.3 High
A vulnerability was found in code-projects Online Shop Project 1.0. This issue affects some unknown processing of the file /login.php. The manipulation of the argument Password results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used.
CVE-2025-13450 1 Oretnom23 1 Online Shop Project 2025-11-21 3.5 Low
A vulnerability was determined in SourceCodester Online Shop Project 1.0. Impacted is an unknown function of the file /shop/register.php. This manipulation of the argument f_name causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2025-13451 1 Oretnom23 1 Online Shop Project 2025-11-21 7.3 High
A vulnerability was identified in SourceCodester Online Shop Project 1.0. The affected element is an unknown function of the file /action.php. Such manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
CVE-2025-13468 1 Oretnom23 1 Alumni Management System 2025-11-21 5.4 Medium
A weakness has been identified in SourceCodester Alumni Management System 1.0. This issue affects the function delete_forum/delete_career/delete_comment/delete_gallery/delete_event of the file admin/admin_class.php of the component Delete Handler. Executing manipulation of the argument ID can lead to missing authorization. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited.
CVE-2025-41074 1 Limesurvey 1 Limesurvey 2025-11-21 7.5 High
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service (DoS attack), by exhausting server or client resources. The system is unable to break the redirect loop, which can cause service degradation or browser instability.
CVE-2025-41075 1 Limesurvey 1 Limesurvey 2025-11-21 7.5 High
Vulnerability in LimeSurvey 6.13.0 in the endpoint /optin that causes infinite HTTP redirects when accessed directly. This behavior can be exploited to generate a Denegation of Service (DoS attack), by exhausting server or client resources. The system is unable to break the redirect loop, which can cause service degradation or browser instability.
CVE-2025-41076 1 Limesurvey 1 Limesurvey 2025-11-21 6.5 Medium
In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed session cookie. Instead of displaying a generic error message, the system exposes internal backend information, including the use of the Yii framework, the MySQL/MariaDB database engine, the table name 'lime_sessions', primary keys, and fragments of the content that caused the conflict. This information can simplify the collection of data about the internal architecture of the application by an attacker.
CVE-2025-36153 1 Ibm 1 Concert 2025-11-21 6.1 Medium
IBM Concert 1.0.0 through 2.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2025-36158 1 Ibm 1 Concert 2025-11-21 5.1 Medium
IBM Concert 1.0.0 through 2.0.0 could allow a local user with specific permission to obtain sensitive information from files due to uncontrolled recursive directory copying.
CVE-2025-36159 1 Ibm 1 Concert 2025-11-21 6.2 Medium
IBM Concert 1.0.0 through 2.0.0 could allow a local user to forge log files to impersonate other users or hide their identity due to improper neutralization of output.
CVE-2025-36160 1 Ibm 1 Concert 2025-11-21 5.3 Medium
IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response headers that could aid in further attacks against the system.
CVE-2025-34080 1 Contec 1 Conprosys Hmi System 2025-11-21 6.1 Medium
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
CVE-2025-34081 1 Contec 1 Conprosys Hmi System 2025-11-21 7.5 High
The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.
CVE-2025-43857 1 Ruby-lang 1 Net\ 2025-11-21 6.5 Medium
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a "literal" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5.
CVE-2025-41735 2 Metz-connect, Metz Connect 7 Ewio2-bm, Ewio2-bm Firmware, Ewio2-m and 4 more 2025-11-21 8.8 High
A low privileged remote attacker can upload any file to an arbitrary location due to missing file check resulting in remote code execution.
CVE-2025-41737 2 Metz-connect, Metz Connect 7 Ewio2-bm, Ewio2-bm Firmware, Ewio2-m and 4 more 2025-11-21 7.5 High
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source of php modules.
CVE-2025-41736 2 Metz-connect, Metz Connect 7 Ewio2-bm, Ewio2-bm Firmware, Ewio2-m and 4 more 2025-11-21 8.8 High
A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution.
CVE-2025-41734 2 Metz-connect, Metz Connect 7 Ewio2-bm, Ewio2-bm Firmware, Ewio2-m and 4 more 2025-11-21 9.8 Critical
An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices.