Export limit exceeded: 364353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364353 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-9257 1 Uniong 1 Webitr 2025-11-06 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9258 1 Uniong 1 Webitr 2025-11-06 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-9259 1 Uniong 1 Webitr 2025-11-06 6.5 Medium
WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-24808 1 Discourse 1 Discourse 2025-11-06 4.3 Medium
Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, someone who is about to reach the limit of users in a group DM may send requests to add new users in parallel. The requests might all go through ignoring the limit due to a race condition. The patch in versions `3.3.4` and `3.4.0.beta5` uses the `lock` step in service to wrap part of the `add_users_to_channel` service inside a distributed lock/mutex in order to avoid the race condition.
CVE-2025-22130 2 Charm, Charmbracelet 2 Soft Serve, Soft-serve 2025-11-06 8.8 High
Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without explicitly giving them permissions. This is patched in v0.8.2.
CVE-2025-47781 1 Rallly 1 Rallly 2025-11-06 9.8 Critical
Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based authentication. When a user attempts to login to the application, they insert their email and a 6 digit code is sent to their email address to complete the authentication. A token that consists of 6 digits only presents weak entropy however and when coupled with no token brute force protection, makes it possible for an unauthenticated attacker with knowledge of a valid email address to successfully brute force the token within 15 minutes (token expiration time) and take over the account associated with the targeted email address. All users on the Rallly applications are impacted. As long as an attacker knows the user's email address they used to register on the app, they can systematically take over any user account. For the authentication mechanism to be safe, the token would need to be assigned a complex high entropy value that cannot be bruteforced within reasonable time, and ideally rate limiting the /api/auth/callback/email endpoint to further make brute force attempts unreasonable within the 15 minutes time. As of time of publication, no patched versions are available.
CVE-2025-53012 1 Linuxfoundation 1 Materialx 2025-11-06 7.5 High
MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsing file imports, recursion is used to process nested files; however, there is no limit imposed to the depth of files that can be parsed by the library. By building a sufficiently deep chain of MaterialX files one referencing the next, it is possible to crash the process using the MaterialX library via stack exhaustion. This is fixed in version 1.39.3.
CVE-2024-35114 1 Ibm 1 Control Center 2025-11-06 5.3 Medium
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to enumerate usernames due to an observable discrepancy between login attempts.
CVE-2024-35111 1 Ibm 1 Control Center 2025-11-06 4.3 Medium
IBM Control Center 6.2.1 and 6.3.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.
CVE-2023-52292 1 Ibm 1 Sterling File Gateway 2025-11-06 6.4 Medium
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVE-2020-36790 1 Linux 1 Linux Kernel 2025-11-06 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a memory leak We forgot to free new_model_number
CVE-2024-0690 2 Fedoraproject, Redhat 8 Fedora, Ansible, Ansible Automation Platform and 5 more 2025-11-06 5 Medium
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.
CVE-2022-49768 1 Linux 1 Linux Kernel 2025-11-06 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: 9p: trans_fd/p9_conn_cancel: drop client lock earlier syzbot reported a double-lock here and we no longer need this lock after requests have been moved off to local list: just drop the lock earlier.
CVE-2023-7250 2 Es, Redhat 5 Iperf3, Enterprise Linux, Enterprise Linux For Arm 64 and 2 more 2025-11-06 5.3 Medium
A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service.
CVE-2022-49770 1 Linux 1 Linux Kernel 2025-11-06 7.8 High
In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'first_realm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random use-after-free, BUG_ON, etc issues.
CVE-2023-7008 3 Debian, Redhat, Systemd Project 4 Debian Linux, Cryostat, Enterprise Linux and 1 more 2025-11-06 5.9 Medium
A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.
CVE-2023-6536 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-11-06 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6535 2 Linux, Redhat 19 Linux Kernel, Codeready Linux Builder Eus, Codeready Linux Builder Eus For Power Little Endian Eus and 16 more 2025-11-06 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
CVE-2023-6356 3 Debian, Linux, Redhat 20 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 17 more 2025-11-06 6.5 Medium
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.
CVE-2023-5992 2 Opensc Project, Redhat 11 Opensc, Enterprise Linux, Enterprise Linux Eus and 8 more 2025-11-06 5.6 Medium
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.