Export limit exceeded: 23568 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366908 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-53855 1 Nofusscomputing 1 Centurion Erp 2025-09-23 1.9 Low
Centurion ERP (Enterprise Rescource Planning) is a simple application developed to provide open source IT management with a large emphasis on the IT Service Management (ITSM) modules. A user who is authenticated and has view permissions for a ticket, can view the tickets of another organization they are not apart of. Users with following permissions are applicable: 1. `view_ticket_change` permission can view change tickets from organizations they are not apart of. 2. `view_ticket_incident` permission can view incident tickets from organizations they are not apart of. 3. `view_ticket_request` permission can view request tickets from organizations they are not apart of. 4. `view_ticket_problem` permission can view problem tickets from organizations they are not apart of. The access to view the tickets from different organizations is only applicable when browsing the API endpoints for the tickets in question. The Centurion UI is not affected. Project Tasks, although a "ticket type" are also **Not** affected. This issue has been addressed in release version 1.3.1 and users are advised to upgrade. Users unable to upgrade may remove the ticket view permissions from users which would alleviate this vulnerability, if this is deemed not-viable, Upgrading is recommended.
CVE-2024-53564 2 Coalescent Systems, Sangoma 2 Freepbx, Freepbx 2025-09-23 2.2 Low
A vulnerability was discovered in FreePBX 17.0.19.17. It does not verify the type of uploaded (valid FreePBX module) files, allowing high-privilege administrators to insert unwanted files. NOTE: the Supplier's position is that there is no risk beyond what high-privilege administrators are intentionally allowed to do.
CVE-2024-10933 1 Openbsd 1 Openbsd 2025-09-23 5 Medium
In OpenBSD 7.5 before errata 009 and OpenBSD 7.4 before errata 022, exclude any '/' in readdir name validation to avoid unexpected directory traversal on untrusted file systems.
CVE-2024-11148 1 Openbsd 1 Openbsd 2025-09-23 7.5 High
In OpenBSD 7.4 before errata 006 and OpenBSD 7.3 before errata 020, httpd(8) is vulnerable to a NULL dereference when handling a malformed fastcgi request.
CVE-2024-37045 1 Qnap 2 Qts, Quts Hero 2025-09-23 4.9 Medium
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-37044 1 Qnap 2 Qts, Quts Hero 2025-09-23 7.2 High
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-37043 1 Qnap 2 Qts, Quts Hero 2025-09-23 4.9 Medium
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-37042 1 Qnap 2 Qts, Quts Hero 2025-09-23 4.9 Medium
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-37041 1 Qnap 2 Qts, Quts Hero 2025-09-23 7.2 High
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later
CVE-2024-11149 1 Openbsd 1 Openbsd 2025-09-23 7.9 High
In OpenBSD 7.4 before errata 014, vmm(4) did not restore GDTR limits properly on Intel (VMX) CPUs.
CVE-2025-59885 2025-09-23 N/A
Not used
CVE-2025-59884 2025-09-23 N/A
Not used
CVE-2025-59883 2025-09-23 N/A
Not used
CVE-2025-59882 2025-09-23 N/A
Not used
CVE-2025-59881 2025-09-23 N/A
Not used
CVE-2025-59880 2025-09-23 N/A
Not used
CVE-2025-59879 2025-09-23 N/A
Not used
CVE-2025-59878 2025-09-23 N/A
Not used
CVE-2025-59877 2025-09-23 N/A
Not used
CVE-2025-59876 2025-09-23 N/A
Not used