Export limit exceeded: 366936 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366936 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-4216 | 2 Fedoraproject, Pgadmin | 2 Fedora, Pgadmin 4 | 2025-09-19 | 7.4 High |
| pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end. | ||||
| CVE-2024-34408 | 1 Tencent | 2 Libpag, Tencent | 2025-09-19 | 5.3 Medium |
| Tencent libpag through 4.3.51 has an integer overflow in DecodeStream::checkEndOfFile() in codec/utils/DecodeStream.cpp via a crafted PAG (Portable Animated Graphics) file. | ||||
| CVE-2024-0087 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | 9 Critical |
| NVIDIA Triton Inference Server for Linux contains a vulnerability where a user can set the logging location to an arbitrary file. If this file exists, logs are appended to the file. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-25153 | 1 Fortra | 2 Filecatalyst, Filecatalyst Workflow | 2025-09-19 | 9.8 Critical |
| A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. | ||||
| CVE-2024-0088 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | 5.5 Medium |
| NVIDIA Triton Inference Server for Linux contains a vulnerability in shared memory APIs, where a user can cause an improper memory access issue by a network API. A successful exploit of this vulnerability might lead to denial of service and data tampering. | ||||
| CVE-2025-10643 | 1 Wondershare | 1 Repairit | 2025-09-19 | N/A |
| Wondershare Repairit Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to a storage account token. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-26902. | ||||
| CVE-2025-10644 | 1 Wondershare | 1 Repairit | 2025-09-19 | N/A |
| Wondershare Repairit SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on Wondershare Repairit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to launch a supply-chain attack and execute arbitrary code on customers' endpoints. Was ZDI-CAN-26892. | ||||
| CVE-2024-0100 | 2 Linux, Nvidia | 2 Linux Kernel, Triton Inference Server | 2025-09-19 | 6.5 Medium |
| NVIDIA Triton Inference Server for Linux contains a vulnerability in the tracing API, where a user can corrupt system files. A successful exploit of this vulnerability might lead to denial of service and data tampering. | ||||
| CVE-2024-32022 | 1 Bmaltais | 1 Kohya Ss | 2025-09-19 | 9.1 Critical |
| Kohya_ss is a GUI for Kohya's Stable Diffusion trainers. Kohya_ss is vulnerable to command injection in basic_caption_gui.py. This vulnerability is fixed in 23.1.5. | ||||
| CVE-2024-3689 | 1 Zoneland | 1 O2oa | 2025-09-19 | 3.7 Low |
| A vulnerability classified as problematic has been found in Zhejiang Land Zongheng Network Technology O2OA up to 20240403. Affected is an unknown function of the file /x_portal_assemble_surface/jaxrs/portal/list?v=8.2.3-4-43f4fe3. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-260478 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-59678 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59677 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59676 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59675 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59674 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59673 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59672 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59671 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2025-59670 | 2025-09-19 | N/A | ||
| Not used | ||||
| CVE-2023-6943 | 1 Mitsubishielectric | 10 Ezsocket, Fr Configurator2, Got1000 and 7 more | 2025-09-19 | 9.8 Critical |
| Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 to 5.92, GT Designer3 Version1(GOT1000) versions 1.325P and prior, GT Designer3 Version1(GOT2000) versions 1.320J and prior, GX Works2 versions 1.11M to 1.626C, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E to 2.102G, MT Works2 versions 1.190Y and prior, MX Component versions 4.00A to 5.007H and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products. | ||||