Export limit exceeded: 365269 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365269 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-55741 1 Unopim 1 Unopim 2025-08-23 8.1 High
UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intended access controls by issuing requests to the mass-delete endpoint, allowing them to delete products without proper authorization. This vulnerability allows unauthorized product deletion, leading to potential data loss and business disruption. The issue is fixed in version 0.3.1. No known workarounds exist.
CVE-2025-58043 2025-08-23 N/A
Not used
CVE-2025-58042 2025-08-23 N/A
Not used
CVE-2025-58041 2025-08-23 N/A
Not used
CVE-2025-58040 2025-08-23 N/A
Not used
CVE-2025-58039 2025-08-23 N/A
Not used
CVE-2025-58038 2025-08-23 N/A
Not used
CVE-2025-58037 2025-08-23 N/A
Not used
CVE-2025-58036 2025-08-23 N/A
Not used
CVE-2025-58035 2025-08-23 N/A
Not used
CVE-2025-24469 2025-08-23 N/A
Not used
CVE-2025-24468 2025-08-23 N/A
Not used
CVE-2025-22864 2025-08-23 N/A
Not used
CVE-2025-22863 2025-08-23 N/A
Not used
CVE-2025-22861 2025-08-23 N/A
Not used
CVE-2025-22860 2025-08-23 N/A
Not used
CVE-2025-8193 2025-08-22 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2014-0758 1 Iconics 1 Genesis32 2025-08-22 N/A
An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document.
CVE-2014-0757 1 3s-software 1 Codesys Runtime Toolkit 2025-08-22 N/A
Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
CVE-2014-0752 1 Ecava 1 Integraxor 2025-08-22 N/A
The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL.