Export limit exceeded: 365269 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365269 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55741 | 1 Unopim | 1 Unopim | 2025-08-23 | 8.1 High |
| UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intended access controls by issuing requests to the mass-delete endpoint, allowing them to delete products without proper authorization. This vulnerability allows unauthorized product deletion, leading to potential data loss and business disruption. The issue is fixed in version 0.3.1. No known workarounds exist. | ||||
| CVE-2025-58043 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58042 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58041 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58040 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58039 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58038 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58037 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58036 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-58035 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-24469 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-24468 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-22864 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-22863 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-22861 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-22860 | 2025-08-23 | N/A | ||
| Not used | ||||
| CVE-2025-8193 | 2025-08-22 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2014-0758 | 1 Iconics | 1 Genesis32 | 2025-08-22 | N/A |
| An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document. | ||||
| CVE-2014-0757 | 1 3s-software | 1 Codesys Runtime Toolkit | 2025-08-22 | N/A |
| Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors. | ||||
| CVE-2014-0752 | 1 Ecava | 1 Integraxor | 2025-08-22 | N/A |
| The SCADA server in Ecava IntegraXor before 4.1.4369 allows remote attackers to read arbitrary project backup files via a crafted URL. | ||||