Export limit exceeded: 363165 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363165 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-54173 1 Ibm 2 Mq, Mq Appliance 2025-07-03 4.7 Medium
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled.
CVE-2025-23225 1 Ibm 2 Mq, Mq Appliance 2025-07-03 6.5 Medium
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue.
CVE-2024-51471 1 Ibm 1 Mq Appliance 2025-07-03 5.3 Medium
IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow an authenticated user to cause a denial-of-service when trace is enabled due to information being written into memory outside of the intended buffer size.
CVE-2024-52898 3 Ibm, Linux, Microsoft 4 Linux On Ibm Z, Mq, Linux Kernel and 1 more 2025-07-03 6.2 Medium
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned.
CVE-2023-45177 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, I and 5 more 2025-07-03 5.3 Medium
IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
CVE-2024-10013 2 Progress, Progress Software 2 Telerik Ui For Winforms, Progress Telerik Ui For Wpf Versions 2025-07-03 7.8 High
In Progress Telerik UI for WinForms versions prior to 2024 Q4 (2024.4.1113), a code execution attack is possible through an insecure deserialization vulnerability.
CVE-2024-3892 1 Progress 1 Telerik Ui For Winforms 2025-07-03 7.2 High
A local code execution vulnerability is possible in Telerik UI for WinForms beginning in v2021.1.122 but prior to v2024.2.514. This vulnerability could allow an untrusted theme assembly to execute arbitrary code on the local Windows system.
CVE-2025-0332 1 Progress 1 Telerik Ui For Winforms 2025-07-03 7.8 High
In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 (2025.1.211), using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory.
CVE-2024-20363 1 Cisco 3 Firepower Threat Defense, Snort, Unified Threat Defense Snort Intrusion Prevention System Engine 2025-07-03 5.8 Medium
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.
CVE-2025-5526 1 Boonebgorges 1 Buddypress Docs 2025-07-03 4.3 Medium
The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user
CVE-2024-35545 1 Mapos 1 Map-os 2025-07-03 6.1 Medium
MAP-OS v4.45.0 and earlier was discovered to contain a cross-site scripting (XSS) vulnerability.
CVE-2024-36819 1 Mapos 1 Map-os 2025-07-03 5.4 Medium
MAP-OS 4.45.0 and earlier is vulnerable to Cross-Site Scripting (XSS). This vulnerability allows malicious users to insert a malicious payload into the "Client Name" input. When a service order from this client is created, the malicious payload is displayed on the administrator and employee dashboards, resulting in unauthorized script execution whenever the dashboard is loaded.
CVE-2024-3754 1 Mnbaa 1 Alemha Watermark 2025-07-03 4.7 Medium
The Alemha watermarker WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2025-52969 1 Clickhouse 1 Clickhouse 2025-07-03 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-29849 1 Veeam 2 Backup Enterprise Manager, Veeam Backup \& Replication 2025-07-03 N/A
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise manager web interface.
CVE-2024-29850 1 Veeam 2 Backup Enterprise Manager, Veeam Backup \& Replication 2025-07-03 N/A
Veeam Backup Enterprise Manager allows account takeover via NTLM relay.
CVE-2024-29851 1 Veeam 2 Backup Enterprise Manager, Veeam Backup \& Replication 2025-07-03 N/A
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account.
CVE-2024-30154 1 Hcltech 1 Hcl Sx 2025-07-03 5.3 Medium
HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2025-20170 1 Cisco 2 Ios, Ios Xe 2025-07-03 7.7 High
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
CVE-2025-20171 1 Cisco 2 Ios, Ios Xe 2025-07-03 7.7 High
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.