Export limit exceeded: 364156 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364156 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-47055 1 Adobe 2 Adobe Experience Manager, Experience Manager 2025-06-24 5.4 Medium
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2025-5975 1 Phpgurukul 1 Rail Pass Management System 2025-06-24 4.3 Medium
A vulnerability, which was classified as problematic, was found in PHPGurukul Rail Pass Management System 1.0. This affects an unknown part of the file /rpms/download-pass.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-47021 1 Adobe 2 Adobe Experience Manager, Experience Manager 2025-06-24 5.4 Medium
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
CVE-2025-52979 2025-06-24 N/A
Not used
CVE-2025-52978 2025-06-24 N/A
Not used
CVE-2025-52977 2025-06-24 N/A
Not used
CVE-2025-52976 2025-06-24 N/A
Not used
CVE-2025-52975 2025-06-24 N/A
Not used
CVE-2025-52974 2025-06-24 N/A
Not used
CVE-2025-52973 2025-06-24 N/A
Not used
CVE-2025-52972 2025-06-24 N/A
Not used
CVE-2025-52971 2025-06-24 N/A
Not used
CVE-2024-28715 1 Html-js 1 Doracms 2025-06-24 8.8 High
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint.
CVE-2024-41712 1 Mitel 1 Micollab 2025-06-24 6.6 Medium
A vulnerability in the Web Conferencing Component of Mitel MiCollab through 9.8.1.5 could allow an authenticated attacker to conduct a command injection attack, due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary commands on the system within the context of the user.
CVE-2024-41714 1 Mitel 3 Micollab, Mivoice Business Solution Virtual Instance, Mivoice Business Solutions Virtual Instance 2025-06-24 8.8 High
A vulnerability in the Web Interface component of Mitel MiCollab through 9.8 SP1 (9.8.1.5) and MiVoice Business Solution Virtual Instance (MiVB SVI) through 1.0.0.27 could allow an authenticated attacker to conduct a command injection attack, due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges within the context of the system.
CVE-2024-47224 1 Mitel 1 Micollab 2025-06-24 6.5 Medium
A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A successful exploit could allow an attacker to perform a phishing attack.
CVE-2024-31029 2 Keith-cullen, Keithcullen 2 Freecoap, Freecoap 2025-06-24 8.2 High
An issue in the server_handle_regular function of the test_coap_server.c file within the FreeCoAP project allows remote attackers to cause a Denial of Service through specially crafted packets.
CVE-2024-40494 2 Keith-cullen, Keithcullen 2 Freecoap, Freecoap 2025-06-24 9.8 Critical
Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to execute arbitrary code or cause a denial of service (stack buffer overflow) via a crafted packet.
CVE-2024-46478 1 Htmldoc Project 1 Htmldoc 2025-06-24 9.8 Critical
HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681.
CVE-2024-40113 1 Sitecom 2 Wlx-2006, Wlx-2006 Firmware 2025-06-24 6.5 Medium
Sitecom WLX-2006 Wall Mount Range Extender N300 v.1.5 and before is vulnerable to Use of Default Credentials.