Export limit exceeded: 364862 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364862 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5033 | 1 Teacms Project | 1 Teacms | 2025-06-20 | 4.3 Medium |
| A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-51970 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | ||||
| CVE-2023-51969 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo. | ||||
| CVE-2023-51967 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo. | ||||
| CVE-2023-51966 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo. | ||||
| CVE-2023-51965 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo. | ||||
| CVE-2023-51963 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo. | ||||
| CVE-2023-51953 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | ||||
| CVE-2023-51952 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv. | ||||
| CVE-2023-51252 | 1 Publiccms | 1 Publiccms | 2025-06-20 | 5.4 Medium |
| PublicCMS 4.0 is vulnerable to Cross Site Scripting (XSS). Because files can be uploaded and online preview function is provided, pdf files and html files containing malicious code are uploaded, an XSS popup window is realized through online viewing. | ||||
| CVE-2023-51123 | 1 Dlink | 2 Dir-815, Dir-815 Firmware | 2025-06-20 | 9.8 Critical |
| An issue discovered in D-Link dir815 v.1.01SSb08.bin allows a remote attacker to execute arbitrary code via a crafted POST request to the service parameter in the soapcgi_main function of the cgibin binary component. | ||||
| CVE-2023-49237 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings. | ||||
| CVE-2023-49236 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci. | ||||
| CVE-2023-49235 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command. | ||||
| CVE-2023-48864 | 1 Sem-cms | 1 Semcms | 2025-06-20 | 7.5 High |
| SEMCMS v4.8 was discovered to contain a SQL injection vulnerability via the languageID parameter in /web_inc.php. | ||||
| CVE-2023-47993 | 1 Freeimage Project | 1 Freeimage | 2025-06-20 | 6.5 Medium |
| A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service. | ||||
| CVE-2023-42869 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-06-20 | 7.5 High |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5. Multiple issues in libxml2. | ||||
| CVE-2023-42862 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-20 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-42832 | 1 Apple | 1 Macos | 2025-06-20 | 7 High |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to gain root privileges. | ||||
| CVE-2023-40414 | 2 Apple, Redhat | 8 Ipados, Iphone Os, Macos and 5 more | 2025-06-20 | 9.8 Critical |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution. | ||||