Export limit exceeded: 363296 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363296 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-40512 1 Openpetra 1 Openpetra 2025-04-23 7.3 High
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMReporting.asmx function.
CVE-2024-40506 1 Openpetra 1 Openpetra 2025-04-23 7.3 High
Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMHospitality.asmx function.
CVE-2025-3679 1 Pcman 1 Ftp Server 2025-04-23 7.3 High
A vulnerability, which was classified as critical, was found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component HOST Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2022-3591 1 Vim 1 Vim 2025-04-23 7.8 High
Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVE-2022-38754 1 Microfocus 2 Operations Bridge, Operations Bridge Manager 2025-04-23 8 High
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.
CVE-2022-43557 1 Bd 14 Bodyguard 121 Twins, Bodyguard 121 Twins Firmware, Bodyguard 323 Colorvision and 11 more 2025-04-23 5.3 Medium
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port interface. If exploited, threat actors with physical access, specialized equipment and knowledge may be able to configure or disable the pump. No electronic protected health information (ePHI), protected health information (PHI) or personally identifiable information (PII) is stored in the pump.
CVE-2022-39894 1 Google 1 Android 2025-04-23 4 Medium
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
CVE-2022-39895 1 Google 1 Android 2025-04-23 4 Medium
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
CVE-2022-39896 1 Google 1 Android 2025-04-23 4 Medium
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
CVE-2022-39897 1 Google 1 Android 2025-04-23 4.4 Medium
Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log.
CVE-2022-39898 1 Google 1 Android 2025-04-23 4 Medium
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
CVE-2022-39899 1 Google 1 Android 2025-04-23 5.7 Medium
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
CVE-2022-39900 1 Google 1 Android 2025-04-23 4.6 Medium
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
CVE-2022-39901 1 Samsung 2 Exynos, Exynos Firmware 2025-04-23 6.5 Medium
Improper authentication in Exynos baseband prior to SMR DEC-2022 Release 1 allows remote attacker to disable the network traffic encryption between UE and gNodeB.
CVE-2022-39904 1 Google 1 Android 2025-04-23 3.3 Low
Exposure of Sensitive Information vulnerability in Samsung Settings prior to SMR Dec-2022 Release 1 allows local attackers to access the Network Access Identifier via log.
CVE-2025-3163 1 Internlm 1 Lmdeploy 2025-04-23 5.3 Medium
A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been declared as critical. Affected by this vulnerability is the function Open of the file lmdeploy/docs/en/conf.py. The manipulation leads to code injection. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVE-2022-39905 1 Google 1 Android 2025-04-23 4 Medium
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
CVE-2025-43013 1 Jetbrains 1 Toolbox 2025-04-23 6.9 Medium
In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible
CVE-2025-42921 1 Jetbrains 1 Toolbox 2025-04-23 4.2 Medium
In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin
CVE-2022-39909 1 Samsung 1 Gear Iconx Pc Manager 2025-04-23 7.1 High
Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager prior to version 2.1.221019.51 allows local attackers to create arbitrary file using symbolic link.