Search
Search Results (331254 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48426 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48425 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48424 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48423 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48422 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48421 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48420 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48419 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-4436 | 2025-05-20 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-23122 | 2025-05-20 | N/A | ||
| This CVE record has been withdrawn due to a duplicate entry CVE-2025-23165. | ||||
| CVE-2022-40912 | 1 Etaplighting | 1 Etap Safety Manager | 2025-05-20 | 6.1 Medium |
| ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting (XSS). Input passed to the GET parameter 'action' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site. | ||||
| CVE-2022-40708 | 2 Microsoft, Trendmicro | 2 Windows, Deep Security Agent | 2025-05-20 | 3.3 Low |
| An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707. | ||||
| CVE-2022-3193 | 1 Ovirt | 1 Ovirt-engine | 2025-05-20 | 6.1 Medium |
| An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages. | ||||
| CVE-2022-35722 | 1 Ibm | 1 Jazz For Service Management | 2025-05-20 | 5.4 Medium |
| IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231381. | ||||
| CVE-2022-35282 | 1 Ibm | 1 Websphere Application Server | 2025-05-20 | 6.5 Medium |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data. | ||||
| CVE-2022-2778 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2025-05-20 | 9.8 Critical |
| In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. | ||||
| CVE-2022-24373 | 1 Swmansion | 1 React Native Reanimated | 2025-05-20 | 5.3 Medium |
| The package react-native-reanimated before 3.0.0-rc.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regular expression in the parser of Colors.js. | ||||
| CVE-2022-22387 | 1 Ibm | 1 Application Gateway | 2025-05-20 | 5.4 Medium |
| IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965. | ||||
| CVE-2021-41434 | 1 Oretnom23 | 1 Expense Management System | 2025-05-20 | 5.4 Medium |
| A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php. | ||||
| CVE-2022-28816 | 1 Gavazziautomation | 3 Cpy Car Park Server, Uwp 3.0 Monitoring Gateway And Controller, Uwp 3.0 Monitoring Gateway And Controller Firmware | 2025-05-20 | 6.1 Medium |
| In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy is prone to reflected XSS which only affects the Sentilo service. | ||||