Search
Search Results (329604 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46782 | 2025-04-30 | N/A | ||
| Not used | ||||
| CVE-2025-46781 | 2025-04-30 | N/A | ||
| Not used | ||||
| CVE-2025-46780 | 2025-04-30 | N/A | ||
| Not used | ||||
| CVE-2025-46779 | 2025-04-30 | N/A | ||
| Not used | ||||
| CVE-2025-46778 | 2025-04-30 | N/A | ||
| Not used | ||||
| CVE-2025-3358 | 2025-04-29 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-4377 | 2025-04-29 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-0671 | 1 Icegram | 1 Icegram Express | 2025-04-29 | 6.1 Medium |
| The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Template settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2023-5856 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-04-29 | 8.8 High |
| Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-5855 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-04-29 | 8.8 High |
| Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) | ||||
| CVE-2023-5854 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-04-29 | 8.8 High |
| Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) | ||||
| CVE-2023-5852 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-04-29 | 8.8 High |
| Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) | ||||
| CVE-2023-5849 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-04-29 | 8.8 High |
| Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-32834 | 2 Google, Mediatek | 48 Android, Mt6580, Mt6735 and 45 more | 2025-04-29 | 6.7 Medium |
| In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161762; Issue ID: ALPS08161762. | ||||
| CVE-2022-44007 | 1 Backclick | 1 Backclick | 2025-04-29 | 8.8 High |
| An issue was discovered in BACKCLICK Professional 5.9.63. Due to an unsafe implementation of session tracking, it is possible for an attacker to trick users into opening an authenticated user session for a session identifier known to the attacker, aka Session Fixation. | ||||
| CVE-2022-42732 | 1 Siemens | 1 Syngo Dynamics Cardiovascular Imaging And Information System | 2025-04-29 | 7.5 High |
| A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper read access control that could allow files to be retrieved from any folder accessible to the account assigned to the website’s application pool. | ||||
| CVE-2022-42533 | 1 Google | 1 Android | 2025-04-29 | 7.8 High |
| In shared_metadata_init of SharedMetadata.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415718References: N/A | ||||
| CVE-2022-42246 | 1 Duofoxtechnologies | 1 Duofox Cms | 2025-04-29 | 8.8 High |
| Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account. | ||||
| CVE-2022-42245 | 1 Dreamer Cms Project | 1 Dreamer Cms | 2025-04-29 | 9.8 Critical |
| Dreamer CMS 4.0.01 is vulnerable to SQL Injection. | ||||
| CVE-2022-42187 | 1 Hustoj | 1 Hustoj | 2025-04-29 | 6.1 Medium |
| Hustoj 22.09.22 has a XSS Vulnerability in /admin/problem_judge.php. | ||||