Export limit exceeded: 326705 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (326705 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26695 | 2 Carmelo, Code-projects | 2 Simple Student Alumni System, Simple Student Alumni System | 2026-03-03 | 9.8 Critical |
| code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordstudent_edit.php. | ||||
| CVE-2025-52468 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 8.8 High |
| Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "First Name", and "Username" fields. It allows attackers to inject a stored cross-site scripting (XSS) payload that is triggered when the user profile is viewed, potentially leading to malicious script execution in the context of the authenticated use. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52469 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 7.1 High |
| Chamilo is a learning management system. Prior to version 1.11.30, a logic vulnerability in the friend request workflow of Chamilo’s social network module allows an authenticated user to forcibly add any user as a friend by directly calling the AJAX endpoint. The attacker can bypass the normal flow of sending and accepting friend requests, and even add non-existent users. This breaks access control and social interaction logic, with potential privacy implications. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52470 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 4.8 Medium |
| Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists in the session_category_add.php script. The vulnerability is caused by improper sanitization of the Category Name field, allowing privileged users to inject persistent JavaScript payloads. The injected script is later executed when accessing add_many_sessions_to_category.php, potentially compromising administrative sessions. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52475 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 6.1 Medium |
| Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability in the admin/user_list.php endpoint. The keyword_inactive parameter is not properly sanitized, allowing attackers to inject malicious JavaScript through a crafted URL. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52476 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 6.1 Medium |
| Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to improper sanitization of the keyword_active parameter in admin/user_list.php. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52563 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 6.1 Medium |
| Chamilo is a learning management system. Prior to version 1.11.30, there is a reflected cross-site scripting (XSS) vulnerability due to insufficient sanitization of the page parameter in the session/add_users_to_session.php endpoint. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52998 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 9.8 Critical |
| Chamilo is a learning management system. Prior to version 1.11.30, in the application, deserialization of data is performed, the data can be spoofed. An attacker can create objects of arbitrary classes, as well as fully control their properties, and thus modify the logic of the web application's operation. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-52564 | 1 Chamilo | 1 Chamilo Lms | 2026-03-03 | 6.1 Medium |
| Chamilo is a learning management system. Prior to version 1.11.30, the open parameter of help.php fails to properly sanitize user input. This allows an attacker to inject arbitrary HTML, such as underlined text, via a crafted URL. This issue has been patched in version 1.11.30. | ||||
| CVE-2025-48567 | 1 Google | 1 Android | 2026-03-03 | 7.8 High |
| In multiple locations, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-48568 | 1 Google | 1 Android | 2026-03-03 | 7.4 High |
| In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48574 | 1 Google | 1 Android | 2026-03-03 | 8.4 High |
| In validateAddingWindowLw of DisplayPolicy.java, there is a possible way for an app to intercept drag-and-drop events due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0756 | 1 Elearningfreak | 1 Insert Or Embed Articulate Content | 2026-03-03 | 3.5 Low |
| The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page. | ||||
| CVE-2025-48577 | 1 Google | 1 Android | 2026-03-03 | 7.4 High |
| In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48578 | 1 Google | 1 Android | 2026-03-03 | 7.8 High |
| In multiple functions of MediaProvider.java, there is a possible way to bypass the WRITE_EXTERNAL_STORAGE permission due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-48609 | 1 Google | 1 Android | 2026-03-03 | 9.1 Critical |
| In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files which affect telephony, SMS, and MMS functionalities due to a path traversal error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48613 | 1 Google | 1 Android | 2026-03-03 | 7.8 High |
| In VBMeta, there is a possible way to modify and resign VBMeta using a test key, assuming the original image was previously signed with the same key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48619 | 1 Google | 1 Android | 2026-03-03 | 8.4 High |
| In multiple functions of ContentProvider.java, there is a possible way for an app with read-only access to truncate files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-59109 | 1 Dormakaba | 1 Registration Unit 9002 | 2026-03-03 | N/A |
| The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an attacker is easily able to remove the device, install a hardware implant which connects to the UART and exfiltrates the data exposed via UART to another system (e.g. via WiFi). | ||||
| CVE-2025-61686 | 1 Shopify | 3 React-router\/node, Remix-run\/deno, Remix-run\/node | 2026-03-03 | 9.1 Critical |
| React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/deno prior to version 2.17.2, and @remix-run/node prior to version 2.17.2, if createFileSessionStorage() is being used from @react-router/node (or @remix-run/node/@remix-run/deno in Remix v2) with an unsigned cookie, it is possible for an attacker to cause the session to try to read/write from a location outside the specified session file directory. The success of the attack would depend on the permissions of the web server process to access those files. Read files cannot be returned directly to the attacker. Session file reads would only succeed if the file matched the expected session file format. If the file matched the session file format, the data would be populated into the server side session but not directly returned to the attacker unless the application logic returned specific session information. This issue has been patched in @react-router/node version 7.9.4, @remix-run/deno version 2.17.2, and @remix-run/node version 2.17.2. | ||||