Export limit exceeded: 330376 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 330376 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (330376 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5941 | 1 Netskope | 1 Netskope | 2025-08-15 | N/A |
| Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful exploit can potentially result in user-controllable memory being leaked in a domain name stored on the local machine. | ||||
| CVE-2025-23227 | 3 Ibm, Linux, Microsoft | 4 Aix, Tivoli Application Dependency Discovery Manager, Linux Kernel and 1 more | 2025-08-15 | 6.4 Medium |
| IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.11 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2025-0413 | 1 Parallels | 2 Parallels, Remote Application Server | 2025-08-15 | N/A |
| Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Technical Data Reporter component. By creating a symbolic link, an attacker can abuse the service to change the permissions of arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-25014. | ||||
| CVE-2024-54176 | 1 Ibm | 2 Devops Deploy, Urbancode Deploy | 2025-08-15 | 4.3 Medium |
| IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, 7.2 through 7.2.3.14 and 7.3 through 7.3.2 could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function. | ||||
| CVE-2025-32932 | 1 Fortinet | 1 Fortisoar | 2025-08-15 | 6.2 Medium |
| An Improper neutralization of input during web page generation ('cross-site scripting') vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests | ||||
| CVE-2025-8800 | 1 Open5gs | 1 Open5gs | 2025-08-15 | 5.3 Medium |
| A vulnerability has been found in Open5GS up to 2.7.5. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component. | ||||
| CVE-2025-8958 | 1 Tenda | 1 Tx3 | 2025-08-15 | 8.8 High |
| A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2021-27923 | 3 Fedoraproject, Python, Redhat | 4 Fedora, Pillow, Enterprise Linux and 1 more | 2025-08-15 | 7.5 High |
| Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICO container, and thus an attempted memory allocation can be very large. | ||||
| CVE-2021-27922 | 3 Fedoraproject, Python, Redhat | 4 Fedora, Pillow, Enterprise Linux and 1 more | 2025-08-15 | 7.5 High |
| Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large. | ||||
| CVE-2021-27921 | 3 Fedoraproject, Python, Redhat | 4 Fedora, Pillow, Enterprise Linux and 1 more | 2025-08-15 | 7.5 High |
| Pillow before 8.1.2 allows attackers to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large. | ||||
| CVE-2025-55726 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55725 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55724 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55723 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55722 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55721 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55720 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55719 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2025-55718 | 2025-08-15 | N/A | ||
| Not used | ||||
| CVE-2021-20087 | 1 Acemetrix | 1 Jquery-deparam | 2025-08-14 | 8.8 High |
| Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties into Object.prototype. | ||||