Export limit exceeded: 330359 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 330359 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (330359 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-70037 | 1 Linagora | 1 Twake | 2026-03-10 | N/A |
| An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code. | ||||
| CVE-2025-70040 | 1 Lupinlin1 | 1 Jimeng-web-mcp | 2026-03-10 | 5.3 Medium |
| An issue pertaining to CWE-532: Insertion of Sensitive Information into Log File was discovered in LupinLin1 jimeng-web-mcp v2.1.2. This allows an attacker to obtain sensitive information. | ||||
| CVE-2025-70060 | 1 Ymfe | 1 Yapi | 2026-03-10 | 5.4 Medium |
| An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0. | ||||
| CVE-2025-70042 | 1 Oslabs-beta | 1 Thermakube | 2026-03-10 | N/A |
| An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master. | ||||
| CVE-2025-70046 | 1 Miazzy | 1 Oa Front Service | 2026-03-10 | N/A |
| An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master. | ||||
| CVE-2025-70050 | 1 Lesspass | 1 Lesspass | 2026-03-10 | N/A |
| An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information. | ||||
| CVE-2025-70047 | 1 Nexusoft | 1 Nexusinterface | 2026-03-10 | 7.5 High |
| An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2. | ||||
| CVE-2025-70048 | 1 Nexusoft | 1 Nexusinterface | 2026-03-10 | N/A |
| An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2. | ||||
| CVE-2025-70059 | 1 Ymfe | 1 Yapi | 2026-03-10 | N/A |
| An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in YMFE yapi v1.12.0 and allows attackers to cause a denial of service. | ||||
| CVE-2025-70238 | 1 Dlink | 1 Dir-513 | 2026-03-10 | 7.5 High |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. | ||||
| CVE-2026-3843 | 2026-03-10 | 9.8 Critical | ||
| Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection vulnerability (CWE-89) in the system configuration module. A remote attacker can send specially crafted HTTP POST requests to the /php/request.php endpoint via the sql parameter in application/x-www-form-urlencoded data (e.g., action=do&sql=<query_here>&reload_driver=0) to execute arbitrary SQL commands and potentially achieve remote code execution. | ||||
| CVE-2025-70028 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70030 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70031 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70032 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2026-30140 | 1 Tenda | 1 W15e | 2026-03-10 | N/A |
| An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive information disclosure and potential remote administrative access. | ||||
| CVE-2026-3630 | 1 Deltaww | 1 Commgr2 | 2026-03-10 | 9.8 Critical |
| Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability. | ||||
| CVE-2026-3631 | 1 Deltaww | 1 Commgr2 | 2026-03-10 | 7.5 High |
| Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. | ||||
| CVE-2026-3822 | 1 Taipower | 1 Taipower App | 2026-03-10 | 6.5 Medium |
| Taipower APP developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the vulnerability to perform a Man-in-the-Middle (MITM) attack to read and tamper with network packets. | ||||
| CVE-2026-30896 | 1 Qsee | 1 Qsee Client | 2026-03-10 | N/A |
| The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege. | ||||