Export limit exceeded: 16638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 335621 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335621 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36259 | 1 Craftcms | 1 Craft Cms | 2025-05-29 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation. | ||||
| CVE-2023-24049 | 1 Connectize | 2 Ac21000 G6, Ac21000 G6 Firmware | 2025-05-29 | 9.8 Critical |
| An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management. | ||||
| CVE-2022-35068 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d. | ||||
| CVE-2022-35067 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b0. | ||||
| CVE-2022-35066 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41b8. | ||||
| CVE-2022-35065 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a segmentation violation via /release-x64/otfccdump+0x65f724. | ||||
| CVE-2022-35064 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adcdb in __asan_memset. | ||||
| CVE-2024-23873 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/currencymodify.php, in the currencyid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||
| CVE-2022-35063 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e41a8. | ||||
| CVE-2022-35062 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0bc3. | ||||
| CVE-2022-35061 | 1 Otfcc Project | 1 Otfcc | 2025-05-29 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e412a. | ||||
| CVE-2022-32911 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-29 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32908 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-29 | 7.8 High |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges. | ||||
| CVE-2022-32886 | 4 Apple, Debian, Fedoraproject and 1 more | 7 Ipados, Iphone Os, Safari and 4 more | 2025-05-29 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-32883 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-05-29 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to read sensitive location information. | ||||
| CVE-2024-23874 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/companymodify.php, in the address1 parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||
| CVE-2024-23875 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/stockissuancedisplay.php, in the issuanceno parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||
| CVE-2024-23877 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/currencycreate.php, in the currencyid parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||
| CVE-2024-23878 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/grnprint.php, in the grnno parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||
| CVE-2024-23879 | 1 Ajaysharma | 1 Cups Easy | 2025-05-29 | 8.2 High |
| A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via /cupseasylive/statemodify.php, in the description parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials. | ||||