Export limit exceeded: 334261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334261 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10864 | 2025-05-20 | N/A | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5 | ||||
| CVE-2024-10865 | 2025-05-20 | N/A | ||
| Improper Input validation leads to XSS or Cross-site Scripting vulnerability in OpenText Advanced Authentication. This issue affects Advanced Authentication versions before 6.5. | ||||
| CVE-2025-37804 | 2025-05-20 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-21837 | 2025-05-20 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-21686 | 2025-05-20 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-21633 | 1 Redhat | 1 Enterprise Linux | 2025-05-20 | 7.0 High |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-49933 | 2025-05-20 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-49056 | 2025-05-20 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2022-42731 | 1 Django-mfa2 Project | 1 Django-mfa2 | 2025-05-20 | 7.5 High |
| mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows a replay attack that could be used to register another device for a user. The device registration challenge is not invalidated after usage. | ||||
| CVE-2022-42238 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2025-05-20 | 8.8 High |
| A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard. | ||||
| CVE-2022-42236 | 1 Merchandise Online Store Project | 1 Merchandise Online Store | 2025-05-20 | 5.4 Medium |
| A Stored XSS issue in Merchandise Online Store v.1.0 allows to injection of Arbitrary JavaScript in edit account form. | ||||
| CVE-2022-42037 | 1 Democritus | 1 D8s-asns | 2025-05-20 | 9.8 Critical |
| The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | ||||
| CVE-2022-42034 | 1 Wedding Planner Project | 1 Wedding Planner | 2025-05-20 | 8.8 High |
| Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php. | ||||
| CVE-2022-41387 | 1 Democritus | 1 D8s-pdfs | 2025-05-20 | 9.8 Critical |
| The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41386 | 1 Democritus | 1 D8s-utility | 2025-05-20 | 9.8 Critical |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41382 | 1 Democritus | 1 D8s-json | 2025-05-20 | 9.8 Critical |
| The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-41381 | 1 Democritus | 1 D8s-utility | 2025-05-20 | 9.8 Critical |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-41380 | 1 Democritus | 1 D8s-yaml | 2025-05-20 | 9.8 Critical |
| The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-41376 | 1 Metroui | 1 Metro Ui | 2025-05-20 | 6.1 Medium |
| Metro UI v4.4.0 to v4.5.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Javascript function. | ||||
| CVE-2022-41210 | 1 Sap | 1 Customer Data Cloud | 2025-05-20 | 5.2 Medium |
| SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings. | ||||