Export limit exceeded: 357325 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8492 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60830 | 2 Redragon, Redragon-erp | 2 Erp, Redragon-erp | 2025-10-10 | 6.5 Medium |
| redragon-erp v1.0 was discovered to contain a Shiro deserialization vulnerability caused by the default Shiro key. | ||||
| CVE-2025-60834 | 2 Ghostxbh, Uzy | 2 Uzy-ssm-mall, Ssm Mall | 2025-10-10 | 6.5 Medium |
| A fastjson deserialization vulnerability in uzy-ssm-mall v1.1.0 allows attackers to execute arbitrary code via supplying a crafted input. | ||||
| CVE-2024-34147 | 1 Jenkins | 2 Jenkins-telegram-bot, Telegram Bot | 2025-10-10 | 4.3 Medium |
| Jenkins Telegram Bot Plugin 1.4.0 and earlier stores the Telegram Bot token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | ||||
| CVE-2025-30197 | 1 Jenkins | 1 Zoho Qengine | 2025-10-10 | 3.1 Low |
| Jenkins Zoho QEngine Plugin 1.0.29.vfa_cc23396502 and earlier does not mask the QEngine API Key form field, increasing the potential for attackers to observe and capture it. | ||||
| CVE-2024-39460 | 1 Jenkins | 1 Bitbucket Branch Source | 2025-10-10 | 4.3 Medium |
| Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases. | ||||
| CVE-2025-6519 | 1 Copeland | 8 E3 Supervisory Controller Firmware, Site Supervisor Bx 860-1240, Site Supervisor Bxe 860-1245 and 5 more | 2025-10-10 | 9.8 Critical |
| E3 Site Supervisor (firmware version < 2.31F01) has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user. | ||||
| CVE-2025-9188 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is a deserialization of untrusted data vulnerability in Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-51497 | 1 Adguard | 2 Adguard, Adguard For Safari | 2025-10-09 | 5.5 Medium |
| An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22. | ||||
| CVE-2025-54882 | 1 Himmelblau-idm | 1 Himmelblau | 2025-10-09 | 7.1 High |
| Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This is fixed in versions 0.9.22 and 1.2.0. To work around this issue, remove all read access to Himmelblau caches for all users except for owners. | ||||
| CVE-2023-36035 | 1 Microsoft | 1 Exchange Server | 2025-10-08 | 8 High |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2023-36039 | 1 Microsoft | 1 Exchange Server | 2025-10-08 | 8 High |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2023-36050 | 1 Microsoft | 1 Exchange Server | 2025-10-08 | 8 High |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2023-36047 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-10-08 | 7.8 High |
| Windows Authentication Elevation of Privilege Vulnerability | ||||
| CVE-2023-36046 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2025-10-08 | 7.1 High |
| Windows Authentication Denial of Service Vulnerability | ||||
| CVE-2023-36394 | 1 Microsoft | 9 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 6 more | 2025-10-08 | 7 High |
| Windows Search Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36399 | 1 Microsoft | 4 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 1 more | 2025-10-08 | 7.1 High |
| Windows Storage Elevation of Privilege Vulnerability | ||||
| CVE-2023-36403 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2023-36705 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-36439 | 1 Microsoft | 1 Exchange Server | 2025-10-08 | 8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2023-38177 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-10-08 | 6.1 Medium |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||