Export limit exceeded: 355159 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355159 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355159 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10703 | 1 Eipstackgroup | 1 Opener | 2026-06-03 | 6.3 Medium |
| A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-41032 | 2 Phoenix Contact, Phoenixcontact | 8 Charx Sec-3000 Firmware, Charx Sec-3050 Firmware, Charx Sec-3100 Firmware and 5 more | 2026-06-03 | 7.5 High |
| It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information. | ||||
| CVE-2024-6401 | 2 Sfs, Sfs Consulting | 2 Insuree Gl, Insuree Gl | 2026-06-03 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection. This issue affects InsureE GL: before 4.6.2. | ||||
| CVE-2024-6406 | 2026-06-03 | N/A | ||
| Missing Authentication for Critical Function, Missing Authorization vulnerability in Yordam Information Technology Mobile Library Application allows Retrieve Embedded Sensitive Data. This issue affects Mobile Library Application: before 5.0. | ||||
| CVE-2025-14773 | 2026-06-03 | 8 High | ||
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24. | ||||
| CVE-2024-6445 | 1 Dataflowx | 1 Datadiodex | 2026-06-03 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DataFlowX Technology DataDiodeX allows Path Traversal. This issue affects DataDiodeX: from v3.0.0 before v3.1.7. | ||||
| CVE-2026-10694 | 1 Sourcecodester | 1 Online Food Ordering System | 2026-06-03 | 7.3 High |
| A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2024-6656 | 2 Tnb Mobile Solutions, Tnbmobil | 2 Cockpit Software, Cockpit | 2026-06-03 | 9.8 Critical |
| Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13. | ||||
| CVE-2024-6684 | 1 Gstelectronics | 1 Inohom Nova Panel N7 | 2026-06-03 | N/A |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom Nova Panel N7 allows Authentication Bypass. This issue affects inohom Nova Panel N7: through 1.9.9.6. NOTE: The vendor was contacted and it was learned that the product is not supported. | ||||
| CVE-2024-6877 | 2 Eliz Software, Elizsoftware | 2 Panel, Panel | 2026-06-03 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Eliz Software Panel allows Reflected XSS. This issue affects Panel: before v2.3.24. | ||||
| CVE-2024-6878 | 1 Eliz Software | 1 Panel | 2026-06-03 | N/A |
| Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations. This issue affects Panel: before v2.3.24. | ||||
| CVE-2024-6917 | 1 Veribase | 2 Order Management, Veribase Order Management | 2026-06-03 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Veribilim Software Veribase Order Management allows OS Command Injection. This issue affects Veribase Order Management: before v4.010.2. | ||||
| CVE-2024-6919 | 2 Nac, Nac Telecommunication Systems | 2 Nacpremium, Nacpremium | 2026-06-03 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Blind SQL Injection. This issue affects NACPremium: through 01082024. | ||||
| CVE-2024-6920 | 1 Nac | 1 Nacpremium | 2026-06-03 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Stored XSS. This issue affects NACPremium: through 01082024. | ||||
| CVE-2024-6921 | 2 Nac, Nac Telecommunication Systems | 2 Nacpremium, Nacpremium | 2026-06-03 | 7.5 High |
| Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPremium allows Retrieve Embedded Sensitive Data. This issue affects NACPremium: through 01082024. | ||||
| CVE-2024-7015 | 1 Profelis | 1 Passbox | 2026-06-03 | 9.8 Critical |
| Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting PassBox allows Authentication Abuse. This issue affects PassBox: before v1.2. | ||||
| CVE-2024-7016 | 1 Smarttek | 1 Smart Doctor | 2026-06-03 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Smarttek Informatics Smart Doctor's allows Stored XSS required admin privileges. This issue affects Smart Doctor: through 21.11.2024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7026 | 1 Teknogis Informatics | 1 Close Circuit Vehicle Tracking Software | 2026-06-03 | 7.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknogis Informatics Closed Circuit Vehicle Tracking Software allows SQL Injection, Blind SQL Injection. This issue affects Closed Circuit Vehicle Tracking Software: through 21.11.2024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-7071 | 2 Brain Information Technologies, Brainlowcode | 2 Brain Low-code, Brain Low-code | 2026-06-03 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0. | ||||
| CVE-2024-7076 | 2 Semtek, Semtekyazilim | 2 Sempos, Semtek Sempos | 2026-06-03 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Blind SQL Injection. This issue affects Semtek Sempos: through 31072024. | ||||