Export limit exceeded: 355212 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355212 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355212 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13124 | 1 Netiket | 1 Applylogic | 2026-06-04 | 7.6 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Netiket Information Technologies Ltd. Co. ApplyLogic allows Exploitation of Trusted Identifiers. This issue affects ApplyLogic: through 01.12.2025. | ||||
| CVE-2025-13125 | 1 Im Park | 1 Dijidemi | 2026-06-04 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Exploitation of Trusted Identifiers. This issue affects DijiDemi: through 28.11.2025. | ||||
| CVE-2025-13127 | 2026-06-04 | 3.5 Low | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and External Trade Inc. GoldenHorn allows Cross-Site Scripting (XSS). This issue affects GoldenHorn: before 4.25.1121.1. | ||||
| CVE-2025-13129 | 1 Seneka | 1 Onaylarım | 2026-06-04 | 4.3 Medium |
| Improper Enforcement of Behavioral Workflow vulnerability in Seneka Software Hardware Information Technology Trade Contracting and Industry Ltd. Co. Onaylarım allows Functionality Misuse. This issue affects Onaylarım: from 25.09.26.01 through 18112025. | ||||
| CVE-2025-13183 | 2026-06-04 | 7.3 High | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hotech Software Inc. Otello allows Stored XSS. This issue affects Otello: from 2.4.0 before 2.4.4. | ||||
| CVE-2025-13295 | 2 Argustech, Argusteknoloji | 2 Bilger, Bilger | 2026-06-04 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier. This issue affects BILGER: before 2.4.9. | ||||
| CVE-2025-13296 | 1 T-soft | 1 E-commerce | 2026-06-04 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Tekrom Technology Inc. T-Soft E-Commerce allows Cross Site Request Forgery. This issue affects T-Soft E-Commerce: through 28112025. | ||||
| CVE-2025-13474 | 1 Menulux | 1 Mobile App | 2026-06-04 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers. This issue affects Mobile App: before 9.5.8. | ||||
| CVE-2025-13505 | 1 Datateam | 1 Datactive | 2026-06-04 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Datateam Information Technologies Inc. Datactive allows Stored XSS. This issue affects Datactive: from 2.13.34 before 2.14.0.6. | ||||
| CVE-2025-13506 | 1 Nebim | 1 Nebim V3 Erp | 2026-06-04 | 8.8 High |
| Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services Inc. Nebim V3 ERP allows Expanding Control over the Operating System from the Database. This issue affects Nebim V3 ERP: from 2.0.59 before 3.0.1. | ||||
| CVE-2025-14014 | 1 Ntn Information Processing Services Computer Software Hardware Industry And Trade Ltd. Co. | 1 Smart Panel | 2026-06-04 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Smart Panel: before 20251215. | ||||
| CVE-2026-50219 | 1 Libexpat Project | 1 Libexpat | 2026-06-04 | 4.9 Medium |
| libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur, | ||||
| CVE-2025-14018 | 2026-06-04 | 7.3 High | ||
| Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15. | ||||
| CVE-2025-14101 | 1 Gg Soft | 1 Paperwork | 2026-06-04 | 7.1 High |
| Authorization Bypass Through User-Controlled Key vulnerability in GG Soft Software Services Inc. PaperWork allows Exploitation of Trusted Identifiers. This issue affects PaperWork: from 5.2.0.9427 before 6.0. | ||||
| CVE-2025-14320 | 1 Tegsoft | 1 Online Support Application | 2026-06-04 | 9.8 Critical |
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025. | ||||
| CVE-2025-14343 | 1 Dokuzsoft Technology | 1 E-commerce Product | 2026-06-04 | 7.6 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dokuzsoft Technology Ltd. E-Commerce Product allows Reflected XSS. This issue affects E-Commerce Product: through 10122025. | ||||
| CVE-2025-14347 | 1 Proliz Software | 1 Obs | 2026-06-04 | 6.3 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Proliz Software Ltd. OBS (Student Affairs Information System)0 allows Reflected XSS. This issue affects OBS (Student Affairs Information System)0: before 26.5009. | ||||
| CVE-2025-14349 | 2 Uni-yaz, Universal Software Inc. | 2 Flexcity, Flexcity/kiosk | 2026-06-04 | 8.8 High |
| Privilege Defined With Unsafe Actions, Missing Authentication for Critical Function vulnerability in Universal Software Inc. FlexCity/Kiosk allows Accessing Functionality Not Properly Constrained by ACLs, Privilege Escalation. This issue affects FlexCity/Kiosk: from 1.0 before 1.0.36. | ||||
| CVE-2026-41283 | 2026-06-04 | 9.9 Critical | ||
| OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials. | ||||
| CVE-2026-48681 | 1 Openstack | 1 Ironic | 2026-06-04 | 5.9 Medium |
| OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image. | ||||