Export limit exceeded: 17428 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342254 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23644 | 1 Trillium | 2 Trillium, Trillium-http | 2025-05-30 | 6.8 Medium |
| Trillium is a composable toolkit for building internet applications with async rust. In `trillium-http` prior to 0.3.12 and `trillium-client` prior to 0.5.4, insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over headers. This only affects use cases where attackers have control of request headers, and can insert "\r\n" sequences. Specifically, if untrusted and unvalidated input is inserted into header names or values. Outbound `trillium_http::HeaderValue` and `trillium_http::HeaderName` can be constructed infallibly and were not checked for illegal bytes when sending requests from the client or responses from the server. Thus, if an attacker has sufficient control over header values (or names) in a request or response that they could inject `\r\n` sequences, they could get the client and server out of sync, and then pivot to gain control over other parts of requests or responses. (i.e. exfiltrating data from other requests, SSRF, etc.) In `trillium-http` versions 0.3.12 and later, if a header name is invalid in server response headers, the specific header and any associated values are omitted from network transmission. Additionally, if a header value is invalid in server response headers, the individual header value is omitted from network transmission. Other headers values with the same header name will still be sent. In `trillium-client` versions 0.5.4 and later, if any header name or header value is invalid in the client request headers, awaiting the client Conn returns an `Error::MalformedHeader` prior to any network access. As a workaround, Trillium services and client applications should sanitize or validate untrusted input that is included in header values and header names. Carriage return, newline, and null characters are not allowed. | ||||
| CVE-2024-23646 | 1 Pimcore | 1 Admin Classic Bundle | 2025-05-30 | 8.8 High |
| Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files from available files on the site. In the 1.x branch prior to version 1.3.2, parameter `selectedIds` is susceptible to SQL Injection. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. Version 1.3.2 contains a fix for this issue. | ||||
| CVE-2023-30394 | 1 Moveit | 1 Moveit | 2025-05-30 | 6.1 Medium |
| The MoveIt framework 1.1.11 for ROS allows cross-site scripting (XSS) via the API authentication function. NOTE: this issue is disputed by the original reporter because it has "no impact." | ||||
| CVE-2024-35388 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2025-05-30 | 8.8 High |
| TOTOLINK NR1800X v9.1.0u.6681_B20230703 was discovered to contain a stack overflow via the password parameter in the function urldecode | ||||
| CVE-2024-33377 | 1 Lb-link | 2 Bl-w1210m, Bl-w1210m Firmware | 2025-05-30 | 8.1 High |
| LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page. | ||||
| CVE-2024-33375 | 1 Lb-link | 2 Bl-w1210m, Bl-w1210m Firmware | 2025-05-30 | 9.8 Critical |
| LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware. | ||||
| CVE-2025-4226 | 1 Phpgurukul | 1 Cyber Cafe Management System | 2025-05-30 | 7.3 High |
| A vulnerability classified as critical has been found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. This affects an unknown part of the file /add-computer.php. The manipulation of the argument compname/comploc leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-42514 | 1 Mitel | 1 Micontact Center Business | 2025-05-30 | 8.1 High |
| A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4 could allow an unauthenticated attacker to conduct an unauthorized access attack due to inadequate access control checks. A successful exploit requires user interaction and could allow an attacker to access sensitive information and send unauthorized messages during an active chat session. | ||||
| CVE-2025-44881 | 1 Wavlink | 2 Wl-wn579a3, Wl-wn579a3 Firmware | 2025-05-30 | 9.8 Critical |
| A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. | ||||
| CVE-2025-44880 | 1 Wavlink | 2 Wl-wn579a3, Wl-wn579a3 Firmware | 2025-05-30 | 9.8 Critical |
| A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. | ||||
| CVE-2025-44882 | 1 Wavlink | 2 Wl-wn579a3, Wl-wn579a3 Firmware | 2025-05-30 | 9.8 Critical |
| A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input. | ||||
| CVE-2024-52874 | 1 Infoblox | 1 Netmri | 2025-05-30 | 8.8 High |
| In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks. | ||||
| CVE-2025-48066 | 1 Wire | 1 Wire-webapp | 2025-05-30 | 6 Medium |
| wire-webapp is the web application for the open-source messaging service Wire. A bug fix caused a regression causing an issue with function to delete local data. Instructing the client to delete its local database on user logout does not result in deletion. This is the case for both temporary clients (marking the device as a public computer on login) and regular clients instructing the deletion of all personal information and conversations upon logout. Access to the machine is required to access the data. If encryption-at-rest is used, cryptographic material can't be exported. The underlying issue has been fixed with wire-webapp version 2025-05-14-production.0. In order to mitigate potential impact, the database must be manually deleted on devices where the option "This is a public computer" was used prior to log in or a log out with the request to delete local data with the affected versions has happened before. | ||||
| CVE-2025-48075 | 1 Gofiber | 1 Fiber | 2025-05-30 | 7.5 High |
| Fiber is an Express-inspired web framework written in Go. Starting in version 2.52.6 and prior to version 2.52.7, `fiber.Ctx.BodyParser` can map flat data to nested slices using `key[idx]value` syntax, but when idx is negative, it causes a panic instead of returning an error stating it cannot process the data. Since this data is user-provided, this could lead to denial of service for anyone relying on this `fiber.Ctx.BodyParser` functionality. Version 2.52.7 fixes the issue. | ||||
| CVE-2025-48366 | 1 Intermesh | 1 Group-office | 2025-05-30 | 5.4 Medium |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a stored and blind XSS vulnerability exists in the Phone Number field of the user profile within the GroupOffice application. This allows a malicious actor to inject persistent JavaScript payloads, which are triggered in the context of another user when they view the Address Book. Successful exploitation enables actions such as forced redirects, unauthorized fetch requests, or other arbitrary JavaScript execution without user interaction. Versions 6.8.119 and 25.0.20 contain a fix for the issue. | ||||
| CVE-2025-48368 | 1 Intermesh | 1 Group-office | 2025-05-30 | 5.4 Medium |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a DOM-based Cross-Site Scripting (XSS) vulnerability exists in the GroupOffice application, allowing attackers to execute arbitrary JavaScript code in the context of the victim's browser. This can lead to session hijacking, defacement, or redirection to malicious sites. The vulnerability can be triggered by injecting a crafted payload into a parameter that is later processed unsafely in the DOM. Versions 6.8.119 and 25.0.20 contain a fix for the issue. | ||||
| CVE-2025-48369 | 1 Intermesh | 1 Group-office | 2025-05-30 | 5.4 Medium |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.119 and 25.0.20, a persistent Cross-Site Scripting (XSS) vulnerability exists in Groupoffice's tasks comment functionality, allowing attackers to execute arbitrary JavaScript by uploading an file with a crafted filename. When administrators or other users view the task containing this malicious file, the payload executes in their browser context. The application fails to sanitize image filenames before rendering them in the comment. By uploading an image with a crafted filename containing XSS payloads, attackers can steal sensitive information. Versions 6.8.119 and 25.0.20 contain a fix for the issue. | ||||
| CVE-2024-40458 | 1 Ocuco | 1 Innovation | 2025-05-30 | 7.8 High |
| An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets. | ||||
| CVE-2024-40459 | 1 Ocuco | 1 Innovation | 2025-05-30 | 7.8 High |
| An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function | ||||
| CVE-2024-40460 | 1 Ocuco | 1 Innovation | 2025-05-30 | 7.8 High |
| An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker to escalate privileges via the JOBENTRY.EXE | ||||