Export limit exceeded: 361563 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2560 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-65741 | 2 Apple, Sublimetext | 2 Macos, Sublime Text 3 | 2026-01-02 | 9.8 Critical |
| Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the context of the Sublime Text application. | ||||
| CVE-2025-68939 | 1 Gitea | 1 Gitea | 2026-01-02 | 8.2 High |
| Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API. | ||||
| CVE-2025-67844 | 1 Mintlify | 1 Mintlify | 2026-01-02 | 5 Medium |
| The GitHub Integration API in Mintlify Platform before 2025-11-15 allows remote attackers to obtain sensitive repository metadata via the repository owner and name fields. It fails to validate that the repository owner and name fields provided during configuration belong to the specific GitHub App Installation ID associated with the user's organization. | ||||
| CVE-2024-53866 | 1 Pnpm | 1 Pnpm | 2025-12-31 | 9.8 Critical |
| The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in global cache; npm metadata from global cache affects other workspaces; and installs by default don't revalidate the data (including on first lockfile generation). This can make workspace A (even running with `ignore-scripts=true`) posion global cache and execute scripts in workspace B. Users generally expect `ignore-scripts` to be sufficient to prevent immediate code execution on install (e.g. when the tree is just repacked/bundled without executing it). Here, that expectation is broken. Global state integrity is lost via operations that one would expect to be secure, enabling subsequently running arbitrary code execution on installs. Version 9.15.0 fixes the issue. As a work-around, use separate cache and store dirs in each workspace. | ||||
| CVE-2025-66575 | 1 Veepn | 1 Veepn | 2025-12-30 | 7.8 High |
| VeeVPN 1.6.1 contains an unquoted service path vulnerability in the VeePNService that allows remote attackers to execute code during startup or reboot with escalated privileges. Attackers can exploit this by providing a malicious service name, allowing them to inject commands and run as LocalSystem. | ||||
| CVE-2025-26155 | 2 Microsoft, Ncp-e | 5 Windows, Ncp Secure Entry Client, Secure Client and 2 more | 2025-12-30 | 9.8 Critical |
| NCP Secure Enterprise Client 13.18 and NCP Secure Entry Windows Client 13.19 have an Untrusted Search Path vulnerability. | ||||
| CVE-2025-12819 | 1 Pgbouncer | 1 Pgbouncer | 2025-12-27 | 7.5 High |
| Untrusted search path in auth_query connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious search_path parameter in the StartupMessage. | ||||
| CVE-2017-17736 | 1 Kentico | 1 Xperience | 2025-12-19 | N/A |
| Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. | ||||
| CVE-2021-22280 | 1 Br-automation | 1 Automation Studio | 2025-12-19 | 7.2 High |
| Improper DLL loading algorithms in B&R Automation Studio versions >=4.0 and <4.12 may allow an authenticated local attacker to execute code in the context of the product. | ||||
| CVE-2024-30100 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2025-12-17 | 7.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2024-35260 | 1 Microsoft | 1 Power Platform | 2025-12-17 | 8 High |
| An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. | ||||
| CVE-2023-4936 | 1 Synaptics | 1 Displaylink | 2025-12-17 | 5.5 Medium |
| It is possible to sideload a compromised DLL during the installation at elevated privilege. | ||||
| CVE-2023-41840 | 1 Fortinet | 1 Forticlient | 2025-12-16 | 7.4 High |
| A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to perform a DLL Hijack attack via a malicious OpenSSL engine library in the search path. | ||||
| CVE-2022-24765 | 6 Apple, Debian, Fedoraproject and 3 more | 7 Xcode, Debian Linux, Fedora and 4 more | 2025-12-16 | 6 Medium |
| Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`. | ||||
| CVE-2025-6195 | 1 Gitlab | 1 Gitlab | 2025-12-10 | 4.3 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 13.7 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an authenticated user to view information from security reports under certain configuration conditions. | ||||
| CVE-2022-27595 | 1 Qnap | 1 Qvpn | 2025-12-08 | 7.8 High |
| An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windows 2.0.0.1316 and later QVPN Windows 2.0.0.1310 and later | ||||
| CVE-2025-32919 | 2 Checkmk, Microsoft | 2 Checkmk, Windows | 2025-12-04 | 7.8 High |
| Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 (EOL). | ||||
| CVE-2024-12168 | 1 Yandex | 1 Yandex Telemost | 2025-12-03 | 7.8 High |
| Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used. | ||||
| CVE-2024-27303 | 2 Electron, Microsoft | 2 Electron-builder, Windows | 2025-12-03 | 7.3 High |
| electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the `.nsh` installer script. NSExec by default searches the current directory of where the installer is located before searching `PATH`. This means that if an attacker can place a malicious executable file named cmd.exe in the same folder as the installer, the installer will run the malicious file. Version 24.13.2 fixes this issue. No known workaround exists. The code executes at the installer-level before the app is present on the system, so there's no way to check if it exists in a current installer. | ||||
| CVE-2024-29223 | 1 Intel | 1 Quickassist Technology | 2025-12-03 | 6.7 Medium |
| Uncontrolled search path for some Intel(R) QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||