Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36613 | 1 Dell | 2 Supportassist For Business Pcs, Supportassist For Home Pcs | 2025-08-18 | 2.8 Low |
| SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2024-37526 | 1 Ibm | 2 Data Virtualization On Cloud Pak For Data, Watson Query With Cloud Pak For Data | 2025-08-18 | 6.5 Medium |
| IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson Query due to an improper data protection mechanism. | ||||
| CVE-2024-38320 | 6 Apple, Hp, Ibm and 3 more | 10 Macos, Hp-ux, Aix and 7 more | 2025-08-18 | 5.9 Medium |
| IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | ||||
| CVE-2025-33142 | 5 Hp, Ibm, Linux and 2 more | 8 Hp-ux, Aix, I and 5 more | 2025-08-18 | 5.3 Medium |
| IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections. | ||||
| CVE-2023-46187 | 1 Ibm | 2 Infosphere Master Data Management, Infosphere Master Data Management Server | 2025-08-18 | 5.4 Medium |
| IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2023-38009 | 3 Apple, Google, Ibm | 4 Iphone Os, Android, Cognos Analytics and 1 more | 2025-08-18 | 4.2 Medium |
| IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning. | ||||
| CVE-2024-51457 | 1 Ibm | 2 Robotic Process Automation, Robotic Process Automation For Cloud Pak | 2025-08-18 | 4.4 Medium |
| IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-45652 | 1 Ibm | 1 Maximo Asset Management | 2025-08-18 | 6.5 Medium |
| IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2024-49824 | 1 Ibm | 2 Robotic Process Automation, Robotic Process Automation For Cloud Pak | 2025-08-18 | 6.5 Medium |
| IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 could allow an authenticated user to perform unauthorized actions as a privileged user due to improper validation of client-side security enforcement. | ||||
| CVE-2024-47113 | 1 Ibm | 1 Voice Gateway | 2025-08-18 | 8.1 High |
| IBM ICP - Voice Gateway 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document. | ||||
| CVE-2025-22941 | 1 Adtran | 2 411, 411 Firmware | 2025-08-18 | 9.8 Critical |
| A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. | ||||
| CVE-2025-22940 | 1 Adtran | 2 411, 411 Firmware | 2025-08-18 | 9.1 Critical |
| Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to arbitrarily set the admin password. | ||||
| CVE-2025-22939 | 1 Adtran | 2 411, 411 Firmware | 2025-08-18 | 9.8 Critical |
| A command injection vulnerability in the telnet service of Adtran 411 ONT L80.00.0011.M2 allows attackers to escalate privileges to root and execute arbitrary commands. | ||||
| CVE-2025-22938 | 1 Adtran | 2 411, 411 Firmware | 2025-08-18 | 9.8 Critical |
| Adtran 411 ONT L80.00.0011.M2 was discovered to contain weak default passwords. | ||||
| CVE-2025-22937 | 1 Adtran | 2 411, 411 Firmware | 2025-08-18 | 9.8 Critical |
| An issue in Adtran 411 ONT vL80.00.0011.M2 allows attackers to escalate privileges via unspecified vectors. | ||||
| CVE-2023-33202 | 2 Bouncycastle, Redhat | 3 Bouncy Castle For Java, Fips Java Api, Amq Streams | 2025-08-18 | 5.5 Medium |
| Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.) | ||||
| CVE-2024-43790 | 2 Netapp, Vim | 3 Bootstrap Os, Hci Compute Node, Vim | 2025-08-18 | 4.5 Medium |
| Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled (:set shm+=S), the search pattern is displayed at the bottom of the screen in a buffer (msgbuf). When right-left mode (:set rl) is enabled, the search pattern is reversed. This happens by allocating a new buffer. If the search pattern contains some ASCII NUL characters, the buffer allocated will be smaller than the original allocated buffer (because for allocating the reversed buffer, the strlen() function is called, which only counts until it notices an ASCII NUL byte ) and thus the original length indicator is wrong. This causes an overflow when accessing characters inside the msgbuf by the previously (now wrong) length of the msgbuf. The issue has been fixed as of Vim patch v9.1.0689. | ||||
| CVE-2025-5942 | 1 Netskope | 1 Netskope | 2025-08-18 | N/A |
| Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine. | ||||
| CVE-2022-47112 | 1 7-zip | 1 7-zip | 2025-08-18 | 2.5 Low |
| 7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected. | ||||
| CVE-2022-47111 | 1 7-zip | 1 7-zip | 2025-08-18 | 2.5 Low |
| 7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected. | ||||