Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8862 | 1 Yugabyte | 1 Yugabytedb | 2025-08-12 | 3.1 Low |
| YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is properly redacted. | ||||
| CVE-2025-25231 | 1 Omnissa | 1 Workspace One | 2025-08-12 | 7.5 High |
| Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints. | ||||
| CVE-2023-41530 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | ||||
| CVE-2025-54394 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 5.3 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. | ||||
| CVE-2023-41525 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | ||||
| CVE-2025-54395 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 6.1 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. | ||||
| CVE-2023-41526 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters. | ||||
| CVE-2025-54397 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 4.3 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. | ||||
| CVE-2023-41531 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 8.8 High |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters. | ||||
| CVE-2025-54393 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 5.4 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. | ||||
| CVE-2023-41528 | 2 Hospital Management System, Kishan0725 | 2 Hospital Management System, Hospital Management System | 2025-08-12 | 9.8 Critical |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters. | ||||
| CVE-2025-54396 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 5.4 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. | ||||
| CVE-2025-54392 | 1 Netwrix | 1 Directory Manager | 2025-08-12 | 6.1 Medium |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. | ||||
| CVE-2025-29745 | 1 Emsisoft | 1 Anti-malware | 2025-08-12 | 7.5 High |
| A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S (Emsisoft Custom Scan) extension file. | ||||
| CVE-2025-51857 | 1 Halo | 1 Halo | 2025-08-12 | 6.1 Medium |
| The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks. | ||||
| CVE-2025-2810 | 1 Draeger | 1 Icmhelper | 2025-08-12 | 5.5 Medium |
| A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key. | ||||
| CVE-2025-8698 | 1 Open5gs | 1 Open5gs | 2025-08-12 | 3.3 Low |
| A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amf_nsmf_pdusession_handle_release_sm_context of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The name of the patch is 66bc558e417e70ae216ec155e4e81c14ae0ecf30. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-50468 | 1 Open-metadata | 1 Openmetadata | 2025-08-12 | 6.5 Medium |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query. | ||||
| CVE-2025-50465 | 1 Open-metadata | 1 Openmetadata | 2025-08-12 | 7.1 High |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query. | ||||
| CVE-2025-50467 | 1 Open-metadata | 1 Openmetadata | 2025-08-12 | 6.5 Medium |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query. | ||||