Search Results (8759 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-5351 1 Anji-plus 1 Aj-report 2025-03-01 6.3 Medium
A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been declared as critical. Affected by this vulnerability is the function getValueFromJs of the component Javascript Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266263.
CVE-2024-5352 1 Anji-plus 1 Aj-report 2025-03-01 6.3 Medium
A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been rated as critical. Affected by this issue is the function validationRules of the component com.anjiplus.template.gaea.business.modules.datasetparam.controller.DataSetParamController#verification. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266264.
CVE-2024-37099 2 Givewp, Liquidweb 2 Givewp, Givewp 2025-02-28 10 Critical
Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.
CVE-2022-41032 3 Fedoraproject, Microsoft, Redhat 7 Fedora, .net, .net Core and 4 more 2025-02-28 7.8 High
NuGet Client Elevation of Privilege Vulnerability
CVE-2023-21744 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21745 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21762 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21707 1 Microsoft 1 Exchange Server 2025-02-28 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21710 1 Microsoft 1 Exchange Server 2025-02-28 7.2 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-24930 1 Microsoft 1 Onedrive 2025-02-28 7.8 High
Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability
CVE-2023-28310 1 Microsoft 1 Exchange Server 2025-02-28 8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-32031 1 Microsoft 1 Exchange Server 2025-02-28 8.8 High
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-33134 1 Microsoft 1 Sharepoint Server 2025-02-28 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-33160 1 Microsoft 1 Sharepoint Server 2025-02-28 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-35309 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 7.5 High
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-35347 1 Microsoft 5 Windows 10 21h2, Windows 10 22h2, Windows 11 21h2 and 2 more 2025-02-28 7.1 High
Microsoft Install Service Elevation of Privilege Vulnerability
CVE-2023-27850 1 Netgear 2 Rax30, Rax30 Firmware 2025-02-28 6.8 Medium
NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a file sharing mechanism that allows users with access to this feature to access arbitrary files on the device.
CVE-2023-26948 1 Onekeyadmin 1 Onekeyadmin 2025-02-28 7.5 High
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/file/download.
CVE-2024-23677 1 Splunk 2 Cloud, Splunk 2025-02-28 4.3 Medium
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a log file.
CVE-2024-45739 1 Splunk 1 Splunk 2025-02-28 4.9 Medium
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you configure the Splunk Enterprise AdminManager log channel at the DEBUG logging level.