Search
Search Results (324417 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46379 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-46378 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-46377 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-46376 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-46375 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-46374 | 2025-04-24 | N/A | ||
| Not used | ||||
| CVE-2025-3378 | 1 Pcman | 1 Ftp Server | 2025-04-23 | 7.3 High |
| A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. Affected is an unknown function of the component EPRT Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3374 | 1 Pcman | 1 Ftp Server | 2025-04-23 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. Affected by this issue is some unknown functionality of the component CCC Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3162 | 1 Internlm | 1 Lmdeploy | 2025-04-23 | 5.3 Medium |
| A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function load_weight_ckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2946 | 1 Pgadmin | 1 Pgadmin 4 | 2025-04-23 | 9.1 Critical |
| pgAdmin <= 9.1 is affected by a security vulnerability with Cross-Site Scripting(XSS). If attackers execute any arbitrary HTML/JavaScript in a user's browser through query result rendering, then HTML/JavaScript runs on the browser. | ||||
| CVE-2021-36471 | 1 Adminlte.io | 1 Adminlte | 2025-04-23 | 9.8 Critical |
| Directory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /admin/index2.html, /admin/index3.html URIs. Note: AdminLTE developers dispute that this a weakness with AdminLTE and is instead a misconfiguration error on various websites by the website developers. | ||||
| CVE-2024-57672 | 1 Projectfloodlight | 1 Floodlight | 2025-04-23 | 5.5 Medium |
| An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module, Topologylnstance module, Routing module. | ||||
| CVE-2024-57673 | 1 Projectfloodlight | 1 Floodlight | 2025-04-23 | 5.5 Medium |
| An issue in floodlight v1.2 allows a local attacker to cause a denial of service via the Topology Manager module and Linkdiscovery module | ||||
| CVE-2025-0881 | 1 Codezips | 1 Gym Management System | 2025-04-23 | 6.3 Medium |
| A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /dashboard/admin/saveroutine.php. The manipulation of the argument rname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-57369 | 1 Typecho | 1 Typecho | 2025-04-23 | 6.4 Medium |
| Clickjacking vulnerability in typecho v1.2.1. | ||||
| CVE-2024-55000 | 1 Mayurik | 1 House Rental Management System | 2025-04-23 | 5.4 Medium |
| Sourcecodester House Rental Management system v1.0 is vulnerable to Cross Site Scripting (XSS) in rental/manage_categories.php. | ||||
| CVE-2024-56116 | 1 Amiro | 1 Amiro.cms | 2025-04-23 | 8.8 High |
| A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account. | ||||
| CVE-2024-56115 | 1 Amiro | 1 Amiro.cms | 2025-04-23 | 6.1 Medium |
| A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct a Cross-Site Scripting (XSS) attack. | ||||
| CVE-2024-32841 | 1 Ivanti | 1 Endpoint Manager | 2025-04-23 | 7.2 High |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
| CVE-2024-32839 | 1 Ivanti | 2 Endpoint Manager, Epm | 2025-04-23 | 7.2 High |
| SQL injection in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||