Search
Search Results (340458 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47939 | 2025-05-21 | N/A | ||
| Stack-based buffer overflow vulnerability exists in multiple laser printers and MFPs which implement Ricoh Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendors under [References]. | ||||
| CVE-2025-48427 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48426 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48425 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48424 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48423 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48422 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48421 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48420 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-48419 | 2025-05-21 | N/A | ||
| Not used | ||||
| CVE-2025-4436 | 2025-05-20 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-23122 | 2025-05-20 | N/A | ||
| This CVE record has been withdrawn due to a duplicate entry CVE-2025-23165. | ||||
| CVE-2022-40912 | 1 Etaplighting | 1 Etap Safety Manager | 2025-05-20 | 6.1 Medium |
| ETAP Lighting International NV ETAP Safety Manager 1.0.0.32 is vulnerable to Cross Site Scripting (XSS). Input passed to the GET parameter 'action' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site. | ||||
| CVE-2022-40708 | 2 Microsoft, Trendmicro | 2 Windows, Deep Security Agent | 2025-05-20 | 3.3 Low |
| An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This vulnerability is similar to, but not identical to CVE-2022-40707. | ||||
| CVE-2022-3193 | 1 Ovirt | 1 Ovirt-engine | 2025-05-20 | 6.1 Medium |
| An HTML injection/reflected Cross-site scripting (XSS) vulnerability was found in the ovirt-engine. A parameter "error_description" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages. | ||||
| CVE-2022-35722 | 1 Ibm | 1 Jazz For Service Management | 2025-05-20 | 5.4 Medium |
| IBM Jazz for Service Management is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 231381. | ||||
| CVE-2022-35282 | 1 Ibm | 1 Websphere Application Server | 2025-05-20 | 6.5 Medium |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, an attacker with local network access could exploit this vulnerability to obtain sensitive data. | ||||
| CVE-2022-2778 | 3 Linux, Microsoft, Octopus | 3 Linux Kernel, Windows, Octopus Server | 2025-05-20 | 9.8 Critical |
| In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null bytes. | ||||
| CVE-2022-24373 | 1 Swmansion | 1 React Native Reanimated | 2025-05-20 | 5.3 Medium |
| The package react-native-reanimated before 3.0.0-rc.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper usage of regular expression in the parser of Colors.js. | ||||
| CVE-2022-22387 | 1 Ibm | 1 Application Gateway | 2025-05-20 | 5.4 Medium |
| IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 221965. | ||||