CVEs and Security Vulnerabilities

Export limit exceeded: 338340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (338340 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-27654	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	6.1 Medium
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Cross Site Scripting (XSS) V-2023-017.
CVE-2025-27653	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	6.1 Medium
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Preauthenticated Cross Site Scripting (XSS): Badge Registration V-2023-012.
CVE-2025-27652	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: rfIDEAS V-2023-015.
CVE-2025-27651	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Server-Side Request Forgery: Elatec V-2023-014.
CVE-2025-27650	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Private Keys in Docker Overlay V-2023-013.
CVE-2025-27649	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140 allows Incorrect Access Control: PHP V-2023-016.
CVE-2025-27648	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Cross Tenant Password Exposure V-2024-003.
CVE-2025-27647	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Addition of Partial Admin Users Without Authentication V-2024-002.
CVE-2025-27646	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253 allows Edit User Account Exposure V-2024-001.
CVE-2025-27645	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Insecure Extension Installation by Trusting HTTP Permission Methods on the Server Side V-2024-005.
CVE-2025-27644	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	7.8 High
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Local Privilege Escalation V-2024-007.
CVE-2025-27643	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006.
CVE-2025-27642	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008.
CVE-2025-27641	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368 allows Unauthenticated APIs for Single-Sign On V-2024-009.
CVE-2025-27639	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	8.8 High
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Privilege Escalation V-2024-015.
CVE-2025-27638	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	9.8 Critical
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Hardcoded Password V-2024-013.
CVE-2025-27637	1 Printerlogic	2 Vasion Print, Virtual Appliance	2025-11-03	6.1 Medium
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Cross-Site Scripting V-2024-016.
CVE-2025-27533	1 Apache	1 Activemq	2025-11-03	7.5 High
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections. This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected. Users are recommended to upgrade to version 6.1.6+, 5.19.0+, 5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue. Existing users may implement mutual TLS to mitigate the risk on affected brokers.
CVE-2025-27407	1 Redhat	1 Satellite	2025-11-03	9.1 Critical
graphql-ruby is a Ruby implementation of GraphQL. Starting in version 1.11.5 and prior to versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21, loading a malicious schema definition in `GraphQL::Schema.from_introspection` (or `GraphQL::Schema::Loader.load`) can result in remote code execution. Any system which loads a schema by JSON from an untrusted source is vulnerable, including those that use GraphQL::Client to load external schemas via GraphQL introspection. Versions 1.11.8, 1.12.25, 1.13.24, 2.0.32, 2.1.14, 2.2.17, and 2.3.21 contain a patch for the issue.
CVE-2025-26618	1 Erlang	1 Otp	2025-11-03	6.5 Medium
Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang. Packet size is not verified properly for SFTP packets. As a result when multiple SSH packets (conforming to max SSH packet size) are received by ssh, they might be combined into an SFTP packet which will exceed the max allowed packet size and potentially cause large amount of memory to be allocated. Note that situation described above can only happen for successfully authenticated users after completing the SSH handshake. This issue has been patched in OTP versions 27.2.4, 26.2.5.9, and 25.3.2.18. There are no known workarounds for this vulnerability.

« first previous Page 1990 of 16917. next last »