Export limit exceeded: 334422 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334422 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-59724 | 2025-09-20 | N/A | ||
| Not used | ||||
| CVE-2025-59723 | 2025-09-20 | N/A | ||
| Not used | ||||
| CVE-2025-59722 | 2025-09-20 | N/A | ||
| Not used | ||||
| CVE-2025-59721 | 2025-09-20 | N/A | ||
| Not used | ||||
| CVE-2025-59720 | 2025-09-20 | N/A | ||
| Not used | ||||
| CVE-2025-54630 | 1 Huawei | 1 Harmonyos | 2025-09-20 | 6.8 Medium |
| :Vulnerability of insufficient data length verification in the DFA module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-54632 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | 6.8 Medium |
| Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2025-54640 | 1 Huawei | 1 Harmonyos | 2025-09-20 | 5.5 Medium |
| ParcelMismatch vulnerability in attribute deserialization. Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions. | ||||
| CVE-2025-54643 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | 6.6 Medium |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-54644 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | 6.6 Medium |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-54650 | 1 Huawei | 1 Harmonyos | 2025-09-20 | 4.2 Medium |
| Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function. | ||||
| CVE-2025-55834 | 2 Huayi-tec, Jeewms | 2 Jeewms, Jeewms | 2025-09-20 | 6.1 Medium |
| A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows a remote attacker to obtain sensitive information via the logController.do component | ||||
| CVE-2025-52044 | 1 Frappe | 1 Erpnext | 2025-09-20 | 7.5 High |
| In Frappe ERPNext v15.57.5, the function get_stock_balance() at erpnext/stock/utils.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into inventory_dimensions_dict parameter. | ||||
| CVE-2025-58749 | 1 Bytecodealliance | 1 Webassembly Micro Runtime | 2025-09-20 | 5.3 Medium |
| WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssembly (Wasm) runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand (memory address pointer) is greater than or equal to 2147483648 bytes (2GiB). This causes the runtime to hang in release builds or crash in debug builds due to accessing an invalid pointer. The issue does not occur in FAST-JIT mode or other runtime tools. This has been fixed in version 2.4.2. | ||||
| CVE-2025-52048 | 1 Frappe | 1 Frappe | 2025-09-20 | 6.5 Medium |
| In Frappe 15.x.x before 15.72.0 and 14.x.x before 14.96.10, in the function add_tag() at `frappe/desk/doctype/tag/tag.py` is vulnerable to SQL Injection, which allows an attacker to extract information from databases by injecting a SQL query into the `dt` parameter. | ||||
| CVE-2025-10094 | 1 Gitlab | 1 Gitlab | 2025-09-20 | 6.5 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large names. | ||||
| CVE-2025-1250 | 1 Gitlab | 1 Gitlab | 2025-09-20 | 6.5 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed an authenticated user to stall background job processing by sending specially crafted commit messages, merge request descriptions, or notes. | ||||
| CVE-2025-2256 | 1 Gitlab | 1 Gitlab | 2025-09-20 | 7.5 High |
| An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed unauthorized users to render the GitLab instance unresponsive to legitimate users by sending multiple concurrent large SAML responses. | ||||
| CVE-2025-6454 | 1 Gitlab | 1 Gitlab | 2025-09-20 | 8.5 High |
| An issue has been discovered in GitLab CE/EE affecting all versions from 16.11 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences. | ||||
| CVE-2025-6769 | 1 Gitlab | 1 Gitlab | 2025-09-20 | 4.3 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions from 15.1 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to view administrator-only maintenance notes by accessing runner details through specific interfaces. | ||||