Export limit exceeded: 334719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334719 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2031 | 1 1000mz | 1 Chestnutcms | 2025-05-12 | 6.3 Medium |
| A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects the function uploadFile of the file /dev-api/cms/file/upload. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2032 | 1 1000mz | 1 Chestnutcms | 2025-05-12 | 3.5 Low |
| A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4079 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PCMan FTP Server up to 2.0.7. Affected is an unknown function of the component RENAME Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3762 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component MPUT Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3727 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component STATUS Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3726 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component CD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3725 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component MIC Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3724 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component DIR Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3723 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component MDTM Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3678 | 1 Pcman | 1 Ftp Server | 2025-05-12 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component HELP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-47629 | 1 Wp-crm | 1 Wp-crm System | 2025-05-12 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in Mario Peshev WP-CRM System allows Object Injection. This issue affects WP-CRM System: from n/a through 3.4.1. | ||||
| CVE-2025-47545 | 1 Ays-pro | 1 Poll Maker | 2025-05-12 | 5.3 Medium |
| Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions. This issue affects Poll Maker: from n/a through 5.7.7. | ||||
| CVE-2025-47546 | 1 Wpcompress | 1 Wp Compress | 2025-05-12 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in AresIT WP Compress allows Cross Site Request Forgery. This issue affects WP Compress: from n/a through 6.30.30. | ||||
| CVE-2025-47547 | 1 Sendpulse | 1 Sendpulse Email Marketing Newsletter | 2025-05-12 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS. This issue affects SendPulse Email Marketing Newsletter: from n/a through 2.1.6. | ||||
| CVE-2022-43367 | 1 Ip-com | 2 Ew9, Ew9 Firmware | 2025-05-12 | 9.8 Critical |
| IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function. | ||||
| CVE-2022-43366 | 1 Ip-com | 2 Ew9, Ew9 Firmware | 2025-05-12 | 7.5 High |
| IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces. | ||||
| CVE-2022-43365 | 1 Ip-com | 2 Ew9, Ew9 Firmware | 2025-05-12 | 7.5 High |
| IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | ||||
| CVE-2022-43364 | 1 Ip-com | 2 Ew9, Ew9 Firmware | 2025-05-12 | 7.5 High |
| An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password. | ||||
| CVE-2022-43340 | 1 Dzzoffice | 1 Dzzoffice | 2025-05-12 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user accounts and grant Administrator rights to regular users. | ||||
| CVE-2022-42993 | 1 Password Storage Application Project | 1 Password Storage Application | 2025-05-12 | 5.4 Medium |
| Password Storage Application v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Setup page. | ||||