Export limit exceeded: 336176 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336176 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57622 | 1 Stepfun-ai | 1 Step-video-t2v | 2026-03-04 | N/A |
| An issue in Step-Video-T2V allows a remote attacker to execute arbitrary code via the /vae-api , /caption-api , feature = pickle.loads(request.get_data()) component | ||||
| CVE-2025-70821 | 1 Renrenio | 1 Renren-security | 2026-03-04 | N/A |
| renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component | ||||
| CVE-2024-55027 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 7.5 High |
| Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db. | ||||
| CVE-2024-55019 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 6.5 Medium |
| Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files. | ||||
| CVE-2024-55020 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 9.8 Critical |
| A command injection vulnerability in the DHCP activation feature of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows attackers to execute arbitrary commands with root privileges. | ||||
| CVE-2024-55021 | 1 Weintek | 1 Cmt3072xh | 2026-03-04 | 7.5 High |
| Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded password in the FTP protocol. | ||||
| CVE-2024-55022 | 1 Weintek | 1 Cmt3072xh | 2026-03-04 | 8.8 High |
| Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter. | ||||
| CVE-2024-55023 | 1 Weintek | 1 Cmt3072xh | 2026-03-04 | 5.3 Medium |
| Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain a hardcoded encryption key which could allow attackers to access sensitive information. | ||||
| CVE-2024-55024 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 8.8 High |
| An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts. | ||||
| CVE-2024-55025 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 6.5 Medium |
| Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system. | ||||
| CVE-2024-55026 | 1 Weintek | 4 Cmt-3072xh2, Cmt-3072xh2 Firmware, Cmt3072xh and 1 more | 2026-03-04 | 8.8 High |
| An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request. | ||||
| CVE-2025-66945 | 2 Zdir, Zdir Pro | 2 Zdir, Zdir Pro | 2026-03-04 | 9.1 Critical |
| A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution | ||||
| CVE-2026-26887 | 2 Oretnom23, Sourcecodester | 2 Pharmacy Point Of Sale System, Pharmacy Point Of Sale System | 2026-03-04 | 2.7 Low |
| Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manage_supplier.php. | ||||
| CVE-2026-26888 | 2 Oretnom23, Sourcecodester | 2 Pharmacy Point Of Sale System, Pharmacy Point Of Sale System | 2026-03-04 | 2.7 Low |
| Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manage_stock.php. | ||||
| CVE-2026-26889 | 2 Oretnom23, Sourcecodester | 2 Pharmacy Point Of Sale System, Pharmacy Point Of Sale System | 2026-03-04 | 2.7 Low |
| Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manage_category.php. | ||||
| CVE-2026-26891 | 2 Oretnom23, Sourcecodester | 2 Simple Logistic Hub Parcel\'s Management System, Logistic Hub Parcels Management System | 2026-03-04 | 2.7 Low |
| Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage_parcel_type.php. | ||||
| CVE-2026-26892 | 1 Sourcecodester | 1 Logistic Hub Parcels Management System | 2026-03-04 | N/A |
| Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage_carrier.php. | ||||
| CVE-2026-26890 | 2 Oretnom23, Sourcecodester | 2 Pharmacy Point Of Sale System, Pharmacy Point Of Sale System | 2026-03-04 | 2.7 Low |
| Sourcecodester Pharmacy Point of Sale System v1.0 is vulnerable to SQL Injection in /pharmacy/manage_product.php. | ||||
| CVE-2026-26883 | 2 Oretnom23, Sourcecodester | 2 Simple Online Men\'s Salon Management System, Online Mens Salon Management System | 2026-03-04 | 2.7 Low |
| Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/classes/Master.php?f=delete_appointment. | ||||
| CVE-2026-26884 | 2 Oretnom23, Sourcecodester | 2 Simple Online Men\'s Salon Management System, Online Mens Salon Management System | 2026-03-04 | 2.7 Low |
| Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/admin/appointments/view_appointment.php. | ||||