Export limit exceeded: 334744 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334744 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20973 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-02 | 5.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Jan-2026 Release 1 allows remote attacker to access out-of-bounds memory. | ||||
| CVE-2025-63059 | 2 Arscode, Wordpress | 2 Ninja Popups, Wordpress | 2026-02-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arscode Ninja Popups arscode-ninja-popups allows Stored XSS.This issue affects Ninja Popups: from n/a through <= 4.7.8. | ||||
| CVE-2025-20984 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 6.8 Medium |
| Incorrect default permission in Samsung Cloud for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to access data in Samsung Cloud for Galaxy Watch. | ||||
| CVE-2025-20986 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 5.5 Medium |
| Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots. | ||||
| CVE-2025-20912 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 6.2 Medium |
| Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local attackers to access data within Galaxy Watch. | ||||
| CVE-2025-20910 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 6.2 Medium |
| Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar-2025 Release 1 allows local attackers to access data in Galaxy Watch Gallery. | ||||
| CVE-2025-20911 | 1 Samsung | 11 Galaxy Watch, Galaxy Watch 4, Galaxy Watch 4 Classic and 8 more | 2026-02-02 | 4.4 Medium |
| Improper access control in sem_wifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch. | ||||
| CVE-2021-47748 | 1 Hasura | 1 Graphql Engine | 2026-02-02 | 9.8 Critical |
| Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the run_sql endpoint by crafting malicious GraphQL queries that execute system commands through PostgreSQL's COPY FROM PROGRAM functionality. | ||||
| CVE-2024-49422 | 1 Samsung | 1 Android | 2026-02-02 | 5.2 Medium |
| Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-9278 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible. | ||||
| CVE-2025-9279 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limit Storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9281 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive step limit storm tests, the device reboots | ||||
| CVE-2025-9280 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot. | ||||
| CVE-2025-9282 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive limited storm tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9283 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9464 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. This vulnerability is triggered during fuzzing of multiple CIP classes, which causes the CIP port to become unresponsive. | ||||
| CVE-2025-9465 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles Comprehensive grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2025-9466 | 1 Rockwellautomation | 2 Armorstart Lt, Armorstart Lt Firmware | 2026-02-02 | 7.5 High |
| A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP and CIP grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds. | ||||
| CVE-2021-47802 | 1 Tenda | 4 D151, D151 Firmware, D301 and 1 more | 2026-02-02 | 7.5 High |
| Tenda D151 and D301 routers contain an unauthenticated configuration download vulnerability that allows remote attackers to retrieve router configuration files. Attackers can send a request to /goform/getimage endpoint to download configuration data including admin credentials without authentication. | ||||
| CVE-2021-47817 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-02-02 | 5.4 Medium |
| OpenEMR 5.0.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript through user profile parameters. Attackers can exploit the vulnerability by crafting a malicious payload to download and execute a web shell, enabling remote command execution on the vulnerable OpenEMR instance. | ||||