Export limit exceeded: 334736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334736 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-6923 | 1 Talentsoft | 1 Unis | 2026-01-07 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Talent Software UNIS allows Reflected XSS.This issue affects UNIS: before 42957. | ||||
| CVE-2026-22162 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22161 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22160 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22159 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22158 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22157 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2026-22156 | 2026-01-07 | N/A | ||
| Not used | ||||
| CVE-2025-10876 | 1 Talentsoftware | 1 Bap Automation | 2026-01-07 | 5.3 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Talent Software e-BAP Automation allows Cross-Site Scripting (XSS).This issue affects e-BAP Automation: from 1.8.96 before v.41815. | ||||
| CVE-2025-15200 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 2.4 Low |
| A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15201 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 3.5 Low |
| A flaw has been found in SohuTV CacheCloud up to 3.2.0. The impacted element is the function redirectNoPower of the file src/main/java/com/sohu/cache/web/controller/WebResourceController.java. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15202 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 2.4 Low |
| A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15203 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 2.4 Low |
| A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15204 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 2.4 Low |
| A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15219 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 3.5 Low |
| A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15220 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 4.3 Medium |
| A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-15221 | 1 Sohu | 1 Cachecloud | 2026-01-06 | 3.5 Low |
| A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-63947 | 2 Craigtaub, Phpmsadmin | 2 Phpmsadmin, Phpmsadmin | 2026-01-06 | 5.4 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability exists in phpMsAdmin version 2.2 in the database_mode.php file. An attacker can execute arbitrary web script or HTML via the dbname parameter after a user is authenticated. | ||||
| CVE-2025-63525 | 2 Blood Bank Management System Project, Shridharshukl | 2 Blood Bank Management System, Blood Bank Management System | 2026-01-06 | 9.6 Critical |
| An issue was discovered in Blood Bank Management System 1.0 allowing authenticated attackers to perform actions with escalated privileges via crafted request to delete.php. | ||||
| CVE-2025-59704 | 1 Entrust | 11 Nshield 5c, Nshield 5c Firmware, Nshield Connect Xc and 8 more | 2026-01-06 | 7.8 High |
| Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow an attacker to gain access the the BIOS menu because is has no password. | ||||