Search Results (364866 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-34752 2 Apple, Bloofox 2 Macos, Bloofoxcms 2025-01-02 9.8 Critical
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.
CVE-2023-34751 2 Apple, Bloofox 2 Macos, Bloofoxcms 2025-01-02 9.8 Critical
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the gid parameter at admin/index.php?mode=user&page=groups&action=edit.
CVE-2023-34750 2 Apple, Bloofox 2 Macos, Bloofoxcms 2025-01-02 9.8 Critical
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=projects&action=edit.
CVE-2024-2147 1 Oretnom23 1 Online Mobile Store Management System 2025-01-02 7.3 High
A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-255500.
CVE-2024-2148 1 Oretnom23 1 Online Mobile Store Management System 2025-01-02 6.3 Medium
A vulnerability classified as critical has been found in SourceCodester Online Mobile Management Store 1.0. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-255501 was assigned to this vulnerability.
CVE-2023-28602 1 Zoom 1 Zoom 2025-01-02 2.8 Low
Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially downgrade Zoom Client components to previous versions.
CVE-2024-2150 2 Munyweki, Sourcecodester 2 Insurance Management System, Insurance Management System 2025-01-02 5.3 Medium
A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. This issue affects some unknown processing. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255503.
CVE-2023-28603 2 Microsoft, Zoom 2 Windows, Virtual Desktop Infrastructure 2025-01-02 7.7 High
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions.
CVE-2023-34120 2 Microsoft, Zoom 2 Windows, Virtual Desktop Infrastructure 2025-01-02 8.7 High
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privileges maintained by the Zoom client to spawn processes with escalated privileges.
CVE-2023-28598 1 Zoom 1 Zoom 2025-01-02 7.5 High
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
CVE-2023-28599 1 Zoom 1 Zoom 2025-01-02 4.3 Medium
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
CVE-2023-28600 1 Zoom 1 Zoom 2025-01-02 5.2 Medium
Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client files potentially causing a loss of integrity and availability to the Zoom Client.
CVE-2023-28601 1 Zoom 1 Zoom 2025-01-02 8.3 High
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.
CVE-2023-34121 2 Microsoft, Zoom 4 Windows, Rooms, Virtual Desktop Infrastructure and 1 more 2025-01-02 4.1 Medium
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
CVE-2023-34114 1 Zoom 1 Zoom 2025-01-02 7.4 High
Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.
CVE-2022-35822 1 Microsoft 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more 2025-01-02 7.1 High
Windows Defender Credential Guard Security Feature Bypass Vulnerability
CVE-2022-34711 1 Microsoft 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more 2025-01-02 7.8 High
Windows Defender Credential Guard Elevation of Privilege Vulnerability
CVE-2022-35820 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2025-01-02 7.8 High
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-35827 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-02 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2022-35826 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2025-01-02 8.8 High
Visual Studio Remote Code Execution Vulnerability