Search
Search Results (324537 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-46560 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | 7.2 High |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. | ||||
| CVE-2022-46492 | 1 Nbnbk Project | 1 Nbnbk | 2025-04-15 | 6.5 Medium |
| nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary. | ||||
| CVE-2022-43381 | 1 Ibm | 2 Aix, Vios | 2025-04-15 | 6.2 Medium |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639. | ||||
| CVE-2025-1073 | 2025-04-15 | 7.5 High | ||
| Panasonic IR Control Hub (IR Blaster) versions 1.17 and earlier may allow an attacker with physical access to load unauthorized firmware onto the device. | ||||
| CVE-2022-46171 | 1 Tauri | 1 Tauri | 2025-04-15 | 6.8 Medium |
| Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication. | ||||
| CVE-2025-32941 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32940 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32939 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32938 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32937 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32936 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32935 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32934 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2025-32933 | 2025-04-15 | N/A | ||
| Not used | ||||
| CVE-2024-11071 | 2025-04-15 | 8.8 High | ||
| Permissive Cross-domain Policy with Untrusted Domains vulnerability in local API server of DestinyECM solution(versions described below) which is developed and maintained by Cyberdigm may allow Cross-Site Request Forgery (CSRF) attack, which probabilistically enables JSON Hijacking (aka JavaScript Hijacking) via forgery web page.* Due to product customization, version information may differ from the following version description. For further inquiries, please contact the vendor. | ||||
| CVE-2021-42307 | 1 Microsoft | 1 Edge Chromium | 2025-04-14 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||||
| CVE-2023-29348 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-04-14 | 7.5 High |
| Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | ||||
| CVE-2023-36409 | 1 Microsoft | 1 Edge Chromium | 2025-04-14 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability | ||||
| CVE-2023-36416 | 1 Microsoft | 1 Dynamics 365 | 2025-04-14 | 6.1 Medium |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||||
| CVE-2023-36418 | 1 Microsoft | 1 Azure Rtos Guix Studio | 2025-04-14 | 7.8 High |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability | ||||