Search
Search Results (357661 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-22578 | 1 Sequelizejs | 1 Sequelize | 2025-04-01 | 10 Critical |
| Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections. | ||||
| CVE-2023-22580 | 1 Sequelizejs | 1 Sequelize | 2025-04-01 | 5.3 Medium |
| Due to improper input filtering in the sequalize js library, can malicious queries lead to sensitive information disclosure. | ||||
| CVE-2023-22579 | 1 Sequelizejs | 1 Sequelize | 2025-04-01 | 9.9 Critical |
| Due to improper parameter filtering in the sequalize js library, can a attacker peform injection. | ||||
| CVE-2022-41217 | 1 Hybridsoftware | 1 Cloudflow | 2025-04-01 | 9.8 Critical |
| Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage. | ||||
| CVE-2022-3901 | 1 Visioglobe | 1 Visioweb | 2025-04-01 | 7.2 High |
| Prototype Pollution in Visioweb.js 1.10.6 allows attackers to execute XSS on the client system. | ||||
| CVE-2025-31523 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31522 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31521 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31520 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31519 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31518 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31517 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31516 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-31515 | 2025-04-01 | N/A | ||
| Not used | ||||
| CVE-2025-27167 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-31 | 7.8 High |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. If the application uses a search path to locate critical resources such as programs, then an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts. | ||||
| CVE-2025-27168 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-31 | 7.8 High |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27170 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-31 | 5.5 Medium |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-10515 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2025-03-31 | 3.5 Low |
| In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor | ||||
| CVE-2024-51209 | 1 Phpgurukul | 1 Client Management System | 2025-03-31 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerabilities in Anuj Kumar's Client Management System Version 1.2 allow local attackers to inject arbitrary web script or HTML via the search input field parameter to admin search invoice page and client search invoice page. | ||||
| CVE-2024-51065 | 1 Phpgurukul | 1 Beauty Parlour Management System | 2025-03-31 | 9.8 Critical |
| Phpgurukul Beauty Parlour Management System v1.1 is vulnerable to SQL Injection in admin/index.php via the the username parameter. | ||||