Search
Search Results (323539 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36604 | 1 Dell | 1 Unity Operating Environment | 2025-10-04 | 7.3 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. | ||||
| CVE-2025-61895 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61894 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61893 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61892 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61891 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61890 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61889 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61888 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61887 | 2025-10-04 | N/A | ||
| Not used | ||||
| CVE-2025-61585 | 2025-10-03 | N/A | ||
| Further research determined the issue is not an independent vulnerability as it originates from Apache Felix. | ||||
| CVE-2025-7259 | 1 Mongodb | 1 Mongodb | 2025-10-03 | 6.5 Medium |
| An authorized user can issue queries with duplicate _id fields, that leads to unexpected behavior in MongoDB Server, which may result to crash. This issue can only be triggered by authorized users and cause Denial of Service. This issue affects MongoDB Server v8.1 version 8.1.0. | ||||
| CVE-2025-6714 | 1 Mongodb | 1 Mongodb | 2025-10-03 | 7.5 High |
| MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Server v8.0 prior to 8.0.9 Required Configuration: This affects MongoDB sharded clusters when configured with load balancer support for mongos using HAProxy on specified ports. | ||||
| CVE-2025-6713 | 1 Mongodb | 1 Mongodb | 2025-10-03 | 7.7 High |
| An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB Server v8.0 versions prior to 8.0.7, MongoDB Server v7.0 versions prior to 7.0.19 and MongoDB Server v6.0 versions prior to 6.0.22 | ||||
| CVE-2025-6712 | 1 Mongodb | 1 Mongodb | 2025-10-03 | 6.5 Medium |
| MongoDB Server may be susceptible to disruption caused by high memory usage, potentially leading to server crash. This condition is linked to inefficiencies in memory management related to internal operations. In scenarios where certain internal processes persist longer than anticipated, memory consumption can increase, potentially impacting server stability and availability. This issue affects MongoDB Server v8.0 versions prior to 8.0.10 | ||||
| CVE-2025-6711 | 1 Mongodb | 1 Mongodb | 2025-10-03 | 4.4 Medium |
| An issue has been identified in MongoDB Server where unredacted queries may inadvertently appear in server logs when certain error conditions are encountered. This issue affects MongoDB Server v8.0 versions prior to 8.0.5, MongoDB Server v7.0 versions prior to 7.0.18 and MongoDB Server v6.0 versions prior to 6.0.21. | ||||
| CVE-2025-26390 | 1 Siemens | 4 Ozw672, Ozw672 Firmware, Ozw772 and 1 more | 2025-10-03 | 9.8 Critical |
| A vulnerability has been identified in OZW672 (All versions < V6.0), OZW772 (All versions < V6.0). The web service of affected devices is vulnerable to SQL injection when checking authentication data. This could allow an unauthenticated remote attacker to bypass the check and authenticate as Administrator user. | ||||
| CVE-2024-33577 | 1 Siemens | 2 Simcenter Femap, Simcenter Nastran | 2025-10-03 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain a stack overflow vulnerability while parsing specially strings as argument for one of the application binaries. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-10989 | 1 Ruoyi | 1 Ruoyi | 2025-10-03 | 6.3 Medium |
| A security flaw has been discovered in yangzongzhuan RuoYi up to 4.8.1. This vulnerability affects unknown code of the file /system/role/authUser/selectAll. Performing manipulation of the argument userIds results in improper authorization. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-10993 | 1 Muyucms | 1 Muyucms | 2025-10-03 | 4.7 Medium |
| A security flaw has been discovered in MuYuCMS up to 2.7. Affected by this issue is some unknown functionality of the file /admin.php of the component Template Management. The manipulation results in code injection. It is possible to launch the attack remotely. | ||||