Search
Search Results (330178 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53387 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53386 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53385 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53384 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53383 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53382 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53381 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53380 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2023-20597 | 1 Amd | 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more | 2025-06-27 | 5.5 Medium |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | ||||
| CVE-2023-20594 | 1 Amd | 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more | 2025-06-27 | 4.4 Medium |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | ||||
| CVE-2024-21925 | 2025-06-27 | 8.2 High | ||
| Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. | ||||
| CVE-2024-0179 | 2025-06-27 | 8.2 High | ||
| SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution. | ||||
| CVE-2024-48646 | 1 Sage | 2 1000, Sage Frp 1000 | 2025-06-27 | 8.1 High |
| An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the server, leading to further system compromise. | ||||
| CVE-2024-48647 | 1 Sage | 2 1000, Sage Frp 1000 | 2025-06-27 | 7.2 High |
| A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server. | ||||
| CVE-2024-48648 | 1 Sage | 1 Sage Frp 1000 | 2025-06-27 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding. | ||||
| CVE-2024-48307 | 1 Jeecg | 2 Jeecg Boot, Jeecgboot | 2025-06-27 | 9.8 Critical |
| JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData. | ||||
| CVE-2024-53299 | 1 Apache | 1 Wicket | 2025-06-27 | 6.5 Medium |
| The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to upgrade to versions 9.19.0 or 10.3.0, which fixes this issue. | ||||
| CVE-2024-57326 | 1 Online Pizza Delivery System Project | 1 Online Pizza Delivery System | 2025-06-27 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability exists in the search.php file of the Online Pizza Delivery System 1.0. The vulnerability allows an attacker to execute arbitrary JavaScript code in the browser via unsanitized input passed through the search parameter. | ||||
| CVE-2024-57184 | 1 Gpac | 1 Gpac | 2025-06-27 | 5.5 Medium |
| An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_process_pmt in media_tools/mpegts.c:2163 that can cause a denial of service (DOS) via a crafted MP4 file. | ||||
| CVE-2024-57041 | 1 Nodebb | 1 Nodebb | 2025-06-27 | 4.6 Medium |
| A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile. | ||||