Search Results (14117 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-50018 2025-06-18 4.4 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-29720 1 Langgenius 1 Dify 2025-06-18 4.8 Medium
Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component controllers.console.remote_files.RemoteFileUploadApi.
CVE-2025-38026 2025-06-18 4.4 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2023-5800 1 Axis 3 Axis Os, Axis Os 2020, Axis Os 2022 2025-06-17 5.4 Medium
Vintage, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API create_overlay.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
CVE-2023-5677 1 Axis 22 M3024-lve, M3024-lve Firmware, M3025-ve and 19 more 2025-06-17 6.3 Medium
Brandon Rothel from QED Secure Solutions and Sam Hanson of Dragos have found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. The impact of exploiting this vulnerability is lower with operator-privileges compared to administrator-privileges service accounts. Please refer to the Axis security advisory for more information and solution.
CVE-2021-22282 1 Br-automation 1 Automation Studio 2025-06-17 8.3 High
Improper Control of Generation of Code ('Code Injection') vulnerability in B&R Industrial Automation Automation Studio allows Local Execution of Code.This issue affects Automation Studio: from 4.0 through 4.12.
CVE-2023-47116 1 Humansignal 1 Label Studio 2025-06-17 5.3 Medium
Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack.
CVE-2024-22205 1 Benbusby 1 Whoogle Search 2025-06-17 9.1 Critical
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `window` endpoint does not sanitize user-supplied input from the `location` variable and passes it to the `send` method which sends a `GET` request on lines 339-343 in `request.py,` which leads to a server-side request forgery. This issue allows for crafting GET requests to internal and external resources on behalf of the server. For example, this issue would allow for accessing resources on the internal network that the server has access to, even though these resources may not be accessible on the internet. This issue is fixed in version 0.8.4.
CVE-2023-42429 1 Intel 12 Nuc 7 Essential Nuc7cjysal, Nuc 7 Essential Nuc7cjysamn, Nuc 7 Essential Nuc7cjysamn Firmware and 9 more 2025-06-17 7.5 High
Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-0649 1 Zhiyun-tech 1 Zhihuiyun 2025-06-17 6.3 Medium
A vulnerability was found in ZhiHuiYun up to 4.4.13 and classified as critical. This issue affects the function download_network_image of the file /app/Http/Controllers/ImageController.php of the component Search. The manipulation of the argument url leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251375.
CVE-2024-22408 1 Shopware 1 Shopware 2025-06-17 7.6 High
Shopware is an open headless commerce platform. The implemented Flow Builder functionality in the Shopware application does not adequately validate the URL used when creating the “call webhook” action. This enables malicious users to perform web requests to internal hosts. This issue has been fixed in the Commercial Plugin release 6.5.7.4 or with the Security Plugin. For installations with Shopware 6.4 the Security plugin is recommended to be installed and up to date. For older versions of 6.4 and 6.5 corresponding security measures are also available via a plugin. For the full range of functions, we recommend updating to the latest Shopware version.
CVE-2024-0601 1 Zhongfucheng3y 1 Austin 2025-06-17 6.3 Medium
A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250838 is the identifier assigned to this vulnerability.
CVE-2023-42134 1 Paxtechnology 3 A50, A920 Pro, Paydroid 2025-06-17 6.8 Medium
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow the signed partition overwrite and subsequently local code execution via hidden command. The attacker must have physical USB access to the device in order to exploit this vulnerability.
CVE-2023-31025 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2025-06-17 6.5 Medium
NVIDIA DGX A100 BMC contains a vulnerability where an attacker may cause an LDAP user injection. A successful exploit of this vulnerability may lead to information disclosure.
CVE-2024-0252 1 Zohocorp 1 Manageengine Adselfservice Plus 2025-06-17 8.8 High
ManageEngine ADSelfService Plus versions 6401 and below are vulnerable to the remote code execution due to the improper handling in the load balancer component. Authentication is required in order to exploit this vulnerability.
CVE-2024-30125 1 Hcltech 1 Bigfix Compliance 2025-06-17 6.2 Medium
HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.
CVE-2024-30845 1 Rainbow External Link Network Disk Project 1 Rainbow External Link Network Disk 2025-06-17 6.1 Medium
Cross Site Scripting vulnerability in Rainbow external link network disk v.5.5 allows a remote attacker to execute arbitrary code via the validation component of the input parameters.
CVE-2024-32487 4 Debian, Greenwoodsoftware, Netapp and 1 more 12 Debian Linux, Less, Bootstrap Os and 9 more 2025-06-17 8.6 High
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
CVE-2024-29500 2 Inteset, Secure Lockdown 2 Secure Lockdown, Multi Application Edition 2025-06-17 9.8 Critical
An issue in the kiosk mode of Secure Lockdown Multi Application Edition v2.00.219 allows attackers to execute arbitrary code via running a ClickOnce application instance.
CVE-2024-31819 1 Wwbn 1 Avideo 2025-06-17 9.8 Critical
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.