Search
Search Results (308093 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43772 | 2025-09-04 | N/A | ||
| Kaleo Forms Admin in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.4 GA, 7.3 GA through update 27, and older unsupported versions does not restrict the saving of request parameters in the portlet session, which allows remote attackers to consume system memory leading to denial-of-service (DoS) conditions via crafted HTTP request. | ||||
| CVE-2023-50224 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-09-04 | N/A |
| TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899. | ||||
| CVE-2025-9377 | 2025-09-04 | N/A | ||
| The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es). | ||||
| CVE-2021-44457 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-43351 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41860 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41859 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41858 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41857 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41856 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41855 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41854 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41853 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41852 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-41851 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-3885 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2025-53187 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 9.8 Critical |
| Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prior authentication. This issue affects all versions of ASPECT prior to 3.08.04-s01 | ||||
| CVE-2021-37405 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33167 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33165 | 2025-09-04 | N/A | ||
| This is unused. | ||||