Search
Search Results (308567 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45169 | 1 Uci | 2 Idol2, Idol 2 | 2025-09-04 | 9.8 Critical |
| An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution via the \xB0\x00\x3c byte sequence. | ||||
| CVE-2025-7679 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 8.1 High |
| The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT | ||||
| CVE-2025-7677 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 5.9 Medium |
| A denial-of-service (DoS) attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT. | ||||
| CVE-2025-58701 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58700 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58699 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58698 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58697 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58696 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58695 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58694 | 2025-09-04 | N/A | ||
| Not used | ||||
| CVE-2025-58171 | 2025-09-04 | N/A | ||
| This CVE is a duplicate of another CVE. | ||||
| CVE-2025-53187 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 9.8 Critical |
| Due to an issue in configuration, code that was intended for debugging purposes was included in the market release of the ASPECT FW allowing an attacker to bypass authentication. This vulnerability may allow an attacker to change the system time, access files, and make function calls without prior authentication. This issue affects all versions of ASPECT prior to 3.08.04-s01 | ||||
| CVE-2025-52709 | 2 Wordpress, Wpeverest | 2 Wordpress, Everest Forms | 2025-09-04 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2024-47258 | 2025-09-04 | 8.1 High | ||
| 2N Access Commander version 2.1 and prior is vulnerable in default settings to Man In The Middle attack due to not verifying certificates of 2N edge devices. 2N has currently released an updated version 3.3 of 2N Access Commander, with added Certificate Fingerprint Verification. Since version 2.2 of 2N Access Commander (released in February 2022) it is also possible to enforce TLS certificate validation.It is recommended that all customers update 2N Access Commander to the latest version and use one of two mentioned practices. | ||||
| CVE-2024-47255 | 1 2n | 1 Access Commander | 2025-09-04 | 4.7 Medium |
| In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges in the system which could allow for arbitrary code execution with root permissions. | ||||
| CVE-2024-47254 | 1 2n | 1 Access Commander | 2025-09-04 | 6.3 Medium |
| In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data Authenticity vulnerability could allow an attacker to escalate their privileges and gain root access to the system. | ||||
| CVE-2025-27701 | 1 Google | 1 Android | 2025-09-04 | 5.5 Medium |
| In the function process_crypto_cmd, the values of ptrs[i] can be potentially equal to NULL which is valid value after calling slice_map_array(). Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure. | ||||
| CVE-2025-27700 | 1 Google | 1 Android | 2025-09-04 | 8.4 High |
| There is a possible bypass of carrier restrictions due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-56193 | 1 Google | 1 Android | 2025-09-04 | 5.1 Medium |
| There is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||