Search
Search Results (308093 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-33116 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33112 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33111 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33109 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33102 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2025-7677 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 5.9 Medium |
| A denial-of-service (DoS) attack is possible if access to the local network is provided to unauthorized users. This is due to a buffer copy issue that may lead to a software crash. This issue affects all versions of ASPECT. | ||||
| CVE-2021-33100 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33099 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33085 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33084 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2021-33072 | 2025-09-04 | N/A | ||
| This is unused. | ||||
| CVE-2025-7679 | 1 Abb | 3 Aspect Enterprise, Matrix Series, Nexus Series | 2025-09-04 | 8.1 High |
| The ASPECT system allows users to bypass authentication. This issue affects all versions of ASPECT | ||||
| CVE-2025-58358 | 2025-09-04 | 7.5 High | ||
| Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This issue is fixed in version 0.0.2. | ||||
| CVE-2025-9942 | 2025-09-04 | 6.3 Medium | ||
| A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an unknown function of the file /submitproperty.php. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9941 | 2025-09-04 | 6.3 Medium | ||
| A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown function of the file /register.php. Executing manipulation of the argument uimage can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2025-58357 | 2025-09-04 | 9.7 Critical | ||
| 5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP servers, and exploited tool integrations. This is fixed in version 0.14.0. | ||||
| CVE-2025-9940 | 2025-09-04 | 3.5 Low | ||
| A vulnerability was detected in CodeAstro Real Estate Management System 1.0. This affects an unknown function of the file /feature.php. Performing manipulation of the argument msg results in cross site scripting. The attack can be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2025-9939 | 2025-09-04 | 3.5 Low | ||
| A security vulnerability has been detected in CodeAstro Real Estate Management System 1.0. The impacted element is an unknown function of the file /propertyview.php. Such manipulation of the argument msg leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-58355 | 2025-09-03 | 7.7 High | ||
| Soft Serve is a self-hostable Git server for the command line. In versions 0.9.1 and below, attackers can create or override arbitrary files with uncontrolled data through its SSH API. This issue is fixed in version 0.10.0. | ||||
| CVE-2025-9938 | 2025-09-03 | 8.8 High | ||
| A weakness has been identified in D-Link DI-8400 16.07.26A1. The affected element is the function yyxz_dlink_asp of the file /yyxz.asp. This manipulation of the argument ID causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. | ||||