Total
79929 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25318 | 1 Hotel Management System Project | 1 Hotel Management System | 2025-06-16 | N/A | 8.8 HIGH |
| Code-projects Hotel Managment System 1.0 allows SQL Injection via the 'pid' parameter in Hotel/admin/print.php?pid=2. | |||||
| CVE-2024-22749 | 1 Gpac | 1 Gpac | 2025-06-16 | N/A | 7.8 HIGH |
| GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577 | |||||
| CVE-2024-22562 | 1 Swftools | 1 Swftools | 2025-06-16 | N/A | 7.8 HIGH |
| swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c. | |||||
| CVE-2024-21833 | 1 Tp-link | 10 Archer Ax3000, Archer Ax3000 Firmware, Archer Ax5400 and 7 more | 2025-06-16 | N/A | 8.8 HIGH |
| Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi. | |||||
| CVE-2024-21780 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2025-06-16 | N/A | 7.5 HIGH |
| Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported. | |||||
| CVE-2023-51939 | 1 Relic Project | 1 Relic | 2025-06-16 | N/A | 8.8 HIGH |
| An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function. | |||||
| CVE-2023-51838 | 1 Meshcentral | 1 Meshcentral | 2025-06-16 | N/A | 7.5 HIGH |
| Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm. | |||||
| CVE-2023-51257 | 1 Jasper Project | 1 Jasper | 2025-06-16 | N/A | 7.8 HIGH |
| An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. | |||||
| CVE-2023-51065 | 1 Qstar | 1 Archive Storage Manager | 2025-06-16 | N/A | 7.5 HIGH |
| Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to obtain system backups and other sensitive information from the QStar Server. | |||||
| CVE-2023-39611 | 1 Softwarefx | 1 Chart Fx | 2025-06-16 | N/A | 7.5 HIGH |
| An issue in Software FX Chart FX 7 version 7.0.4962.20829 allows attackers to enumerate and read files from the local filesystem by sending crafted web requests. | |||||
| CVE-2023-32401 | 1 Apple | 1 Macos | 2025-06-16 | N/A | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.6.6, macOS Big Sur 11.7.7, macOS Ventura 13.4. Parsing an office document may lead to an unexpected app termination or arbitrary code execution. | |||||
| CVE-2025-5126 | 1 Flir | 2 Flir Ax8, Flir Ax8 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in FLIR AX8 up to 1.46.16. This vulnerability affects the function setDataTime of the file \usr\www\application\models\settingsregional.php. The manipulation of the argument year/month/day/hour/minute leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-5907 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5908 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-43667 | 1 Apache | 1 Inlong | 2025-06-16 | N/A | 7.5 HIGH |
| Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.8.0, the attacker can create misleading or false log records, making it harder to audit and trace malicious activities. Users are advised to upgrade to Apache InLong's 1.9.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/8628 | |||||
| CVE-2025-5909 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5910 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5911 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5912 | 1 Dlink | 2 Dir-632, Dir-632 Firmware | 2025-06-16 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-5913 | 1 Anujk305 | 1 Vehicle Record Management System | 2025-06-16 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||