CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2025-34036 An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34035 An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69372 Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through <= 1.6.2. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-20260 A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbi... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69371 Deserialization of Untrusted Data vulnerability in AncoraThemes KindlyCare kindlycare allows Object Injection.This issue affects KindlyCare: from n/a through <= 1.6.1. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69370 Deserialization of Untrusted Data vulnerability in ThemeGoods Capella capella allows Object Injection.This issue affects Capella: from n/a through <= 2.5.5. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-69329 Deserialization of Untrusted Data vulnerability in Jthemes Prestige prestige allows Object Injection.This issue affects Prestige: from n/a through < 1.4.1. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-28388 OpenC3 COSMOS before v6.0.2 was discovered to contain hardcoded credentials for the Service Account. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-11948 Document Management System developed by Excellent Infotek has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabl... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-56221 A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-56218 An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-56316 A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeM... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-62586 OPEXUS FOIAXpress allows a remote, unauthenticated attacker to reset the administrator password. Fixed in FOIAXpress version 11.13.2.0. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34516 Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials vulnerability that allows an unauthenticated attacker to obtain remote access. Ilevia has declined to servic... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34515 Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an execution with unnecessary privileges vulnerability in sync_project.sh that allows an attacker to escalate privileges to root. Ilevia ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34513 Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection vulnerability in mbus_build_from_csv.php that allows an unauthenticated attacker to execute arbitrary code. Ilevi... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54539 A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishi... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-11832 Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU-IC2, Azure Access Technology BLU-IC4 allows Flooding.This issue affects BLU-IC2: through 1.19.5; BLU-I... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24872 improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-10547 An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corrup... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-59407 The Flock Safety DetectionProcessing com.flocksafety.android.objects application 6.35.33 for Android (installed on Falcon and Sparrow License Plate Readers and Bravo Edge AI Compute Devices) bundles a... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-10542 iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remot... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-43166 Incorrect Default Permissions vulnerability in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the i... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54494 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54493 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54492 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54491 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54490 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54489 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54488 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54487 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54486 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54485 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54484 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54483 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54482 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54481 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54480 A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbit... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-54462 A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitra... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-53853 A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file ... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-53557 A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitr... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-53518 An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ABF file can lead to arbitrary code ex... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-53511 A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitr... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-8324 Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-27638 Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0.2614 allows Hardcoded Password V-2024-013. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-27641 Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368 allows Unauthenticated APIs for Single-Sign On V-2024-009. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-27642 Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Unauthenticated Driver Package Editing V-2024-008. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-27643 Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368 allows Hardcoded AWS API Key V-2024-006. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-52581 An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted GDF file can lead to arbitrary code ex... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-48005 A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted RHS2000 file can lead to ... | 9.8 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.