Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2025-43923 An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-43924 Cross Site Scripting vulnerability was discovered in Unicom Focal Point 7.6.1. The val parameter in SettingController (for /fp/admin/settings/loginpage) and the rootserviceurl parameter in FriendsCont... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-43925 An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data. | 4.6 | MEDIUM | — | 0 |
| CVE-2025-5503 A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the ar... | 8.8 | HIGH | — | 0 |
| CVE-2025-5504 A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5505 A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and classified as problematic. This issue affects some unknown processing of the file /boafrm/formPortFw of the component Virtual Ser... | 2.4 | LOW | — | 0 |
| CVE-2025-5506 A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the ar... | 2.4 | LOW | — | 0 |
| CVE-2025-23103 An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | 8.6 | HIGH | — | 0 |
| CVE-2025-44148 Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx component | 9.8 | CRITICAL | — | 0 |
| CVE-2025-5507 A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component MAC Filtering Page.... | 2.4 | LOW | — | 0 |
| CVE-2025-5508 A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IP Port Filtering Page. The ... | 2.4 | LOW | — | 0 |
| CVE-2025-5509 A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This affects an unknown part of the file /api/file/upload. The manipulation of the argument file/source lead... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-23107 An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The lack of a length check leads to out-of-bounds writes. | 8.6 | HIGH | — | 0 |
| CVE-2025-32105 A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-32106 In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST request request may result in an unauthenticated remote user's ability to execute unauthorized code. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-48337 Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3. | 5.3 | MEDIUM | — | 0 |
| CVE-2025-5510 A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This vulnerability affects unknown code of the file /app/sys/article/optimize. The manipulation of the argument u... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5515 A vulnerability, which was classified as critical, has been found in TOTOLINK X2000R 1.0.0-B20230726.1108. Affected by this issue is some unknown functionality of the file /boafrm/formMapDel. The mani... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-5516 A vulnerability, which was classified as problematic, was found in TOTOLINK X2000R 1.0.0-B20230726.1108. This affects an unknown part of the file /boafrm/formFilter of the component URL Filtering Page... | 2.4 | LOW | — | 0 |
| CVE-2025-5520 A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmm_state_authentication/emm_state_authentication of the component AMF/MME. The manipu... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-48999 DataEase is an open source business intelligence and data visualization tool. A bypass of CVE-2025-46566's patch exists in versions prior to 2.10.10. In a malicious payload, `getUrlType()` retrieves `... | 8.8 | HIGH | — | 0 |
| CVE-2025-23102 An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation. | 8.8 | HIGH | — | 0 |
| CVE-2025-48997 Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.1 allows an attacker to trigger a Denial of ... | N/A | NONE | — | 0 |
| CVE-2025-48998 DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass of the patch for CVE-2025-27103 allows authenticated users to read and deserialize arbit... | 8.8 | HIGH | — | 0 |
| CVE-2025-5521 A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /system/user/updataPassword. Th... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-5522 A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file ... | 7.3 | HIGH | — | 0 |
| CVE-2025-23097 An issue was discovered in Samsung Mobile Processor Exynos 1380. The lack of a length check leads to out-of-bounds writes. | 9.1 | CRITICAL | — | 0 |
| CVE-2025-46858 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46859 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46860 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46861 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46862 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46863 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46864 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-49792 Rejected reason: Not used | N/A | NONE | — | 0 |
| CVE-2025-46865 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46866 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46870 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46871 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46872 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46873 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46874 Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL refe... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-49793 Rejected reason: Not used | N/A | NONE | — | 0 |
| CVE-2025-46875 Adobe Experience Manager versions 6.5.22 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low privileged attacker is able to convince a victim to visit a URL refe... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46876 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46877 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46878 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46879 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-46880 Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts int... | 5.4 | MEDIUM | — | 0 |
| CVE-2024-39501 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.