Total
31801 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4752 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-06-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /install_base.data. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4753 | 1 Dlink | 2 Di-7003g, Di-7003g Firmware | 2025-06-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125) and classified as problematic. Affected by this issue is some unknown functionality of the file /login.data. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5184 | 1 Summerpearlgroup | 1 Vacation Rental Management Platform | 2025-06-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1. It has been classified as problematic. Affected is an unknown function of the component HTTP Response Header Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. Upgrading to version 1.0.2 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2024-22368 | 1 Tozt | 1 Spreadsheet\ | 2025-06-03 | N/A | 5.5 MEDIUM |
| The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells. | |||||
| CVE-2024-0333 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-06-03 | N/A | 5.3 MEDIUM |
| Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-6139 | 1 G5plus | 1 Essential Real Estate | 2025-06-03 | N/A | 6.5 MEDIUM |
| The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks. | |||||
| CVE-2023-6042 | 1 Motopress | 1 Getwid | 2025-06-03 | N/A | 7.5 HIGH |
| Any unauthenticated user may send e-mail from the site with any title or content to the admin | |||||
| CVE-2023-52271 | 1 Topazevolution | 1 Antifraud | 2025-06-03 | N/A | 6.5 MEDIUM |
| The wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud allows low-privileged attackers to kill any (Protected Process Light) process via an IOCTL (which will be named at a later time). | |||||
| CVE-2023-52031 | 1 Totolink | 2 A3700r, A3700r Firmware | 2025-06-03 | N/A | 9.8 CRITICAL |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the UploadFirmwareFile function. | |||||
| CVE-2023-51277 | 1 Tinowagner | 1 Jupyter Notebook Viewer | 2025-06-03 | N/A | 9.8 CRITICAL |
| nbviewer-app (aka Jupyter Notebook Viewer) before 0.1.6 has the get-task-allow entitlement for release builds. | |||||
| CVE-2023-50643 | 1 Evernote | 1 Evernote | 2025-06-03 | N/A | 9.8 CRITICAL |
| An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components. | |||||
| CVE-2023-50090 | 1 Ureport2 Project | 1 Ureport2 | 2025-06-03 | N/A | 9.8 CRITICAL |
| Arbitrary File Write vulnerability in the saveReportFile method of ureport2 2.2.9 and before allows attackers to write arbitrary files and run arbitrary commands via crafted POST request. | |||||
| CVE-2023-49558 | 1 Yasm Project | 1 Yasm | 2025-06-03 | N/A | 5.5 MEDIUM |
| An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expand_mmac_params function in the modules/preprocs/nasm/nasm-pp.c component. | |||||
| CVE-2023-49556 | 1 Yasm Project | 1 Yasm | 2025-06-03 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the expr_delete_term function in the libyasm/expr.c component. | |||||
| CVE-2023-49553 | 1 Cesanta | 1 Mjs | 2025-06-03 | N/A | 7.5 HIGH |
| An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file. | |||||
| CVE-2023-46836 | 1 Xen | 1 Xen | 2025-06-03 | N/A | 4.7 MEDIUM |
| The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown (XPTI) deliberately left interrupts enabled on two entry paths; one unconditionally, and one conditionally on whether XPTI was active. As BTC/SRSO and Meltdown affect different CPU vendors, the mitigations are not active together by default. Therefore, there is a race condition whereby a malicious PV guest can bypass BTC/SRSO protections and launch a BTC/SRSO attack against Xen. | |||||
| CVE-2023-45559 | 1 Linecorp | 1 Line | 2025-06-03 | N/A | 8.2 HIGH |
| An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token. | |||||
| CVE-2023-42933 | 1 Apple | 1 Macos | 2025-06-03 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to gain elevated privileges. | |||||
| CVE-2023-42872 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-06-03 | N/A | 5.5 MEDIUM |
| The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to access sensitive user data. | |||||
| CVE-2023-42866 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-06-03 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, tvOS 16.6, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. | |||||