Total
298791 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49791 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49790 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49789 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49788 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49787 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49786 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-49785 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: Not used | |||||
| CVE-2025-47102 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: This CVE ID was issued in error by its CVE Numbering Authority and does not represent a valid vulnerability. | |||||
| CVE-2025-47095 | 2025-06-11 | N/A | N/A | ||
| Rejected reason: This CVE ID was issued in error by its CVE Numbering Authority and does not represent a valid vulnerability. | |||||
| CVE-2022-43855 | 1 Ibm | 1 Spss Statistics | 2025-06-10 | N/A | 6.2 MEDIUM |
| IBM SPSS Statistics 26.0, 27.0.1, and 28.0 IO Module could allow a local user to create multiple files that could exhaust the file handles capacity and cause a denial of service. | |||||
| CVE-2024-3931 | 1 Totara | 1 Totara | 2025-06-10 | 4.0 MEDIUM | 3.5 LOW |
| A vulnerability was found in Totara LMS up to 18.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component User Selector. The manipulation of the argument ID Number leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 13.46, 14.38, 15.33, 16.27, 17.21 and 18.8 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2025-23102 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-06-10 | N/A | 8.8 HIGH |
| An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380, 1480 and 2400. A Double Free in the mobile processor leads to privilege escalation. | |||||
| CVE-2024-33118 | 1 Luckyframe | 1 Luckyframeweb | 2025-06-10 | N/A | 7.5 HIGH |
| LuckyFrameWeb v3.5.2 was discovered to contain an arbitrary read vulnerability via the fileDownload method in class com.luckyframe.project.common.CommonController. | |||||
| CVE-2024-28725 | 1 Yzmcms | 1 Yzmcms | 2025-06-10 | N/A | 7.1 HIGH |
| Cross Site Scripting (XSS) vulnerability in YzmCMS 7.0 allows attackers to run arbitrary code via Ads Management, Carousel Management, and System Settings. | |||||
| CVE-2025-45755 | 1 Vtiger | 1 Vtiger Crm | 2025-06-10 | N/A | 6.1 MEDIUM |
| A Stored Cross-Site Scripting (XSS) vulnerability exists in Vtiger CRM Open Source Edition v8.3.0, exploitable via the Services Import feature. An attacker can craft a malicious CSV file containing an XSS payload, mapped to the Service Name field. When the file is uploaded, the application improperly sanitizes user input, leading to persistent script execution. | |||||
| CVE-2025-44040 | 1 Orangehrm | 1 Orangehrm | 2025-06-10 | N/A | 7.2 HIGH |
| An issue in OrangeHRM v.5.7 allows an attacker to escalate privileges via the UserService.php and the checkFOrOldHash function | |||||
| CVE-2025-45753 | 1 Vtiger | 1 Vtiger Crm | 2025-06-10 | N/A | 7.2 HIGH |
| A vulnerability in Vtiger CRM Open Source Edition v8.3.0 allows an attacker with admin privileges to execute arbitrary PHP code by exploiting the ZIP import functionality in the Module Import feature. | |||||
| CVE-2025-5053 | 1 Freefloat | 1 Ftp Server | 2025-06-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-5119 | 1 Emlog | 1 Emlog | 2025-06-10 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in Emlog Pro 2.5.11 and classified as critical. This vulnerability affects unknown code of the file /include/controller/api_controller.php. The manipulation of the argument tag leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. | |||||
| CVE-2025-5137 | 1 Dedecms | 1 Dedecms | 2025-06-10 | 5.8 MEDIUM | 4.7 MEDIUM |
| A vulnerability was found in DedeCMS 5.7.117. It has been classified as critical. Affected is an unknown function of the file dede/sys_verifies.php?action=getfiles of the component Incomplete Fix CVE-2018-9175. The manipulation of the argument refiles leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||