Total
295992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36406 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-36298 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-34860 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-34859 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-33893 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-32233 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-29924 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-27877 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-27876 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2022-26038 | 2025-05-28 | N/A | N/A | ||
| Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused | |||||
| CVE-2024-25734 | 1 Wyrestorm | 2 Apollo Vx20, Apollo Vx20 Firmware | 2025-05-28 | N/A | 7.5 HIGH |
| An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote attackers to enumerate user accounts. | |||||
| CVE-2024-25735 | 1 Wyrestorm | 2 Apollo Vx20, Apollo Vx20 Firmware | 2025-05-28 | N/A | 9.1 CRITICAL |
| An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request. | |||||
| CVE-2024-25736 | 1 Wyrestorm | 2 Apollo Vx20, Apollo Vx20 Firmware | 2025-05-28 | N/A | 7.5 HIGH |
| An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can restart the device via a /device/reboot GET request. | |||||
| CVE-2025-2308 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2309 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2025-2310 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release. | |||||
| CVE-2024-25423 | 1 Nemetschek | 1 Cinema 4d | 2025-05-28 | N/A | 7.0 HIGH |
| An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4d_base.xdl64 file. | |||||
| CVE-2023-31634 | 1 Teslamate | 1 Teslamate | 2025-05-28 | N/A | 9.8 CRITICAL |
| In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126. | |||||
| CVE-2025-25225 | 1 Hikashop | 1 Hikashop | 2025-05-28 | N/A | 6.5 MEDIUM |
| A privilege escalation vulnerability in the Hikashop component versions 1.0.0-5.1.3 for Joomla allows authenticated attackers (administrator) to escalate their privileges to Super Admin Permissions. | |||||
| CVE-2025-3479 | 1 Wpmudev | 1 Forminator Forms | 2025-05-28 | N/A | 5.3 MEDIUM |
| The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handle_stripe_single' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe PaymentIntent for multiple transactions. Only the first transaction is processed via Stripe, but the plugin sends a successful email message for each transaction, which may trick an administrator into fulfilling each order. | |||||