Search
Search Results (333450 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5951 | 2025-06-28 | N/A | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-6664 | 1 Codeastro | 1 Patient Record Management System | 2025-06-28 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record Management System 1.0. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-53388 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53387 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53386 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53385 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53384 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53383 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53382 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53381 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2025-53380 | 2025-06-28 | N/A | ||
| Not used | ||||
| CVE-2023-20597 | 1 Amd | 202 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 199 more | 2025-06-27 | 5.5 Medium |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | ||||
| CVE-2023-20594 | 1 Amd | 250 Epyc 7003, Epyc 7003 Firmware, Epyc 72f3 and 247 more | 2025-06-27 | 4.4 Medium |
| Improper initialization of variables in the DXE driver may allow a privileged user to leak sensitive information via local access. | ||||
| CVE-2024-21925 | 2025-06-27 | 8.2 High | ||
| Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. | ||||
| CVE-2024-0179 | 2025-06-27 | 8.2 High | ||
| SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution. | ||||
| CVE-2024-48646 | 1 Sage | 2 1000, Sage Frp 1000 | 2025-06-27 | 8.1 High |
| An Unrestricted File Upload vulnerability exists in Sage 1000 v7.0.0, which allows authorized users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files, such as HTML, scripts, or other executable content, that may be executed on the server, leading to further system compromise. | ||||
| CVE-2024-48647 | 1 Sage | 2 1000, Sage Frp 1000 | 2025-06-27 | 7.2 High |
| A file disclosure vulnerability exists in Sage 1000 v7.0.0. This vulnerability allows remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. The attacker can exploit this flaw to access sensitive information, including configuration files that may contain credentials and system settings, which could lead to further compromise of the server. | ||||
| CVE-2024-48648 | 1 Sage | 1 Sage Frp 1000 | 2025-06-27 | 6.1 Medium |
| A Reflected Cross-Site Scripting (XSS) vulnerability exists in the Sage 1000 v 7.0.0. This vulnerability allows attackers to inject malicious scripts into URLs, which are reflected back by the server in the response without proper sanitization or encoding. | ||||
| CVE-2024-48307 | 1 Jeecg | 2 Jeecg Boot, Jeecgboot | 2025-06-27 | 9.8 Critical |
| JeecgBoot v3.7.1 was discovered to contain a SQL injection vulnerability via the component /onlDragDatasetHead/getTotalData. | ||||
| CVE-2024-53299 | 1 Apache | 1 Wicket | 2025-06-27 | 6.5 Medium |
| The request handling in the core in Apache Wicket 7.0.0 on any platform allows an attacker to create a DOS via multiple requests to server resources. Users are recommended to upgrade to versions 9.19.0 or 10.3.0, which fixes this issue. | ||||