Export limit exceeded: 12287 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (12287 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-22892 1 Smartbear 1 Zephyr Enterprise 2025-03-04 7.5 High
There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
CVE-2024-45418 1 Zoom 4 Meeting Software Development Kit, Rooms, Video Software Development Kit and 1 more 2025-03-04 5.4 Medium
Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.
CVE-2024-11955 1 Glpi-project 1 Glpi 2025-03-04 4.3 Medium
A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 10.0.18 is able to address this issue. It is recommended to upgrade the affected component.
CVE-2021-31982 1 Microsoft 1 Edge Chromium 2025-02-28 8.8 High
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-24884 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 8.8 High
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-38157 1 Microsoft 1 Edge Chromium 2025-02-28 6.5 Medium
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-28286 1 Microsoft 1 Edge Chromium 2025-02-28 6.1 Medium
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-28284 1 Microsoft 1 Edge 2025-02-28 4.3 Medium
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-24935 1 Microsoft 1 Edge Chromium 2025-02-28 6.1 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2023-24892 1 Microsoft 1 Edge Chromium 2025-02-28 8.2 High
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2023-24533 1 Nistec Project 1 Nistec 2025-02-28 7.5 High
Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.
CVE-2023-23395 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 3.1 Low
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-24863 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 6.5 Medium
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24866 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 6.5 Medium
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24906 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 6.5 Medium
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2023-24870 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 6.5 Medium
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
CVE-2022-3381 1 Gitlab 1 Gitlab 2025-02-28 4.3 Medium
An issue has been discovered in GitLab affecting all versions starting from 10.0 to 15.7.8, 15.8 prior to 15.8.4 and 15.9 prior to 15.9.2. A crafted URL could be used to redirect users to arbitrary sites
CVE-2022-4317 1 Gitlab 1 Dynamic Application Security Testing Analyzer 2025-02-28 5 Medium
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.
CVE-2023-27115 1 Webassembly 1 Webassembly 2025-02-28 5.5 Medium
WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::cat_compute_size.
CVE-2025-27143 1 Better-auth 1 Better Auth 2025-02-28 6.1 Medium
Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While the server blocks fully qualified URLs, it incorrectly allows scheme-less URLs. This results in the browser interpreting the URL as a fully qualified URL, leading to unintended redirection. An attacker can exploit this flaw by crafting a malicious verification link and tricking users into clicking it. Upon successful email verification, the user will be automatically redirected to the attacker's website, which can be used for phishing, malware distribution, or stealing sensitive authentication tokens. This CVE is a bypass of the fix for GHSA-8jhw-6pjj-8723/CVE-2024-56734. Version 1.1.21 contains an updated patch.