Search Results (12076 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-22386 1 Optimizely 1 Configured Commerce 2025-05-20 7.3 High
An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity session issue exists in the Commerce B2B application, affecting the longevity of active sessions in the storefront. This allows session tokens tied to logged-out sessions to still be active and usable.
CVE-2024-24903 1 Dell 1 Policy Manager For Secure Connect Gateway 2025-05-20 8 High
Dell Secure Connect Gateway (SCG) Policy Manager, version 5.10+, contain a weak password recovery mechanism for forgotten passwords. An adjacent network low privileged attacker could potentially exploit this vulnerability, leading to unauthorized access to the application with privileges of the compromised account. The attacker could retrieve the reset password token without authorization and then perform the password change.
CVE-2019-1039 1 Microsoft 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more 2025-05-20 5.5 Medium
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses the vulnerability by correcting how the Windows kernel initializes objects in memory.
CVE-2019-0948 1 Microsoft 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more 2025-05-20 4.7 Medium
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration. To exploit the vulnerability, an attacker could create a file containing specially crafted XML content and convince an authenticated user to import the file. The update addresses the vulnerability by modifying the way that the Event Viewer parses XML input.
CVE-2024-45818 1 Xen 1 Xen 2025-05-20 6.5 Medium
The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulating an instruction with two memory accesses, both of which touch VGA memory (plus some further constraints which aren't relevant here). When emulating the 2nd access, the lock that is already being held would be attempted to be re-acquired, resulting in a deadlock. This deadlock was already found when the code was first introduced, but was analysed incorrectly and the fix was incomplete. Analysis in light of the new finding cannot find a way to make the existing locking discipline work. In staging, this logic has all been removed because it was discovered to be accidentally disabled since Xen 4.7. Therefore, we are fixing the locking problem by backporting the removal of most of the feature. Note that even with the feature disabled, the lock would still be acquired for any accesses to the VGA MMIO region.
CVE-2022-34169 7 Apache, Azul, Debian and 4 more 23 Xalan-java, Zulu, Debian Linux and 20 more 2025-05-20 7.5 High
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
CVE-2022-41204 1 Sap 1 Commerce 2025-05-20 8.8 High
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205, login page through a manipulated URL. They can inject code that allows them to redirect submissions from the affected login form to their own server. This allows them to steal credentials and hijack accounts. A successful attack could compromise the Confidentiality, Integrity, and Availability of the system.
CVE-2024-4900 1 Seopress 1 Seopress 2025-05-19 6.1 Medium
The SEOPress WordPress plugin before 7.8 does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post
CVE-2024-6534 1 Monospace 1 Directus 2025-05-19 4.3 Medium
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
CVE-2023-33860 1 Ibm 1 Security Qradar Edr 2025-05-19 5.3 Medium
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.
CVE-2023-28656 2 F5, Netapp 5 Nginx Api Connectivity Manager, Nginx Instance Manager, Nginx Security Monitoring and 2 more 2025-05-19 8.1 High
NGINX Management Suite may allow an authenticated attacker to gain access to configuration objects outside of their assigned environment.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-24887 1 Citeum 1 Opencti 2025-05-19 6.3 Medium
OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the `external` flag on/off and change the own token value for a user. It is also possible to edit attributes that are not in the allow list, such as `otp_qr` and `otp_activated`. If external users exist in the OpenCTI setup and the information about these users identities is sensitive, the above vulnerabilities can be used to enumerate existing user accounts as a standard low privileged user. This issue has been patched in version 6.4.10.
CVE-2024-8207 2 Linux, Mongodb 2 Linux Kernel, Mongodb 2025-05-16 6.4 Medium
In certain highly specific configurations of the host system and MongoDB server binary installation on Linux Operating Systems, it may be possible for a unintended actor with host-level access to cause the MongoDB Server binary to load unintended actor-controlled shared libraries when the server binary is started, potentially resulting in the unintended actor gaining full control over the MongoDB server process. This issue affects MongoDB Server v5.0 versions prior to 5.0.14 and MongoDB Server v6.0 versions prior to 6.0.3. Required Configuration: Only environments with Linux as the underlying operating system is affected by this issue
CVE-2025-4119 1 Weitong 1 Mall 2025-05-16 5.3 Medium
A vulnerability classified as critical was found in Weitong Mall 1.0.0. This vulnerability affects unknown code of the file /queryTotal of the component Product Statistics Handler. The manipulation of the argument isDelete with the input 1 leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-42169 1 Hcltech 1 Dryice Myxalytics 2025-05-16 7.1 High
HCL MyXalytics is affected by insecure direct object references. It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.
CVE-2024-42168 1 Hcltech 1 Dryice Myxalytics 2025-05-16 8.9 High
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content.
CVE-2024-1167 1 Seweurodrive 1 Movitools Motionstudio 2025-05-15 5.5 Medium
When SEW-EURODRIVE MOVITOOLS MotionStudio processes XML information unrestricted file access can occur.
CVE-2024-24760 1 Mailcow 1 Mailcow\ 2025-05-15 8.8 High
mailcow is a dockerized email package, with multiple containers linked in one bridged network. A security vulnerability has been identified in mailcow affecting versions < 2024-01c. This vulnerability potentially allows attackers on the same subnet to connect to exposed ports of a Docker container, even when the port is bound to 127.0.0.1. The vulnerability has been addressed by implementing additional iptables/nftables rules. These rules drop packets for Docker containers on ports 3306, 6379, 8983, and 12345, where the input interface is not `br-mailcow` and the output interface is `br-mailcow`.
CVE-2023-45213 1 Westermo 2 L206-f2g, L206-f2g Firmware 2025-05-15 6.6 Medium
A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.
CVE-2022-41479 1 Devexpress 1 Asp.net Web Forms Controls 2025-05-15 7.5 High
The DevExpress Resource Handler (ASPxHttpHandlerModule) in DevExpress ASP.NET Web Forms Build v19.2.3 does not verify the referenced objects in the /DXR.axd?r= HTTP GET parameter. This leads to an Insecure Direct Object References (IDOR) vulnerability which allows attackers to access the application source code. NOTE: the vendor disputes this because the retrieved source code is only the DevExpress client-side application code that is, of course, intentionally readable by web browsers (a site's custom code and data is never accessible via an IDOR approach).