Filter and search through 196,444 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2025-41428 | Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON fi... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2025-41427 | WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vuln... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41419 | **I. Detailed Description:** This includes scenarios, screenshots, vulnerability reproduction methods. For account-related vulnerabilities, please p... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-41408 | Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthent... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41404 | Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2025-41393 | Reflected cross-site scripting vulnerability exists in the laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor. I... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41380 | Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This vulnerability allows a local user to retrieve the SSH has... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41379 | The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an associated ID, but there is a problem when adding a new rule... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41378 | The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf file. This can be exploited by an attacker to extend h... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41377 | Cryptographic vulnerability in Iridium Certus 700. This vulnerability allows a user to retrieve the encryption key, resulting in the loading of malici... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41367 | Stored Cross-Site Scripting (XSS) vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicio... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41366 | In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a configuration error has been detected in cross-origin resource sharing (CORS). Exploiting this vulne... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41365 | Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in softw... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41364 | Stored Cross-Site Scripting (XSS) vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicio... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41363 | In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a configuration error has been detected in cross-origin resource sharing (CORS). Exploiting this vulne... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41362 | Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in softw... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41361 | Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The devices improperly handle TLS requests associated ... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41360 | Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial o... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41358 | Direct Object Reference Vulnerability (IDOR) in i2A's CronosWeb, in versions prior to 25.00.00.12, inclusive. This vulnerability could allow an authen... | 0.0 | 0 | Neutral | No | No |
| CVE-2025-41351 | Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacke... | 0.0 | 0 | Neutral | No | No |