Total
5948 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-25549 | 1 Schneider-electric | 1 Struxureware Data Center Expert | 2025-03-03 | 7.2 High |
| A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that allows for remote code execution when using a parameter of the DCE network settings endpoint. Affected products: StruxureWare Data Center Expert (V7.9.2 and prior) | ||||
| CVE-2025-1169 | 1 Rems | 1 Image Compressor Tool | 2025-03-03 | 3.5 Low |
| A vulnerability was found in SourceCodester Image Compressor Tool 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /image-compressor/compressor.php. The manipulation of the argument image leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1577 | 1 Code-projects | 1 Blood Bank System | 2025-03-03 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank System 1.0. Affected by this issue is some unknown functionality of the file /prostatus.php. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1170 | 1 Fabian | 1 Real Estate Property Management System | 2025-03-03 | 3.5 Low |
| A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. The manipulation of the argument Desc leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-24709 | 1 Paradox | 2 Ipr512, Ipr512 Firmware | 2025-02-28 | 7.5 High |
| An issue found in Paradox Security Systems IPR512 allows attackers to cause a denial of service via the login.html and login.xml parameters. | ||||
| CVE-2023-33157 | 1 Microsoft | 1 Sharepoint Server | 2025-02-28 | 8.8 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2023-33131 | 1 Microsoft | 4 Office, Office Long Term Servicing Channel, Outlook and 1 more | 2025-02-28 | 8.8 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2022-41061 | 1 Microsoft | 7 365 Apps, Office, Office Online Server and 4 more | 2025-02-28 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2021-40487 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 8.1 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2021-40485 | 1 Microsoft | 7 365 Apps, Excel, Office and 4 more | 2025-02-28 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2021-31949 | 1 Microsoft | 3 365 Apps, Office, Outlook | 2025-02-28 | 7.3 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2021-31198 | 1 Microsoft | 1 Exchange Server | 2025-02-28 | 7.8 High |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2021-31181 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2025-02-28 | 8.8 High |
| Microsoft SharePoint Remote Code Execution Vulnerability | ||||
| CVE-2025-1586 | 1 Code-projects | 1 Blood Bank System | 2025-02-28 | 3.5 Low |
| A vulnerability was found in code-projects Blood Bank System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /Blood/A-.php. The manipulation of the argument Bloodname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-1591 | 1 Razormist | 1 Employee Management System | 2025-02-28 | 2.4 Low |
| A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /department.php of the component Department Page. The manipulation of the argument Department Name leads to cross site scripting. The attack can be launched remotely. | ||||
| CVE-2025-1597 | 1 Mayurik | 1 Best Church Management Software | 2025-02-28 | 3.5 Low |
| A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/redirect.php. The manipulation of the argument a leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1592 | 1 Mayurik | 1 Best Employee Management System | 2025-02-28 | 2.4 Low |
| A vulnerability was found in SourceCodester Best Employee Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/Operations/Role.php of the component Add Role Page. The manipulation of the argument assign_name/description leads to cross site scripting. The attack may be launched remotely. | ||||
| CVE-2025-1614 | 1 Fiberhome | 2 An5506-01-a, An5506-01-a Firmware | 2025-02-28 | 2.4 Low |
| A vulnerability classified as problematic has been found in FiberHome AN5506-01A ONU GPON RP2511. Affected is an unknown function of the file /goform/portForwardingCfg of the component Port Forwarding Submenu. The manipulation of the argument pf_Description leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1613 | 1 Fiberhome | 2 An5506-01-a, An5506-01-a Firmware | 2025-02-28 | 2.4 Low |
| A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It has been rated as problematic. This issue affects some unknown processing of the file /goform/URL_filterCfg of the component URL Filtering Submenu. The manipulation of the argument url_IP leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-1615 | 1 Fiberhome | 2 An5506-01-a, An5506-01-a Firmware | 2025-02-28 | 2.4 Low |
| A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. | ||||