Total
3827 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-47037 | 1 Siklu | 10 Tg Firmware, Tg Lr T280, Tg Mpl-261 and 7 more | 2025-04-10 | 7.5 High |
| Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials. | ||||
| CVE-2024-51954 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2025-04-10 | 8.5 High |
| There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone (Unfederated) ArcGIS Server instance. If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software. | ||||
| CVE-2022-47634 | 1 Isode | 1 M-link | 2025-04-10 | 8.1 High |
| M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. | ||||
| CVE-2024-8999 | 1 Lunary | 1 Lunary | 2025-04-10 | 7.5 High |
| lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26. | ||||
| CVE-2022-4807 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4809 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4689 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2024-37567 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.1 Critical |
| Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. | ||||
| CVE-2024-37566 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.8 Critical |
| Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. | ||||
| CVE-2022-4810 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4814 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2024-9098 | 1 Lunary | 1 Lunary | 2025-04-10 | 6.1 Medium |
| In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where admins can invite new members with billing permissions, thereby gaining unauthorized access to billing resources. This issue arises because the user creation endpoint does not restrict admins from inviting users with billing roles. As a result, admins can circumvent the intended access control, posing a risk to the organization's financial resources. | ||||
| CVE-2022-47543 | 1 Siren | 1 Investigate | 2025-04-10 | 5.3 Medium |
| An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects. | ||||
| CVE-2022-38184 | 1 Esri | 1 Portal For Arcgis | 2025-04-10 | 7.5 High |
| There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for ArcGIS to read arbitrary URLs. | ||||
| CVE-2025-2973 | 1 Code-projects | 1 College Management System | 2025-04-10 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profile_image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-24486 | 2 Silex, Silextechnology | 3 Ds-600 Firmware, Ds-600, Ds-600 Firmware | 2025-04-10 | 9.1 Critical |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA command. | ||||
| CVE-2024-24487 | 1 Silextechnology | 2 Ds-600, Ds-600 Firmware | 2025-04-10 | 6.8 Medium |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packets using the EXEC REBOOT SYSTEM command. | ||||
| CVE-2024-24485 | 2 Silex, Silextechnology | 3 Ds-600 Firmware, Ds-600, Ds-600 Firmware | 2025-04-10 | 7.5 High |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to obtain sensitive information via the GET EEP_DATA command. | ||||
| CVE-2022-4724 | 1 Ikus-soft | 1 Rdiffweb | 2025-04-09 | 9.8 Critical |
| Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. | ||||
| CVE-2022-4684 | 1 Usememos | 1 Memos | 2025-04-09 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. | ||||