Export limit exceeded: 364318 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (35577 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-23504 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-03-11 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-48254 1 Huawei 2 Leia-b29, Leia-b29 Firmware 2025-03-11 4.6 Medium
There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication.
CVE-2022-32949 1 Apple 3 Ipados, Iphone Os, Tvos 2025-03-11 7.8 High
This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-32906 1 Apple 1 Music 2025-03-11 5.3 Medium
This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position may intercept SSL/TLS connections.
CVE-2022-32902 1 Apple 1 Macos 2025-03-11 5.5 Medium
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences.
CVE-2022-32900 1 Apple 1 Macos 2025-03-11 7.8 High
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges.
CVE-2021-46841 1 Apple 1 Music 2025-03-11 5.9 Medium
This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position can track a user's activity.
CVE-2023-2941 1 Google 1 Chrome 2025-03-11 4.3 Medium
Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2023-23531 1 Apple 3 Ipados, Iphone Os, Macos 2025-03-11 8.6 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.
CVE-2022-32855 1 Apple 2 Ipados, Iphone Os 2025-03-11 5.5 Medium
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen.
CVE-2022-32836 1 Apple 1 Music 2025-03-11 7.5 High
This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data.
CVE-2022-32824 1 Apple 4 Ipados, Iphone Os, Tvos and 1 more 2025-03-11 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.
CVE-2022-32784 1 Apple 3 Ipados, Iphone Os, Safari 2025-03-11 6.5 Medium
The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.
CVE-2023-42661 1 Jfrog 1 Artifactory 2025-03-11 7.2 High
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts.
CVE-2024-1442 2 Grafana, Redhat 3 Grafana, Acm, Ceph Storage 2025-03-11 6 Medium
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
CVE-2023-46169 1 Ibm 2 Ds8900f, Ds8900f Firmware 2025-03-11 6.5 Medium
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily delete a file. IBM X-Force ID: 269406.
CVE-2023-46170 1 Ibm 2 Ds8900f, Ds8900f Firmware 2025-03-11 6.5 Medium
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow an authenticated user to arbitrarily read files after enumerating file names.
CVE-2023-46172 1 Ibm 2 Ds8900f, Ds8900f Firmware 2025-03-11 5.6 Medium
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a remote attacker to bypass authentication restrictions for authorized user. IBM X-Force ID: 269409.
CVE-2024-2265 1 Keerti1924 1 Php Mysql User Signup Login System 2025-03-11 5.3 Medium
A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User-Login-System 1.0. This affects an unknown part of the file login.sql. The manipulation leads to inclusion of sensitive information in source code. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256035. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-2267 1 Keerti1924 1 Online Bookstore Website 2025-03-11 4.3 Medium
A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0 and classified as problematic. This issue affects some unknown processing of the file /shop.php. The manipulation of the argument product_price leads to business logic errors. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-256037 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.