ReportizFlow
Filtered by vendor
Subscriptions
Total
4211 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51954 | 3 Esri, Linux, Microsoft | 3 Arcgis Server, Linux Kernel, Windows | 2025-04-10 | 8.5 High |
| There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux, which under unique circumstances, could potentially allow a remote, low privileged authenticated attacker to access secure services published a standalone (Unfederated) ArcGIS Server instance. If successful this compromise would have a high impact on Confidentiality, low impact on integrity and no impact to availability of the software. | ||||
| CVE-2022-47634 | 1 Isode | 1 M-link | 2025-04-10 | 8.1 High |
| M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. | ||||
| CVE-2022-4807 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4809 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4689 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2024-37567 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.1 Critical |
| Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. | ||||
| CVE-2024-37566 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.8 Critical |
| Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. | ||||
| CVE-2022-4810 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4814 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-47543 | 1 Siren | 1 Investigate | 2025-04-10 | 5.3 Medium |
| An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects. | ||||
| CVE-2022-38184 | 1 Esri | 1 Portal For Arcgis | 2025-04-10 | 7.5 High |
| There is an improper access control vulnerability in Portal for ArcGIS versions 10.8.1 and below which could allow a remote, unauthenticated attacker to access an API that may induce Esri Portal for ArcGIS to read arbitrary URLs. | ||||
| CVE-2025-2973 | 1 Code-projects | 1 College Management System | 2025-04-10 | 6.3 Medium |
| A vulnerability, which was classified as critical, was found in code-projects College Management System 1.0. This affects an unknown part of the file /Admin/student.php. The manipulation of the argument profile_image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-24486 | 2 Silex, Silextechnology | 3 Ds-600 Firmware, Ds-600, Ds-600 Firmware | 2025-04-10 | 9.1 Critical |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to edit device settings via the SAVE EEP_DATA command. | ||||
| CVE-2024-24487 | 1 Silextechnology | 2 Ds-600, Ds-600 Firmware | 2025-04-10 | 6.8 Medium |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to cause a denial of service via crafted UDP packets using the EXEC REBOOT SYSTEM command. | ||||
| CVE-2024-24485 | 2 Silex, Silextechnology | 3 Ds-600 Firmware, Ds-600, Ds-600 Firmware | 2025-04-10 | 7.5 High |
| An issue discovered in silex technology DS-600 Firmware v.1.4.1 allows a remote attacker to obtain sensitive information via the GET EEP_DATA command. | ||||
| CVE-2022-4724 | 1 Ikus-soft | 1 Rdiffweb | 2025-04-09 | 9.8 Critical |
| Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. | ||||
| CVE-2022-4684 | 1 Usememos | 1 Memos | 2025-04-09 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2025-28407 | 1 Ruoyi | 1 Ruoyi | 2025-04-09 | 8.8 High |
| An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of the /edit/{dictId} endpoint does not properly validate whether the requesting user has permission to modify the specified dictId | ||||
| CVE-2025-28408 | 1 Ruoyi | 1 Ruoyi | 2025-04-09 | 9.8 Critical |
| An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree method of the /selectDeptTree/{deptId} endpoint does not properly validate the deptId parameter | ||||
| CVE-2025-28409 | 1 Ruoyi | 1 Ruoyi | 2025-04-09 | 8.8 High |
| An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of the /add/{parentId} endpoint does not properly validate whether the requesting user has permission to add a menu item under the specified parentId | ||||