Total
293384 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4089 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-05-09 | 5.1 Medium |
| Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 138 and Thunderbird < 138. | ||||
| CVE-2025-4090 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-05-09 | 6.5 Medium |
| A vulnerability existed in Thunderbird for Android where potentially sensitive library locations were logged via Logcat. This vulnerability affects Firefox < 138 and Thunderbird < 138. | ||||
| CVE-2025-4091 | 2 Mozilla, Redhat | 6 Firefox, Thunderbird, Enterprise Linux and 3 more | 2025-05-09 | 6.5 Medium |
| Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138, Firefox ESR < 128.10, Thunderbird < 138, and Thunderbird < 128.10. | ||||
| CVE-2025-4092 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-05-09 | 6.5 Medium |
| Memory safety bugs present in Firefox 137 and Thunderbird 137. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 138 and Thunderbird < 138. | ||||
| CVE-2025-4093 | 2 Mozilla, Redhat | 6 Firefox, Thunderbird, Enterprise Linux and 3 more | 2025-05-09 | 6.5 Medium |
| Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 128.10 and Thunderbird < 128.10. | ||||
| CVE-2025-46584 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 7.8 High |
| Vulnerability of improper authentication logic implementation in the file system module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-46585 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 7.5 High |
| Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-46586 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 5.1 Medium |
| Permission control vulnerability in the contacts module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-58252 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 6.2 Medium |
| Vulnerability of insufficient information protection in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-46587 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 6.2 Medium |
| Permission control vulnerability in the media library module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-46588 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 4.4 Medium |
| Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | ||||
| CVE-2025-46589 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 4.4 Medium |
| Vulnerability of unauthorized access in the app lock module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | ||||
| CVE-2025-46590 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 6.3 Medium |
| Bypass vulnerability in the network search instruction authentication module Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions. | ||||
| CVE-2025-46591 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 6.2 Medium |
| Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-4482 | 2025-05-09 | 7.3 High | ||
| A vulnerability classified as critical was found in Project Worlds Student Project Allocation System 1.0. Affected by this vulnerability is an unknown functionality of the file /change_pass/forgot_password_sql.php. The manipulation of the argument Pat_BloodGroup1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2025-46592 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 4.4 Medium |
| Null pointer dereference vulnerability in the USB HDI driver module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-46593 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 5.1 Medium |
| Process residence vulnerability in abnormal scenarios in the print module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-4483 | 2025-05-09 | 7.3 High | ||
| A vulnerability, which was classified as critical, has been found in itsourcecode Gym Management System 1.0. Affected by this issue is some unknown functionality of the file /view_pdetails.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-3741 | 1 Chatwoot | 1 Chatwoot | 2025-05-09 | 9.8 Critical |
| Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the server. These accounts still need to be activated; however, it is possible to identify the output Status Code to separate accounts that are generated and waiting for email verification. \n\nFor the sign in directories, it is possible to brute force login attempts to either login portal, which could lead to account compromise. | ||||
| CVE-2022-0074 | 1 Litespeedtech | 1 Openlitespeed | 2025-05-09 | 8.8 High |
| Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server andĀ LiteSpeed Web Server Container allows Privilege Escalation. This affects versionsĀ from 1.6.15 before 1.7.16.1. | ||||