Search
Search Results (328883 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55304 | 1 Exiv2 | 1 Exiv2 | 2025-09-02 | 5.5 Medium |
| Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A denial-of-service was found in Exiv2 version 0.28.5: a quadratic algorithm in the ICC profile parsing code in jpegBase::readMetadata() can cause Exiv2 to run for a long time. The denial-of-service is triggered when Exiv2 is used to read the metadata of a crafted jpg image file. The bug is fixed in version 0.28.6. | ||||
| CVE-2024-7738 | 1 Yzane | 2 Markdown Pdf, Vscode Markdown Pdf | 2025-09-02 | 3.3 Low |
| A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-7739 | 1 Yzane | 2 Markdown Pdf, Vscode Markdown Pdf | 2025-09-02 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-44271 | 1 Apple | 2 Macos, Macos Sequoia | 2025-09-02 | 3.3 Low |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator. | ||||
| CVE-2024-54554 | 1 Apple | 2 Macos, Macos Sequoia | 2025-09-02 | 5.5 Medium |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data. | ||||
| CVE-2025-43284 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2025-09-02 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-58421 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58420 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58419 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58418 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58417 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58416 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58415 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-58414 | 2025-09-02 | N/A | ||
| Not used | ||||
| CVE-2025-1500 | 1 Ibm | 1 Maximo Application Suite | 2025-09-01 | 5.5 Medium |
| IBM Maximo Application Suite 9.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. | ||||
| CVE-2025-3423 | 2 Ibm, Linux | 2 Aspera Faspex, Linux Kernel | 2025-09-01 | 5.4 Medium |
| IBM Aspera Faspex 5.0.0 through 5.0.11 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2024-52905 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-09-01 | 2.7 Low |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user. | ||||
| CVE-2024-25051 | 3 Ibm, Linux, Microsoft | 3 Jazz Reporting Service, Linux Kernel, Windows | 2025-09-01 | 6.6 Medium |
| IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system. | ||||
| CVE-2024-56469 | 1 Ibm | 2 Devops Deploy, Urbancode Deploy | 2025-09-01 | 6.3 Medium |
| IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 / IBM DevOps Deploy 8.0 through 8.0.1.5 and 8.1 through 8.1.0.1 could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service. | ||||
| CVE-2025-48963 | 1 Acronis | 1 Cyber Protect Cloud Agent | 2025-09-01 | N/A |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296. | ||||