Export limit exceeded: 356032 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356032 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-11097 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11134 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-0606 | 1 Logo Software | 1 Logo Cloud | 2026-06-06 | 6 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud allows Forceful Browsing, Resource Leak Exposure. This issue affects Logo Cloud: before 0.67. | ||||
| CVE-2025-0607 | 1 Logo Software | 1 Logo Cloud | 2026-06-06 | 4.3 Medium |
| Improper Encoding or Escaping of Output vulnerability in Logo Software Inc. Logo Cloud allows Phishing. This issue affects Logo Cloud: before 2.57. | ||||
| CVE-2025-0608 | 1 Logo Software | 1 Logo Cloud | 2026-06-06 | 5.5 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Logo Software Inc. Logo Cloud allows Phishing, Forceful Browsing. This issue affects Logo Cloud: before 2025.R6. | ||||
| CVE-2025-0609 | 1 Logo Software | 1 Logo Cloud | 2026-06-06 | 4.7 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Logo Software Inc. Logo Cloud allows Cross-Site Scripting (XSS). This issue affects Logo Cloud: before 1.18. | ||||
| CVE-2025-0610 | 1 Akinsoft | 1 Qr Menu | 2026-06-06 | 8.6 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request Forgery. This issue affects QR Menü: from s1.05.06 before v1.05.12. | ||||
| CVE-2025-0616 | 1 Teknolojik Center | 1 Netsis Panel | 2026-06-06 | 8.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Teknolojik Center Telecommunication Industry Trade Co. Ltd. B2B - Netsis Panel allows SQL Injection. This issue affects B2B - Netsis Panel: through 20251003. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-0640 | 1 Akinsoft | 1 Octocloud | 2026-06-06 | 4.7 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure. This issue affects OctoCloud: from s1.09.02 before v1.11.01. | ||||
| CVE-2025-0642 | 1 Poscube | 1 Assist | 2026-06-06 | 6.3 Medium |
| Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in PosCube Hardware Software and Consulting Ltd. Co. Assist allows Excavation, Authentication Bypass. This issue affects Assist: through 10.02.2025. | ||||
| CVE-2025-0643 | 1 Narkom | 1 Pyxis Signage | 2026-06-06 | 7.2 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Stored XSS. This issue affects Pyxis Signage: through 31012025. | ||||
| CVE-2025-0645 | 1 Narkom | 1 Pyxis Signage | 2026-06-06 | 7.2 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Narkom Communication and Software Technologies Trade Ltd. Co. Pyxis Signage allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Pyxis Signage: through 31012025. | ||||
| CVE-2025-0670 | 1 Akinsoft | 1 Prokuafor | 2026-06-06 | 4.7 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows Resource Leak Exposure. This issue affects ProKuafor: from s1.02.07 before v1.02.08. | ||||
| CVE-2025-0875 | 2026-06-06 | 6.5 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software Hardware Service Trade Ltd. Co. OBS (Student Affairs Information System) allows Parameter Injection. This issue affects OBS (Student Affairs Information System): before v26.0328. | ||||
| CVE-2025-0876 | 2026-06-06 | 4.1 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Isin Basi Advertisement Information Technologies Trade Inc. IT's Workif allows Cross-Site Scripting (XSS). This issue affects IT's Workif: through 20251003. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-0877 | 2026-06-06 | 4.7 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AtaksAPP Reservation Management System allows Cross-Site Scripting (XSS). This issue affects Reservation Management System: before 4.2.3. | ||||
| CVE-2025-0878 | 1 Akinsoft | 1 Limondesk | 2026-06-06 | 4.7 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft LimonDesk allows Cross-Site Scripting (XSS). This issue affects LimonDesk: from s1.02.14 before v1.02.17. | ||||
| CVE-2025-0879 | 2026-06-06 | 4.7 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Shopside Software Shopside App allows Cross-Site Scripting (XSS). This issue requires high privileges. This issue affects Shopside App: before 17.02.2025. | ||||
| CVE-2025-0984 | 2026-06-06 | 8.2 High | ||
| Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netoloji Software E-Flow allows Accessing Functionality Not Properly Constrained by ACLs, Stored XSS, File Content Injection. This issue affects E-Flow: before 3.23.00. | ||||
| CVE-2025-0987 | 1 Cb Project | 1 Cvland | 2026-06-06 | 9.9 Critical |
| Authorization Bypass Through User-Controlled Key vulnerability in CB Project Ltd. Co. CVLand allows Parameter Injection. This issue affects CVLand: from 2.1.0 through 20251103. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||