Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24936 | 1 Nokia | 1 Wavesuite Noc | 2025-08-11 | N/A | N/A |
| The web application allows user input to pass unfiltered to a command executed on the underlying operating system. The vulnerable component is bound to the network stack and the set of possible attackers extends up to and including the entire Internet. An attacker with low privileged access to the application has the potential to execute commands on the operating system under the context of the webserver. | |||||
| CVE-2025-50467 | 1 Open-metadata | 1 Openmetadata | 2025-08-11 | N/A | N/A |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query. | |||||
| CVE-2025-50468 | 1 Open-metadata | 1 Openmetadata | 2025-08-11 | N/A | N/A |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query. | |||||
| CVE-2025-50466 | 1 Open-metadata | 1 Openmetadata | 2025-08-11 | N/A | 6.5 MEDIUM |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query. | |||||
| CVE-2025-50465 | 1 Open-metadata | 1 Openmetadata | 2025-08-11 | N/A | 8.8 HIGH |
| OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query. | |||||
| CVE-2025-54397 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users. | |||||
| CVE-2025-54396 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this. | |||||
| CVE-2025-54394 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources. | |||||
| CVE-2025-54395 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data. | |||||
| CVE-2025-54392 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189. | |||||
| CVE-2025-54393 | 1 Netwrix | 1 Directory Manager | 2025-08-11 | N/A | N/A |
| Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access. | |||||
| CVE-2023-41528 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters. | |||||
| CVE-2023-41532 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php. | |||||
| CVE-2023-41530 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php. | |||||
| CVE-2023-41529 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters. | |||||
| CVE-2023-41531 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters. | |||||
| CVE-2023-40992 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter. | |||||
| CVE-2023-41526 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters. | |||||
| CVE-2023-41527 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php. | |||||
| CVE-2023-41525 | 1 Kishan0725 | 1 Hospital Management System | 2025-08-11 | N/A | N/A |
| Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php. | |||||