Total
331908 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-21949 | 1 Oracle | 1 Mysql Server | 2026-01-29 | N/A | 6.5 MEDIUM |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2025-64368 | 1 Qodeinteractive | 1 Bard | 2026-01-29 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Mikado-Themes Bard bardwp allows Cross Site Request Forgery.This issue affects Bard: from n/a through <= 1.6. | |||||
| CVE-2025-54861 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54853 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54852 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54817 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious url can lead to arbitrary javascript code execution. An attacker can provide a URL to a malicious website to trigger this vulnerability. | |||||
| CVE-2025-39466 | 1 Qodeinteractive | 1 Dor | 2026-01-29 | N/A | 9.8 CRITICAL |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through <= 2.4. | |||||
| CVE-2025-54814 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAutopurgeFilter functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-54778 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the existingUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-58080 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57881 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyEmail functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57787 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyRoute functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-57786 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-55071 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| A reflected cross-site scripting (xss) vulnerability exists in the modifyAnonymize functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | |||||
| CVE-2025-58090 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the uploaddir parameter. | |||||
| CVE-2025-58089 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the longtermdir parameter. | |||||
| CVE-2025-58088 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the archivedir parameter. | |||||
| CVE-2025-58087 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the status parameter. | |||||
| CVE-2025-68913 | 2026-01-29 | N/A | 7.5 HIGH | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zozothemes Miion miion allows PHP Local File Inclusion.This issue affects Miion: from n/a through <= 1.2.7. | |||||
| CVE-2025-58095 | 1 Meddream | 1 Pacs Server | 2026-01-29 | N/A | 6.1 MEDIUM |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This vulnerability affects the imagedir parameter. | |||||