Main entries ~3682 :
Date Id Summary Products Score Patch Annotated
2013-10-09 CVE-2013-5576 administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013. Joomla\! N/A
2013-08-19 CVE-2013-5313 Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify arbitrary user accounts via an edit user action. Bigtree_cms N/A
2014-05-27 CVE-2013-5036 The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb. Square_squash N/A
2013-08-19 CVE-2013-5029 phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php. Opensuse, Phpmyadmin N/A
2013-10-26 CVE-2013-4885 The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload "arbitrarily named" files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences. Nmap, Opensuse N/A
2013-08-19 CVE-2013-4881 Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/create.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create an administrative user via an add user action to index.php. Bigtree_cms N/A
2013-08-14 CVE-2013-4880 Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter. Bigtree_cms N/A
Remaining NVD entries (unprocessed / no code available): ~295032 :
Date Id Summary Products Score Patch
2025-07-06 CVE-2025-7076 A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. N/A 5.4
2025-07-06 CVE-2025-7075 A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /upload.cgi of the component HTTP Endpoint. The manipulation leads to unrestricted upload. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. N/A 6.3
2025-07-05 CVE-2023-5361 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A
2025-07-05 CVE-2023-6726 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A
2025-07-05 CVE-2023-6770 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A
2025-07-05 CVE-2023-6818 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A
2025-07-05 CVE-2023-6820 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A N/A