Export limit exceeded: 347648 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347648 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7567 | 2026-05-01 | 9.8 Critical | ||
| The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before processing it. When the parameter is supplied as an array, PHP's empty() check is bypassed and sanitize_key() returns an empty string, which is then passed as the meta_value to get_users(). WordPress ignores an empty meta_value and returns all users matching the meta_key '_temporary_login_token', allowing authentication without a valid token. This makes it possible for unauthenticated attackers to authenticate as any active temporary login user by sending a single crafted GET request. | ||||
| CVE-2026-40686 | 1 Exim | 1 Exim | 2026-05-01 | 3.7 Low |
| In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present (malformed UTF-8 header data). Information might be divulged within an error message produced during handling of an unrelated e-mail message. | ||||
| CVE-2026-40685 | 1 Exim | 1 Exim | 2026-05-01 | 6.5 Medium |
| In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping. | ||||
| CVE-2026-40684 | 1 Exim | 1 Exim | 2026-05-01 | 5.9 Medium |
| In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in octal printing. | ||||
| CVE-2026-40687 | 1 Exim | 1 Exim | 2026-05-01 | 4.8 Medium |
| In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory. | ||||
| CVE-2025-36122 | 1 Ibm | 1 Db2 | 2026-05-01 | 6.5 Medium |
| IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service using a specially crafted SQL query due to improper allocation of system resources. | ||||
| CVE-2026-7502 | 1 Linkstack | 1 Linkstack | 2026-05-01 | 5.4 Medium |
| A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Management Endpoint. The manipulation leads to authorization bypass. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2025-36335 | 1 Ibm | 1 Watsonxdata Intelligence | 2026-05-01 | 6.2 Medium |
| IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.3.0, 5.3.1 stores user credentials in plain text which can be read by a local user. | ||||
| CVE-2026-41263 | 1 Traefik | 1 Traefik | 2026-05-01 | N/A |
| Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a timing side-channel vulnerability in Traefik's BasicAuth middleware that allows an attacker to enumerate valid usernames through response-time differences. The variable intended to hold a constant-time fallback secret always resolves to an empty string, causing the constant-time comparison to short-circuit in microseconds rather than performing a full bcrypt evaluation. This restores the original timing oracle and makes it possible to distinguish existing users from non-existing ones by measuring authentication response times. This issue has been patched in versions 2.11.43, 3.6.14, and 3.7.0-rc.2. | ||||
| CVE-2026-6539 | 1 Notepad++ | 1 Notepad++ | 2026-05-01 | 4.4 Medium |
| Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through community channels that triggers format string interpretation when a user performs search operations, leading to access violations and potential leakage of stack or register contents. | ||||
| CVE-2026-7506 | 1 Sourcecodester | 1 Hotel Management System | 2026-05-01 | 7.3 High |
| A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-5403 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 7.8 High |
| SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| CVE-2026-5404 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 4.7 Medium |
| K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-22726 | 1 Cloudfoundry | 2 Cf-deployment, Routing-release | 2026-05-01 | 5 Medium |
| Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a malicious developer with access to Cloudfoundry could configure a route-service that would allow it to send requests to HTTP services on internal networks reachable by the Gorouter, which may not have previously had direct access from outside networks, or from the application. Routing release: affected from v0.118.0 through v0.371.0 (inclusive); upgrade to v0.372.0 or greater. CF Deployment: affected from v0.0.2 through v54.14.0 (inclusive); upgrade to v55.0.0 or greater (includes routing_release v0.372.0). | ||||
| CVE-2026-7512 | 1 Utt | 1 Hiper 1200gw | 2026-05-01 | 8.8 High |
| A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2026-5656 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 7 High |
| Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| CVE-2026-42996 | 2026-05-01 | N/A | ||
| JS8Call through 2.3.1 and JS8Call-improved before 3.0 have a stack-based buffer overflow via a radio transmission of @APRSIS GRID followed by a long Maidenhead locator. This occurs in grid2deg in APRSISClient.cpp. | ||||
| CVE-2026-42994 | 1 Bitwarden | 1 Bitwarden | 2026-05-01 | N/A |
| Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident. | ||||
| CVE-2026-28909 | 1 Apple | 1 Macos | 2026-05-01 | 6.5 Medium |
| Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3. | ||||
| CVE-2026-7519 | 1 Fujian Apex | 1 Livebos | 2026-05-01 | 7.3 High |
| A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1 is recommended to address this issue. Upgrading the affected component is advised. | ||||