Export limit exceeded: 356942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356942 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-48242 | 1 Openises | 1 Tickets | 2026-05-23 | 8.1 High |
| Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials (host, username, password, database name) in import_mdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values that may match deployed installations. | ||||
| CVE-2026-48230 | 1 Openises | 1 Tickets | 2026-05-23 | 5.4 Medium |
| Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ticketsmdb_import.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the multiple POST parameters (mdbhost, mdbdb, mdbuser, mdbpassword, mdbprefix, ticketshost, ticketsdb, ticketsuser, ticketspassword, ticketsprefix) directly into HTML form hidden input value attributes. Attackers can craft a malicious request containing a JavaScript payload that executes in the victim's browser when the response is rendered. | ||||
| CVE-2026-48224 | 1 Openises | 1 Tickets | 2026-05-23 | 5.4 Medium |
| Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics214.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_add_str POST parameter directly into an HTML form hidden input value attribute. Attackers can craft a malicious request containing a JavaScript payload that executes in the victim's browser when the response is rendered. | ||||
| CVE-2026-48218 | 1 Openises | 1 Tickets | 2026-05-23 | 5.4 Medium |
| Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in icons/buttons/landb.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frm_name and frm_id POST parameters directly into rendered HTML content and inline JavaScript. Attackers can craft a malicious request containing a JavaScript payload that executes in the victim's browser when the response is rendered. | ||||
| CVE-2026-45760 | 1 Apache | 1 Camel | 2026-05-23 | 8.1 High |
| (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their choice, including the operator namespace. This issue affects Apache Camel K: from 2.0.0 before 2.8.1, from 2.9.0 before 2.9.2, from 2.10.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1 (or 2.8.1 or 2.9.2), which fixes the issue. | ||||
| CVE-2026-44930 | 1 Apache | 1 Cxf | 2026-05-22 | 4.3 Medium |
| An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue. | ||||
| CVE-2026-44618 | 1 Apache | 1 Cxf | 2026-05-22 | 5.3 Medium |
| Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue. | ||||
| CVE-2026-40596 | 1 Mantisbt | 1 Mantisbt | 2026-05-22 | N/A |
| Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by updating their account's font family. Upon exploitation, an XSS payload would be reflected on every MantisBT page. Leveraging another vulnerability (CSP bypass, see GHSA-9c3j-xm6v-j7j3), the attacker could achieve account takeover. This issue has been fixed in version 2.28.2. | ||||
| CVE-2026-33117 | 1 Microsoft | 1 Azure Sdk For Java | 2026-05-22 | 9.1 Critical |
| The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may bypass integrity verification checks. Operations delegated to the Key Vault service are not affected. The issue is addressed in version 4.10.6. | ||||
| CVE-2026-42822 | 1 Microsoft | 2 Azure Local, Azure Resource Manager | 2026-05-22 | 10 Critical |
| Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-42831 | 1 Microsoft | 6 365 Copilot, Office, Office For Android and 3 more | 2026-05-22 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-40363 | 1 Microsoft | 11 365 Apps, 365 Copilot, Office and 8 more | 2026-05-22 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-33642 | 1 Kovidgoyal | 1 Kitty | 2026-05-22 | 9.9 Critical |
| Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer Over-Read/Write. An attacker who can write escape sequences to a kitty terminal (e.g., via a malicious file, SSH login banner, or piped content) can supply crafted x_offset/y_offset values that pass the bounds check after wrapping but cause massive out-of-bounds heap memory access in compose_rectangles(). No user interaction is required. No non-default configuration is required. The attacker only needs the ability to produce output in a kitty terminal window. This issue has been fixed in version 0.47.0. | ||||
| CVE-2026-33633 | 1 Kovidgoyal | 1 Kitty | 2026-05-22 | 7.5 High |
| Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in load_image_data() that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG format declaration (f=100) whose payload exceeds twice the initial buffer capacity. The overflow is attacker-controlled in both length and content, causing DoS and potentially escalation to RCE itself. This issue has been fixed in version 0.47.0. | ||||
| CVE-2026-2611 | 2 Lfprojects, Mlflow | 2 Mlflow, Mlflow/mlflow | 2026-05-22 | 9.6 Critical |
| In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. By bypassing the loopback-only restriction, the attacker can modify the Assistant's configuration to enable full access, which in turn allows the execution of arbitrary commands via the Claude Code sub-agent. This issue is resolved in version 3.10.0. | ||||
| CVE-2026-37470 | 1 Clipbucket | 1 Clipbucket | 2026-05-22 | 7.3 High |
| An issue in ClipBucket v5 v.5.5.2 allows an attacker to execute arbitrary code via the Authentication interface, login page endpoint and HTTP response security headers components | ||||
| CVE-2026-23263 | 1 Linux | 1 Linux Kernel | 2026-05-22 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix page array leak d9f595b9a65e ("io_uring/zcrx: fix leaking pages on sg init fail") fixed a page leakage but didn't free the page array, release it as well. | ||||
| CVE-2026-24188 | 1 Nvidia | 1 Tensorrt | 2026-05-22 | 8.2 High |
| NVIDIA TensorRT contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to data tampering. | ||||
| CVE-2025-26483 | 1 Dell | 5 Powerflex Appliance Intelligent Catalog, Powerflex Manager, Powerflex Manager Appliance and 2 more | 2026-05-22 | 6.1 Medium |
| Dell PowerFlex Manager, versions 4.6.2 and prior, contains an Open Redirect Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. | ||||
| CVE-2025-32745 | 1 Dell | 5 Powerflex Appliance Intelligent Catalog, Powerflex Manager, Powerflex Manager Appliance and 2 more | 2026-05-22 | 4.2 Medium |
| Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information tampering. | ||||