Export limit exceeded: 25149 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25149 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33284 | 1 Globaleaks | 2 Globaleaks, Globaleaks-whistleblowing-software | 2026-04-13 | 4.3 Medium |
| GlobaLeaks is free and open-source whistleblowing software. Prior to version 5.0.89, the /api/support endpoint of GlobaLeaks performs minimal validation on user-submitted support requests. As a result, arbitrary URLs can be included in support emails sent to administrators. Version 5.0.89 patches the issue. | ||||
| CVE-2026-30078 | 1 Openairinterface | 1 Oai-cn5g-amf | 2026-04-13 | 7.5 High |
| OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with invalid procedure code or invalid PDU-type. For example when the message specification requires InitiatingMessage but sent with successfulOutcome. | ||||
| CVE-2026-24511 | 1 Dell | 1 Powerscale Onefs | 2026-04-13 | 4.4 Medium |
| Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.6 and versions 9.11.0.0 through 9.13.0.0, contains a generation of error message containing sensitive information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. | ||||
| CVE-2025-71267 | 1 Linux | 1 Linux Kernel | 2026-04-13 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute indicates a zero data size while the driver allocates memory for it. When ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, it still allocates memory because of al_aligned(0). This creates an inconsistent state where ni->attr_list.size is zero, but ni->attr_list.le is non-null. This causes ni_enum_attr_ex to incorrectly assume that no attribute list exists and enumerates only the primary MFT record. When it finds ATTR_LIST, the code reloads it and restarts the enumeration, repeating indefinitely. The mount operation never completes, hanging the kernel thread. This patch adds validation to ensure that data_size is non-zero before memory allocation. When a zero-sized ATTR_LIST is detected, the function returns -EINVAL, preventing a DoS vulnerability. | ||||
| CVE-2025-68429 | 2 Storybook, Storybookjs | 2 Storybook, Storybook | 2026-04-10 | 7.3 High |
| Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a `.env` file, which could, in specific circumstances, lead to those variables being unexpectedly bundled into the artifacts created by the `storybook build` command. When a built Storybook is published to the web, the bundle’s source is viewable, thus potentially exposing those variables to anyone with access. For a project to potentially be vulnerable to this issue, it must build the Storybook (i.e. run `storybook build` directly or indirectly) in a directory that contains a `.env` file (including variants like `.env.local`) and publish the built Storybook to the web. Storybooks built without a `.env` file at build time are not affected, including common CI-based builds where secrets are provided via platform environment variables rather than `.env` files. Storybook runtime environments (i.e. `storybook dev`) are not affected. Deployed applications that share a repo with your Storybook are not affected. Users should upgrade their Storybook—on both their local machines and CI environment—to version .6.21, 8.6.15, 9.1.17, or 10.1.10 as soon as possible. Maintainers additionally recommend that users audit for any sensitive secrets provided via `.env` files and rotate those keys. Some projects may have been relying on the undocumented behavior at the heart of this issue and will need to change how they reference environment variables after this update. If a project can no longer read necessary environmental variable values, either prefix the variables with `STORYBOOK_` or use the `env` property in Storybook’s configuration to manually specify values. In either case, do not include sensitive secrets as they will be included in the built bundle. | ||||
| CVE-2026-33073 | 1 Discourse | 1 Discourse | 2026-04-10 | 5.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, the discourse-subscriptions plugin leaks stripe API keys across sites in a multisite cluster resulting in the potential for stripe related information to be leaked across sites within the same multisite cluster. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-32143 | 1 Discourse | 1 Discourse | 2026-04-10 | 6.5 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, moderators could export CSV data for admin-restricted reports, bypassing the report visibility restrictions. This could expose sensitive operational data intended only for admins. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-32618 | 1 Discourse | 1 Discourse | 2026-04-10 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, there is possible channel membership inference from chat user search without authorization. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-32620 | 1 Discourse | 1 Discourse | 2026-04-10 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, non-staff users could access read receipt information for staff-only posts they weren't supposed to see. No post content was exposed, only metadata about who read the post and when. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-32951 | 1 Discourse | 1 Discourse | 2026-04-10 | 4.3 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authenticated user can obtain shared draft topic titles by sending an inline onebox request with a category_id parameter matching the shared drafts category. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-33300 | 1 Discourse | 1 Discourse | 2026-04-10 | 6.5 Medium |
| Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, an authorization bypass in the Category Chatables Controller show action allowed moderators to get information on hidden groups names and user count. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0. | ||||
| CVE-2026-3774 | 3 Foxit, Foxitsoftware, Microsoft | 4 Pdf Editor, Pdf Reader, Foxit Pdf Editor and 1 more | 2026-04-10 | 4.7 Medium |
| The application allows PDF JavaScript and document/print actions (such as WillPrint/DidPrint) to update form fields, annotations, or optional content groups (OCGs) immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing redaction, encryption, and printing logic, which, under specific document structures and user workflows, may cause a small amount of sensitive content to remain unremoved or unencrypted as expected, or result in printed output that slightly differs from what was reviewed on screen. | ||||
| CVE-2026-33419 | 1 Minio | 1 Minio | 2026-04-09 | 7.5 High |
| MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: (1) distinguishable error responses that enable username enumeration, and (2) absence of rate limiting on authentication attempts. An unauthenticated network attacker can enumerate valid LDAP usernames and then perform unlimited password guessing to obtain temporary AWS-style STS credentials, gaining access to the victim's S3 buckets and objects. This issue has been patched in RELEASE.2026-03-17T21-25-16Z. | ||||
| CVE-2025-67806 | 2 Sage, Sagedpw | 2 Dpw, Sage Dpw | 2026-04-09 | 3.7 Low |
| The login mechanism of Sage DPW 2021_06_004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 2021_06_000. On-premise administrators can toggle this behavior in newer versions. | ||||
| CVE-2026-30613 | 1 Aziot | 1 Node Smart Switch | 2026-04-09 | 4.6 Medium |
| An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch (16amp)- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from the serial console without authentication. | ||||
| CVE-2025-57835 | 1 Samsung | 41 Exynos, Exynos 1080, Exynos 1080 Firmware and 38 more | 2026-04-09 | 7.5 High |
| An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper memory initialization results in an illegal memory access, causing a system crash via a malformed RRCReconfiguration message. | ||||
| CVE-2026-3594 | 2 Imprintnext, Wordpress | 2 Riaxe Product Customizer, Wordpress | 2026-04-08 | 5.3 Medium |
| The Riaxe Product Customizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4 via the '/wp-json/InkXEProductDesignerLite/orders' REST API endpoint. The endpoint is registered with 'permission_callback' set to '__return_true', meaning no authentication or authorization checks are performed. The endpoint queries WooCommerce order data from the database and returns it to the requester, including customer first and last names, customer IDs, order IDs, order totals, order dates, currencies, and order statuses. This makes it possible for unauthenticated attackers to extract sensitive customer and order information from the WooCommerce store. | ||||
| CVE-2026-5032 | 2 Boldgrid, Wordpress | 2 W3 Total Cache, Wordpress | 2026-04-08 | 7.5 High |
| The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw mfunc/mclude dynamic fragment HTML comments — including the W3TC_DYNAMIC_SECURITY security token — to be rendered in the page source. This makes it possible for unauthenticated attackers to discover the value of the W3TC_DYNAMIC_SECURITY constant by sending a crafted User-Agent header to any page that contains developer-placed dynamic fragment tags, granted the site has the fragment caching feature enabled. With the leaked W3TC_DYNAMIC_SECURITY token, an attacker can craft valid mfunc tags to execute arbitrary PHP code on the server, achieving remote code execution. | ||||
| CVE-2026-4438 | 2 Gnu, The Gnu C Library | 2 Glibc, Glibc | 2026-04-08 | 5.4 Medium |
| Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification. | ||||
| CVE-2026-33882 | 1 Statamic | 2 Cms, Statamic | 2026-04-08 | 6.5 Medium |
| Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.16 and 6.7.2, the markdown preview endpoint could be manipulated to return augmented data from arbitrary fieldtypes. With the users fieldtype specifically, an authenticated control panel user could retrieve sensitive user data including email addresses, encrypted passkey data, and encrypted two-factor authentication codes. This has been fixed in 5.73.16 and 6.7.2. | ||||