Export limit exceeded: 347030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7267 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-04-28 | 6.3 Medium |
| A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /view_prod.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2026-41371 | 1 Openclaw | 1 Openclaw | 2026-04-28 | 8.5 High |
| OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin scope by exploiting improper authorization checks in the chat.send path. | ||||
| CVE-2026-31482 | 1 Linux | 1 Linux Kernel | 2026-04-28 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), all entry handlers loaded r12 with the current task pointer (lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That commit removed TIF_ISOLATE_BP, dropping both the branch prediction macros and the r12 load, but did not add r12 to the register clearing sequence. Add the missing xgr %r12,%r12 to make the register scrub consistent across all entry points. | ||||
| CVE-2026-5779 | 2026-04-28 | N/A | ||
| An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this vulnerability allows an authenticated user to modify other users' information, such as their email address, and request a new password via the '/webconnect/#/forgotPassword' endpoint. This could lead to complete account takeover. | ||||
| CVE-2024-46636 | 1 Nasa | 1 Modaps | 2026-04-28 | 9.4 Critical |
| NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter | ||||
| CVE-2026-5780 | 2026-04-28 | N/A | ||
| An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the ID. This allows an attacker to obtain a list of users. | ||||
| CVE-2026-5781 | 2026-04-28 | N/A | ||
| An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitation of this vulnerability could allow an authenticated user to obtain administrator privileges. It is not possible to escalate privileges through the graphical user interface. | ||||
| CVE-2026-31483 | 1 Linux | 1 Linux Kernel | 2026-04-28 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an array_index_nospec() boundary to prevent access past the syscall function pointer tables. | ||||
| CVE-2026-41525 | 1 Kde | 1 Dolphin | 2026-04-28 | 6.5 Medium |
| KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file, including scripts or executables. (By default, Dolphin will then prompt the user to determine if they want to launch a script or executable; however, the intended behavior is to block the attempted action, not present a consent prompt.) | ||||
| CVE-2026-31484 | 1 Linux | 1 Linux Kernel | 2026-04-28 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/fdinfo: fix OOB read in SQE_MIXED wrap check __io_uring_show_fdinfo() iterates over pending SQEs and, for 128-byte SQEs on an IORING_SETUP_SQE_MIXED ring, needs to detect when the second half of the SQE would be past the end of the sq_sqes array. The current check tests (++sq_head & sq_mask) == 0, but sq_head is only incremented when a 128-byte SQE is encountered, not on every iteration. The actual array index is sq_idx = (i + sq_head) & sq_mask, which can be sq_mask (the last slot) while the wrap check passes. Fix by checking sq_idx directly. Keep the sq_head increment so the loop still skips the second half of the 128-byte SQE on the next iteration. | ||||
| CVE-2026-40966 | 1 Vmware | 1 Spring Ai | 2026-04-28 | 5.9 Medium |
| In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by injecting filter logic through conversationId. Only applications that use VectorStoreChatMemoryAdvisor and pass user-supplied input as a conversationId are affected. | ||||
| CVE-2026-7309 | 1 Redhat | 1 Openshift | 2026-04-28 | 4.3 Medium |
| A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such as `LD_PRELOAD` or `http_proxy`, into `docker-build` containers through the `buildconfigs/instantiate` API. This incomplete fix for a previous vulnerability allows for information disclosure, specifically impacting the confidentiality of build traffic. | ||||
| CVE-2026-42255 | 1 Technitium | 1 Dnsserver | 2026-04-28 | 7.2 High |
| Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation. | ||||
| CVE-2026-38935 | 1 Diskoverdata | 1 Diskover | 2026-04-28 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter | ||||
| CVE-2026-38936 | 1 Diskoverdata | 1 Diskover | 2026-04-28 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter | ||||
| CVE-2026-35901 | 1 Mercury | 1 Mipc252w | 2026-04-28 | 4.4 Medium |
| A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connection, leading to a denial-of-service condition. | ||||
| CVE-2026-6043 | 1 Perforce | 1 Helix Core Server P4d | 2026-04-28 | N/A |
| P4 Server versions prior to 2026.1 are configured with insecure default settings that, when exposed to untrusted networks, allow unauthenticated attackers to create arbitrary user accounts, enumerate existing users, authenticate to accounts with no password set, and access depot contents via the built-in 'remote' user. These default settings, taken together, can lead to unauthorized access to source code repositories and other managed assets. The 2026.1 release, expected in May 2026, enforces secure-by-default configurations on upgrade and new installations | ||||
| CVE-2024-31358 | 1 Saleswonder.biz | 1 5 Star Rating Funnel | 2026-04-28 | 7.5 High |
| Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through <= 1.2.67. | ||||
| CVE-2024-30549 | 1 Cimatti | 1 Wordpress Contact Forms | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cimatti Contact Forms by Cimatti contact-forms.This issue affects Contact Forms by Cimatti: from n/a through <= 1.8.0. | ||||
| CVE-2025-69689 | 1 Rem0o | 1 Fan Control | 2026-04-28 | 8.8 High |
| The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges. | ||||