Export limit exceeded: 348017 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348017 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42374 | 1 Dlink | 1 Dir-600l Firmware | 2026-05-04 | 9.8 Critical |
| D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | ||||
| CVE-2026-31205 | 2026-05-04 | 5.7 Medium | ||
| Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function | ||||
| CVE-2026-6812 | 2 Deothemes, Wordpress | 2 Ona, Wordpress | 2026-05-04 | 4.4 Medium |
| The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the ona_activate_child_theme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||
| CVE-2026-42373 | 1 Dlink | 1 Dir-605l Firmware | 2026-05-04 | 9.8 Critical |
| D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | ||||
| CVE-2026-5109 | 2 Gravityforms, Wordpress | 2 Gravity Forms, Wordpress | 2026-05-04 | 7.2 High |
| The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient validation and output escaping of Product Option field values. The vulnerability exists because the state validation function accepts submitted values where the wp_kses()-sanitized version matches a legitimate option value, but then stores the raw unsanitized value in the database. When administrators view entry details via the Order Summary section, the option_label is output directly without escaping (view-order-summary.php line 32), executing the injected JavaScript. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in entry data that will execute whenever an administrator accesses the entry details page. | ||||
| CVE-2026-42372 | 1 Dlink | 1 Dir-605l Firmware | 2026-05-04 | 8.8 High |
| D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir605l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | ||||
| CVE-2026-7607 | 1 Trendnet | 2 Tew-821dap, Tew-821dap Firmware | 2026-05-04 | 8.8 High |
| A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains: "That firmware version will only work on our hardware version v1.xR. We have already EOL that product 8 years ago and are no longer selling". This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-5077 | 2 Hashthemes, Wordpress | 2 Total, Wordpress | 2026-05-04 | 5.4 Medium |
| The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in versions up to, and including, 2.2.1 due to insufficient output escaping when rendering the_title() inside HTML attribute context in the home blog section template. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires the malicious post to be published and displayed with a featured image in the Home Page blog section. | ||||
| CVE-2026-7633 | 1 Totolink | 2 N300rh, N300rh Firmware | 2026-05-04 | 6.5 Medium |
| A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to file inclusion. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2026-7668 | 1 Mikrotik | 1 Routeros | 2026-05-04 | 7.3 High |
| A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-6525 | 1 Wireshark | 1 Wireshark | 2026-05-04 | 5.5 Medium |
| IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | ||||
| CVE-2026-37458 | 2026-05-04 | N/A | ||
| Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE message. | ||||
| CVE-2026-36365 | 2026-05-04 | N/A | ||
| An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp | ||||
| CVE-2026-6449 | 2026-05-04 | 5.3 Medium | ||
| The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking has a 'waiting' status. This makes it possible for unauthenticated attackers to approve any booking that is in 'waiting' status by sending a crafted request to the publicly-accessible admin-ajax endpoint. | ||||
| CVE-2026-32650 | 1 Anviz | 2 Anviz Crosschex Standard, Crosschex Standard | 2026-05-04 | 7.5 High |
| Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access. | ||||
| CVE-2026-40434 | 1 Anviz | 2 Anviz Crosschex Standard, Crosschex Standard | 2026-05-04 | 8.1 High |
| Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic. | ||||
| CVE-2026-24178 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 9.8 Critical |
| NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service. | ||||
| CVE-2026-24186 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 8.8 High |
| NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution. | ||||
| CVE-2026-24204 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 6.5 Medium |
| NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2026-34262 | 1 Sap | 2 Hana Cockpit, Hana Database Explorer | 2026-05-04 | 5 Medium |
| Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer | ||||