Export limit exceeded: 346611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346611 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-1659 | 1 Softbizscripts | 1 Image Gallery Script | 2026-04-24 | N/A |
| Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in image_desc.php, (2) provided parameter in template.php, (3) cid parameter in suggest_image.php, (4) img_id parameter in insert_rating.php, and (5) cid parameter in images.php. | ||||
| CVE-2005-3938 | 1 Softbizscripts | 1 Faq Script | 2026-04-24 | N/A |
| SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.php, (4) print_article.php, or (5) add_comment.php. | ||||
| CVE-2005-3879 | 1 Softbizscripts | 1 Resource Repository Script | 2026-04-24 | N/A |
| Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res.php, (b) refer_friend.php, and (c) report_link.php, and (2) the sbcat_id parameter in (d) showcats.php. | ||||
| CVE-2026-33610 | 1 Powerdns | 1 Authoritative | 2026-04-24 | 5.9 Medium |
| A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it. | ||||
| CVE-2026-33609 | 1 Powerdns | 1 Authoritative | 2026-04-24 | 5.3 Medium |
| Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees. | ||||
| CVE-2026-33608 | 1 Powerdns | 1 Authoritative | 2026-04-24 | 7.4 High |
| An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it. | ||||
| CVE-2026-33602 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 6.5 Medium |
| A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service. | ||||
| CVE-2026-33599 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.1 Low |
| A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto_upgrade (YAML) settings. DDR upgrade is not enabled by default. | ||||
| CVE-2026-33598 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 4.8 Medium |
| A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress() or getAddressListByDomain() on a packet cache. | ||||
| CVE-2026-33597 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.7 Low |
| PRSD detection denial of service | ||||
| CVE-2026-33596 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 3.1 Low |
| A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend. | ||||
| CVE-2026-33595 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 5.3 Medium |
| A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection. | ||||
| CVE-2026-33593 | 1 Powerdns | 1 Dnsdist | 2026-04-24 | 7.5 High |
| A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query. | ||||
| CVE-2026-23363 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt7925_mac_write_txwi_80211 in order to avoid a possible oob access. | ||||
| CVE-2026-23365 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints. | ||||
| CVE-2026-23389 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory leak in ice_set_ringparam() In ice_set_ringparam, tx_rings and xdp_rings are allocated before rx_rings. If the allocation of rx_rings fails, the code jumps to the done label leaking both tx_rings and xdp_rings. Furthermore, if the setup of an individual Rx ring fails during the loop, the code jumps to the free_tx label which releases tx_rings but leaks xdp_rings. Fix this by introducing a free_xdp label and updating the error paths to ensure both xdp_rings and tx_rings are properly freed if rx_rings allocation or setup fails. Compile tested only. Issue found using a prototype static analysis tool and code review. | ||||
| CVE-2026-23388 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: Squashfs: check metadata block offset is within range Syzkaller reports a "general protection fault in squashfs_copy_data" This is ultimately caused by a corrupted index look-up table, which produces a negative metadata block offset. This is subsequently passed to squashfs_copy_data (via squashfs_read_metadata) where the negative offset causes an out of bounds access. The fix is to check that the offset is within range in squashfs_read_metadata. This will trap this and other cases. | ||||
| CVE-2026-23387 | 1 Linux | 1 Linux Kernel | 2026-04-24 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() devm_add_action_or_reset() already invokes the action on failure, so the explicit put causes a double-put. | ||||
| CVE-2026-41678 | 2026-04-24 | N/A | ||
| rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= in_.len(), but this condition is reversed. The intended invariant is out.len() >= in_.len() - 8, ensuring the output buffer is large enough. Because of the inverted check, the function only accepts buffers at or below the minimum required size and rejects larger ones. If a smaller buffer is provided the function will write past the end of out by in_.len() - 8 - out.len() bytes, causing an out-of-bounds write from a safe public function. This vulnerability is fixed in 0.10.78. | ||||
| CVE-2026-5364 | 2026-04-24 | 8.1 High | ||
| The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.1.3. This is due to the plugin extracting the file extension before sanitization occurs and allowing the file type parameter to be controlled by the attacker rather than being restricted to administrator-configured values, which when combined with the fact that validation occurs on the unsanitized extension while the file is saved with a sanitized extension, allows special characters like '$' to be stripped during the save process. This makes it possible for unauthenticated attackers to upload arbitrary PHP files and potentially achieve remote code execution, however, an .htaccess file and name randomization is in place which restricts real-world exploitability. | ||||