Export limit exceeded: 347704 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347704 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7423 | 1 Amazon | 1 Freertos-plus-tcp | 2026-04-30 | 5.3 Medium |
| Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without validating the field is large enough, resulting in a heap out-of-bounds read of up to approximately 65KB. To mitigate this issue, users should upgrade to the fixed version when available. | ||||
| CVE-2026-7424 | 1 Amazon | 1 Freertos-plus-tcp | 2026-04-30 | 8.1 High |
| Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service (permanent IP task freeze requiring hardware reset) by sending a single crafted DHCPv6 packet. The issue is present whenever DHCPv6 is enabled. To mitigate this issue, users should upgrade to version V4.2.6 or V4.4.1 or newer. | ||||
| CVE-2026-7425 | 1 Amazon | 1 Freertos-plus-tcp | 2026-04-30 | 6.5 Medium |
| Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash) by sending a crafted Router Advertisement with a truncated PREFIX_INFORMATION option that is smaller than the expected structure size. To mitigate this issue, users should upgrade to the fixed version when available. | ||||
| CVE-2026-7426 | 1 Amazon | 1 Freertos-plus-tcp | 2026-04-30 | 8.1 High |
| Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid length, resulting in a heap buffer overflow. Users processing IPv4 RA only are not impacted. To mitigate this issue, users should upgrade to the fixed version when available. | ||||
| CVE-2026-6524 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6527 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6529 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6521 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6523 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-7376 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-7375 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-7378 | 1 Wireshark | 1 Wireshark | 2026-04-30 | 5.5 Medium |
| Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-42208 | 1 Berriai | 1 Litellm | 2026-04-30 | 9.8 Critical |
| A flaw was found in LiteLLM. A database query used for proxy API key checks incorrectly incorporated caller-supplied key values directly into the query. This vulnerability allows an unauthenticated attacker to send a specially crafted Authorization header to any Large Language Model (LLM) API route, exploiting the proxy's error-handling path. Successful exploitation could enable the attacker to read and potentially modify data within the proxy's database, leading to unauthorized access to the proxy and its managed credentials. | ||||
| CVE-2026-42510 | 1 Openstack | 1 Ironic | 2026-04-30 | 6.6 Medium |
| OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. | ||||
| CVE-2026-37750 | 1 Mahmoudai1 | 1 School Management System | 2026-04-30 | 6.1 Medium |
| A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the unsanitized type parameter in register.php. | ||||
| CVE-2026-0205 | 1 Sonicwall | 1 Sonicos | 2026-04-30 | 6.8 Medium |
| A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. | ||||
| CVE-2026-5550 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-29 | 8.8 High |
| A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected. | ||||
| CVE-2026-5549 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-29 | 5.3 Medium |
| A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2018-25259 | 1 Lizardsystems | 1 Terminal Services Manager | 2026-04-29 | 8.4 High |
| Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard. | ||||
| CVE-2018-25260 | 1 Magix | 2 Magix Music Editor, Music Editor Deluxe | 2026-04-29 | 8.4 High |
| MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted. | ||||