Export limit exceeded: 346245 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346245 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-31176 | 2026-04-23 | 6.5 Medium | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun-user parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-31174 | 2026-04-23 | N/A | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-31172 | 2026-04-23 | N/A | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the user parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-31171 | 2026-04-23 | N/A | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-31165 | 2026-04-23 | N/A | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-31159 | 2026-04-23 | 6.5 Medium | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-29198 | 2026-04-23 | 9.8 Critical | ||
| In Rocket.Chat <8.3.0, <8.2.1, <8.1.2, <8.0.3, <7.13.5, <7.12.6, <7.11.6, and <7.10.9, a NoSQL injection vulnerability can lead to account takeover of the first user with a generated token when an OAuth app is configured. | ||||
| CVE-2026-0834 | 1 Tp-link | 4 Archer Ax53, Archer Ax53 Firmware, Archer C20 and 1 more | 2026-04-23 | 8.8 High |
| Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and reboots without credentials, causing configuration loss and interruption of device availability.This issue affects Archer C20 v6.0 < V6_251031, Archer C20 v5 <EU_V5_260317 or < US_V5_260419 Archer AX53 v1.0 < V1_251215 TL-WR841N v13 < 0.9.1 Build 20231120 Rel.62366 | ||||
| CVE-2025-70994 | 2026-04-23 | 7.3 High | ||
| Yadea T5 Electric Bicycles (models manufactured in/after 2024) have a weak authentication mechanism in their keyless entry system. The system utilizes the EV1527 fixed-code RF protocol without implementing rolling codes or cryptographic challenge-response mechanisms. This is vulnerable to signal forgery after a local attacker intercepts any legitimate key fob transmission, allowing for complete unauthorized vehicle operation via a replay attack. | ||||
| CVE-2025-6395 | 1 Redhat | 7 Ceph Storage, Discovery, Enterprise Linux and 4 more | 2026-04-23 | 6.5 Medium |
| A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). | ||||
| CVE-2025-12103 | 1 Redhat | 1 Openshift Ai | 2026-04-23 | 5 Medium |
| A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster Additionally users can access all `persistentvolumeclaims` and `lmevaljobs` | ||||
| CVE-2026-31163 | 2026-04-23 | N/A | ||
| An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi. | ||||
| CVE-2026-6074 | 2026-04-23 | N/A | ||
| A path traversal condition in Intrado 911 Emergency Gateway could allow an attacker with existing network access the ability to access the EGW management interface without authentication. Successful exploitation of this vulnerability could allow a user to read, modify, or delete files. | ||||
| CVE-2026-26182 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-23 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40886 | 2026-04-23 | 7.7 High | ||
| Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod() function causes a controller-wide panic when a workflow pod carries a malformed workflows.argoproj.io/pod-gc-strategy annotation. Because the panic occurs inside an informer goroutine (outside the controller's recover() scope), it crashes the entire controller process. The poisoned pod persists across restarts, causing a crash loop that halts all workflow processing until the pod is manually deleted. This vulnerability is fixed in 4.0.5 and 3.7.14. | ||||
| CVE-2026-34297 | 1 Oracle | 1 Hcm Common Architecture | 2026-04-23 | 7.5 High |
| Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HCM Common Architecture. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle HCM Common Architecture accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | ||||
| CVE-2026-33694 | 2026-04-23 | N/A | ||
| This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges. | ||||
| CVE-2026-26183 | 1 Microsoft | 15 Windows Server 2012, Windows Server 2012 (server Core Installation), Windows Server 2012 R2 and 12 more | 2026-04-23 | 7.8 High |
| Improper access control in Windows RPC API allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-26184 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-04-23 | 7.8 High |
| Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-41078 | 2026-04-23 | 5.9 Medium | ||
| OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on a large observed span/tag set and that enlarged size is reused for subsequent allocations. Under high-cardinality or attacker-influenced telemetry input, this can increase memory consumption and potentially cause denial of service. There is no plan to fix this issue as OpenTelemetry.Exporter.Jaeger was deprecated in 2023. | ||||