Export limit exceeded: 349593 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349593 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25294 | 1 Cewe-photoworld | 1 Cewe Photo Show | 2026-04-27 | 7.5 High |
| CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input. Attackers can inject 4000 bytes of data into the email address and password fields to trigger a denial of service condition. | ||||
| CVE-2026-7071 | 1 Codeastro | 1 Online Job Portal | 2026-04-27 | 5.3 Medium |
| A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7073 | 1 Itsourcecode | 1 Construction Management System | 2026-04-27 | 7.3 High |
| A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2026-7074 | 1 Itsourcecode | 1 Construction Management System | 2026-04-27 | 7.3 High |
| A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-7075 | 1 Itsourcecode | 1 Construction Management System | 2026-04-27 | 7.3 High |
| A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-7088 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-04-27 | 7.3 High |
| A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-3008 | 1 Notepad++ | 1 Notepad++ | 2026-04-27 | 6.6 Medium |
| Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application. | ||||
| CVE-2025-69808 | 1 P2r3 | 1 Bareiron | 2026-04-27 | 9.1 Critical |
| An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet. | ||||
| CVE-2025-52624 | 1 Hcltech | 1 Aion | 2026-04-27 | 5.4 Medium |
| A vulnerability Bypass of the script allowlist configuration in HCL AION. An incorrectly configured Content-Security-Policy header may allow unauthorized scripts to execute, increasing the risk of cross-site scripting and other injection-based attacks.This issue affects AION: 2.0. | ||||
| CVE-2025-52632 | 1 Hcltech | 1 Aion | 2026-04-27 | 6.5 Medium |
| A Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability in HCL AION.This issue affects AION: 2.0. | ||||
| CVE-2025-52635 | 1 Hcltech | 1 Aion | 2026-04-27 | 3.7 Low |
| A rusted types in scripts not enforced in CSP vulnerability has been identified in HCL AION.This issue affects AION: 2.0. | ||||
| CVE-2026-1352 | 1 Ibm | 1 Db2 | 2026-04-27 | 6.5 Medium |
| IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic. | ||||
| CVE-2026-6839 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-41667 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-41665 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.1 Medium |
| Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-41666 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation. Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-41664 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-1726 | 1 Ibm | 1 Guardium Key Lifecycle Manager | 2026-04-27 | 4.8 Medium |
| IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1 | ||||
| CVE-2026-40450 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0. | ||||
| CVE-2026-40449 | 2 Samsung, Samsung Open Source | 2 One, One | 2026-04-27 | 6.6 Medium |
| Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE. Affected version is prior to commit 1.30.0. | ||||