Export limit exceeded: 346095 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346095 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21997 | 1 Oracle | 1 Life Sciences Empirica Signal | 2026-04-22 | 8.5 High |
| Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are 9.2.1-9.2.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Life Sciences Empirica Signal. While the vulnerability is in Oracle Life Sciences Empirica Signal, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Life Sciences Empirica Signal accessible data as well as unauthorized read access to a subset of Oracle Life Sciences Empirica Signal accessible data. CVSS 3.1 Base Score 8.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N). | ||||
| CVE-2026-0539 | 2026-04-22 | N/A | ||
| Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745. | ||||
| CVE-2014-125120 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10056 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10045 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2013-10041 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2011-10031 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20124 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20118 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20117 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20116 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2010-20110 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2009-20012 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2008-20003 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2008-20002 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2005-20001 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2000-5001 | 2026-04-22 | N/A | ||
| This CVE has the been REJECTED and will not be published by the CNA. | ||||
| CVE-2026-33558 | 1 Apache | 2 Kafka, Kafka Clients | 2026-04-22 | 5.3 Medium |
| Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information will be exposed via the requests and responses output log. The entire lists of impacted requests and responses are: * AlterConfigsRequest * AlterUserScramCredentialsRequest * ExpireDelegationTokenRequest * IncrementalAlterConfigsRequest * RenewDelegationTokenRequest * SaslAuthenticateRequest * createDelegationTokenResponse * describeDelegationTokenResponse * SaslAuthenticateResponse This issue affects Apache Kafka: from any version supported the listed API above through v3.9.1, v4.0.0. We advise the Kafka users to upgrade to v3.9.2, v4.0.1, or later to avoid this vulnerability. | ||||
| CVE-2010-3765 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2026-04-22 | 9.8 Critical |
| Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware. | ||||
| CVE-2025-10735 | 1 Wordpress | 1 Wordpress | 2026-04-22 | 4 Medium |
| The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmit_Form_Data(). This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | ||||