Export limit exceeded: 347925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7371 | 2 Geovision, Geovision Inc. | 3 Gv-lpc2011, Gv-lpc2211, Gv-lpc2011 Lpc2211 | 2026-05-04 | 7.4 High |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. Reflected XXS via the error message for requesting non-existing page. | ||||
| CVE-2026-42367 | 2 Geovision, Geovision Inc. | 3 Gv-lpc2011, Gv-lpc2211, Gv-lpc2011 Lpc2211 | 2026-05-04 | 6.5 Medium |
| A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. | ||||
| CVE-2026-42368 | 2 Geovision, Geovision Inc. | 3 Gv-lpc2011, Gv-lpc2211, Gv-lpc2011 Lpc2211 | 2026-05-04 | 9.9 Critical |
| A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability. | ||||
| CVE-2026-7727 | 1 Shandong Hoteam Software | 1 Pdm Product Data Management System | 2026-05-04 | 7.3 High |
| A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the file /Base/BaseService.asmx/DataService. This manipulation of the argument SortOrder causes sql injection. The attack can be initiated remotely. Upgrading to version 8.3.10 is able to mitigate this issue. You should upgrade the affected component. | ||||
| CVE-2026-7728 | 1 Ryanjoachim | 1 Mcp-rtfm | 2026-05-04 | 6.3 Medium |
| A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argument docFile leads to path traversal. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e6f0686fc36012f78236e7fed172c81444904b0b. It is best practice to apply a patch to resolve this issue. | ||||
| CVE-2026-7729 | 1 Pixelsock | 1 Directus-mcp | 2026-05-04 | 6.3 Medium |
| A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the argument fileUrl results in server-side request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2026-7730 | 1 Privsim | 1 Mcp-test-runner | 2026-05-04 | 6.3 Medium |
| A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function child_process.spawn of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-29200 | 1 Webpros | 1 Comet Backup | 2026-05-04 | N/A |
| A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call. | ||||
| CVE-2026-7738 | 1 Puchunjie | 1 Doc-tools-mcp | 2026-05-04 | 6.3 Medium |
| A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-14320 | 1 Tegsoft | 1 Online Support Application | 2026-05-04 | 9.8 Critical |
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025. | ||||
| CVE-2026-3120 | 1 Profelis | 1 Sambabox | 2026-05-04 | 7.2 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection. This issue affects SambaBox: from 5.1 before 5.3. | ||||
| CVE-2026-24072 | 1 Apache | 1 Http Server | 2026-05-04 | N/A |
| An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue. | ||||
| CVE-2025-58074 | 1 Gen Digital | 1 Norton Secure Vpn | 2026-05-04 | 8.8 High |
| A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges. | ||||
| CVE-2026-6499 | 1 Ilm Informatique | 1 Openconcerto | 2026-05-04 | N/A |
| Incorrect Permission Assignment for Critical Resource vulnerability in ILM Informatique OpenConcerto allows Replace Binaries. This issue affects OpenConcerto: 1.7.5. | ||||
| CVE-2026-7601 | 1 Open5gs | 1 Open5gs | 2026-05-04 | 4.3 Medium |
| A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument reg_type leads to denial of service. The attack is possible to be carried out remotely. Upgrading to version 2.7.7 is able to address this issue. The identifier of the patch is ebc66942b6f8f1fab2d640e71cf4e9f1a423b426. It is advisable to upgrade the affected component. | ||||
| CVE-2026-29514 | 2026-05-04 | 8.8 High | ||
| NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the environment_params field. Attackers can bypass Jinja2 SandboxedEnvironment protections by setting the finalize parameter to any importable Python callable such as subprocess.getoutput, which is invoked on every rendered expression outside the sandbox's call interception mechanism, achieving remote code execution as the NetBox service user. | ||||
| CVE-2026-42376 | 1 Dlink | 1 Dir-456u Firmware | 2026-05-04 | 9.8 Critical |
| D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with the username "Alphanetworks" and the static password "whdrv01_dlob_dir456U" read from /etc/config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | ||||
| CVE-2026-41326 | 1 Katacontainers | 1 Kata-containers | 2026-05-04 | N/A |
| Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines (VMs) that perform like containers. From v3.4.0 to v3.28.0, an oversight in the CopyFile policy (and perhaps the CopyFile handler) allows untrusted hosts to write to arbitrary locations inside the guest workload image. This can be used to overwrite binaries inside the guest and exfiltrate data from containers; even those running inside CVMs. This vulnerability is fixed in v3.29.0. | ||||
| CVE-2026-42375 | 1 Dlink | 1 Dir-600l Firmware | 2026-05-04 | 9.8 Critical |
| D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The custom telnetd binary accepts a -u user:password flag, and the custom login binary uses strcmp() to validate credentials. Successful authentication grants an unauthenticated attacker on the local network a root shell with full administrative control. The device has reached End-of-Life (EOL) and will not receive patches. | ||||
| CVE-2026-38669 | 2026-05-04 | N/A | ||
| wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. | ||||