Export limit exceeded: 348692 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348692 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-6389 | 1 Ibm | 1 Turbonomic Prometurbo Agent | 2026-05-05 | 8.8 High |
| IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensitive credentials, escalate privileges, and potentially achieve full cluster compromise. | ||||
| CVE-2026-36956 | 2 Dbit, Dbitnet | 3 N300 T1 Pro Wireless Router, Dbit N300 T1 Pro, Dbit N300 T1 Pro Firmware | 2026-05-05 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-7784 | 2026-05-04 | 7.3 High | ||
| A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-43964 | 1 Postfix | 1 Postfix | 2026-05-04 | 3.7 Low |
| Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number. | ||||
| CVE-2025-47407 | 1 Qualcomm | 1 Snapdragon | 2026-05-04 | 7.8 High |
| Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level. | ||||
| CVE-2026-7722 | 1 Prefect | 1 Prefect | 2026-05-04 | 5.3 Medium |
| A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public and may be used. Upgrading to version 3.6.22 will fix this issue. The patch is named e21617125335025b4b27e7d6f0ca028e8e8f3b79. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | ||||
| CVE-2026-7723 | 1 Prefect | 1 Prefect | 2026-05-04 | 7.3 High |
| A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be used. Upgrading to version 3.6.14 is able to address this issue. This patch is called f8afecadf88ea5f73694dafa3a365b9d8fae1ad6. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | ||||
| CVE-2026-6266 | 1 Redhat | 3 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside | 2026-05-04 | 8.3 High |
| A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider (IDP) identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a victim's account or gain unauthorized access to other accounts, including administrative accounts, by manipulating the IDP-provided email. | ||||
| CVE-2026-5720 | 1 Miniupnp Project | 1 Miniupnpd | 2026-05-04 | N/A |
| miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the parsed length underflows to a large unsigned value when passed to memchr(), causing the process to scan memory far beyond the allocated HTTP request buffer. | ||||
| CVE-2026-7781 | 1 Open5gs | 1 Open5gs | 2026-05-04 | 4.3 Medium |
| A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the component amf-3gpp-access Endpoint. The manipulation leads to denial of service. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-46115 | 1 Open5gs | 1 Open5gs | 2026-05-04 | 7.5 High |
| An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request | ||||
| CVE-2025-70069 | 1 Assimp | 1 Assimp | 2026-05-04 | 7.5 High |
| An issue in Assimp v.6.0.2 allows a remote attacker to cause a denial of service via the FBXConverter.cpp and ConvertMeshMultiMaterial() method | ||||
| CVE-2026-29199 | 1 Phpbb | 1 Phpbb | 2026-05-04 | 8.1 High |
| phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link poisoning. When force_server_vars is disabled, the servers hostname may be extracted from the HTTP Host header which is used to generate the password reset link URL. An attacker who can manipulate the Host header (e.g. through misconfigured host setup or missing header validation by the webserver) can cause password reset emails to contain a link pointing to an attacker-controlled domain, potentially leading to account takeover. | ||||
| CVE-2025-56568 | 1 Open5gs | 1 Open5gs | 2026-05-04 | 7.5 High |
| Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data. | ||||
| CVE-2026-38669 | 1 Wcms | 1 Wcms | 2026-05-04 | 6.1 Medium |
| wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog. | ||||
| CVE-2026-0598 | 1 Redhat | 1 Ansible Automation Platform | 2026-05-04 | 4.2 Medium |
| A security flaw was identified in the Ansible Lightspeed API conversation endpoints that handle AI chat interactions. The APIs do not properly verify whether a conversation identifier belongs to the authenticated user making the request. As a result, an attacker with valid credentials could access or influence conversations owned by other users. This exposes sensitive conversation data and allows unauthorized manipulation of AI-generated outputs. | ||||
| CVE-2026-6074 | 1 Intrado | 1 911 Emergency Gateway | 2026-05-04 | N/A |
| Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the download_debuglog_file.php endpoint used for Debug Logs downloads. An unauthenticated attacker can manipulate the name parameter to read arbitrary files outside the intended directory | ||||
| CVE-2026-42154 | 1 Prometheus | 1 Prometheus | 2026-05-04 | 7.5 High |
| Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a small payload that causes a huge heap allocation per request. Under concurrent load this can exhaust available memory and crash the Prometheus process. This issue has been patched in versions 3.5.3 and 3.11.3. | ||||
| CVE-2026-41924 | 2026-05-04 | N/A | ||
| WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the set_time or StartSniffer functions. Attackers can craft a POST request with specially crafted ampersand-delimited parameters to bypass input sanitization and execute commands with a maximum length of 31 bytes through the date command or channel parameter processing. | ||||
| CVE-2026-41572 | 1 Enchant97 | 1 Note-mark | 2026-05-04 | 5.3 Medium |
| Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/{id}, /api/notes/{id}/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note ID or the slug path retain access. GORM's soft-delete scope does not reach the raw "JOIN books ..." clauses used by the note and asset queries. This issue has been patched in version 0.19.3. | ||||