Export limit exceeded: 75161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75161 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5849 | 1 Tenda | 2 I12, I12 Firmware | 2026-04-09 | 7.3 High |
| A vulnerability was determined in Tenda i12 1.0.0.11(3862). The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-5173 | 1 Gitlab | 1 Gitlab | 2026-04-09 | 8.5 High |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control. | ||||
| CVE-2025-12664 | 1 Gitlab | 1 Gitlab | 2026-04-09 | 7.5 High |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an unauthenticated user to cause denial of service by sending repeated GraphQL queries. | ||||
| CVE-2026-5828 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-09 | 7.3 High |
| A vulnerability was found in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /functions/addcomment.php. The manipulation of the argument postid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-5844 | 1 D-link | 1 Dir-882 | 2026-04-09 | 7.2 High |
| A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-61662 | 2 Gnu, Redhat | 10 Grub2, Enterprise Linux, Enterprise Linux Eus and 7 more | 2026-04-09 | 7.8 High |
| A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded. | ||||
| CVE-2026-34078 | 1 Flatpak | 1 Flatpak | 2026-04-09 | 8.2 High |
| Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox. This gives apps access to all host files and can be used as a primitive to gain code execution in the host context. This vulnerability is fixed in 1.16.4. | ||||
| CVE-2024-1490 | 2026-04-09 | 7.2 High | ||
| An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitrary commands on the device. | ||||
| CVE-2026-26133 | 1 Microsoft | 35 365 Copilot, 365 Copilot Android, 365 Copilot For Android and 32 more | 2026-04-09 | 7.1 High |
| AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-4319 | 2 Carmelo, Code-projects | 2 Simple Food Order System, Simple Food Order System | 2026-04-09 | 7.3 High |
| A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-32763 | 2 Kysely, Kysely-org | 2 Kysely, Kysely | 2026-04-09 | 8.2 High |
| Kysely is a type-safe TypeScript SQL query builder. Versions up to and including 0.28.11 has a SQL injection vulnerability in JSON path compilation for MySQL and SQLite dialects. The `visitJSONPathLeg()` function appends user-controlled values from `.key()` and `.at()` directly into single-quoted JSON path string literals (`'$.key'`) without escaping single quotes. An attacker can break out of the JSON path string context and inject arbitrary SQL. This is inconsistent with `sanitizeIdentifier()`, which properly doubles delimiter characters for identifiers — both are non-parameterizable SQL constructs requiring manual escaping, but only identifiers are protected. Version 0.28.12 fixes the issue. | ||||
| CVE-2026-32888 | 1 Opensourcepos | 2 Open Source Point Of Sale, Opensourcepos | 2026-04-09 | 8.8 High |
| Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled (search_custom filter), user-supplied input from the search GET parameter is interpolated directly into a HAVING clause without parameterization or sanitization. This allows an authenticated attacker with basic item search permissions to execute arbitrary SQL queries. A patch did not exist at the time of publication. | ||||
| CVE-2026-32933 | 1 Luckypennysoftware | 1 Automapper | 2026-04-09 | 7.5 High |
| AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service (DoS) attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an attacker to provide a specially crafted object graph that exhausts the thread's stack memory, triggering a `StackOverflowException` and causing the entire application process to terminate. Versions 15.1.1 and 16.1.1 fix the issue. | ||||
| CVE-2026-33419 | 1 Minio | 1 Minio | 2026-04-09 | 7.5 High |
| MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined weaknesses: (1) distinguishable error responses that enable username enumeration, and (2) absence of rate limiting on authentication attempts. An unauthenticated network attacker can enumerate valid LDAP usernames and then perform unlimited password guessing to obtain temporary AWS-style STS credentials, gaining access to the victim's S3 buckets and objects. This issue has been patched in RELEASE.2026-03-17T21-25-16Z. | ||||
| CVE-2016-20045 | 2 Hnb, Hnb Project | 2 Hnb, Hierarchical Notebook | 2026-04-09 | 8.4 High |
| HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution. | ||||
| CVE-2018-25225 | 2 Sipp, Sipp Project | 2 Sipp, Sipp | 2026-04-09 | 8.4 High |
| SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets. | ||||
| CVE-2026-4415 | 1 Gigabyte | 2 Control Center, Gigabyte Control Center | 2026-04-09 | 8.1 High |
| Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation. | ||||
| CVE-2026-4416 | 1 Gigabyte | 1 Performance Library | 2026-04-09 | 7.8 High |
| The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation. | ||||
| CVE-2025-59710 | 2 Biztalk360, Kovai | 2 Biztalk360, Biztalk360 | 2026-04-09 | 8.8 High |
| An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the server. | ||||
| CVE-2025-59711 | 2 Biztalk360, Kovai | 2 Biztalk360, Biztalk360 | 2026-04-09 | 8.3 High |
| An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the service, aka Directory Traversal. | ||||