75017 matches found
CVE-2013-5223
Multiple cross-site scripting XSS vulnerabilities in D-Link DSL-2760U Gateway Rev. E1 allow remote authenticated users to inject arbitrary web script or HTML via the 1 ntpServer1 parameter to sntpcfg.cgi, username parameter to 2 ddnsmngr.cmd or 3 todmngr.tod, 4 TodUrlAdd parameter to urlfilter.cm...
CVE-2013-3576
ginkgosnmp.inc in HP System Management Homepage SMH allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATHINFO to smhutil/snmpchp.php.en. Recent assessments: theguly at February 28, 2020 4:42pm UTC reported: this product runs as SYSTEM by default, and...
HP Insight Diagnostics 8.20 b2878 multiple vulnerabilities
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Environment: Tested on both windows and linux x32 platforms. The installation requires HP Insight...
CVE-2011-2763
The web interface on the LifeSize Room appliance LSRM13.5.3 11 and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoomRemoting.doCommand function in gateway.php. Recent assessments: zeroSteiner at January 13, 2020 5:56pm UTC reported: The request to...
CVE-2010-3035
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service peering reset via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, a...
CVE-2009-0563
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word,...
CVE-2008-4554
The dosplicefrom function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the OAPPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file...
CVE-2005-3965
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2607. Reason: This candidate is a duplicate of CVE-2004-2607. Notes: All CVE users should reference CVE-2004-2607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2026-60002
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. This outcome occurs only on the client side...
CVE-2026-50128
Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...
CVE-2026-48020
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated attacker to bypass route-level authentication and authorization. When a public router matches on a...
CVE-2026-35904
Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...
CVE-2026-46229
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...
CVE-2026-45104
MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls SLDApplyRuleValuespsRule, psLayer, 1; for any carrying — it assumes msSLDParseRule added one class. When the rule has no symbolizer a structurally valid SLD, msSLDParseRul...
CVE-2026-3375
The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the /wp-json/litespeed/v1/notifyccss and /wp-json/litespeed/v1/notifyucss REST API endpoints in all versions up to, and including, 7.7. These endpoints accept CSS content from QUIC.cloud callback notificatio...
CVE-2026-9403
A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...
CVE-2026-9123
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...
CVE-2026-8544
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-7573
An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...
CVE-2026-7696
A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. The manipulation of the argument File results in unrestricted upload. The attack may be launched...
CVE-2026-32499
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...
CVE-2026-3055
Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread...
CVE-2026-30849
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not...
CVE-2026-3664
A vulnerability was determined in xlnt-community xlnt up to 1.6.1. Impacted is the function xlnt::detail::compounddocument::readdirectory of the file source/detail/cryptography/compounddocument.cpp of the component Encrypted XLSX File Parser. Executing a manipulation can lead to out-of-bounds rea...
CVE-2026-3337
Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...
CVE-2026-28415
Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the redirecttotarget function in Gradio's OAuth flow accepts an unvalidated targeturl query parameter, allowing redirection to arbitrary external URLs. This affects the /logout and /login/callback...
CVE-2026-26995
Further research determined the issue is an external dependency vulnerability...
CVE-2026-23719
A vulnerability has been identified in Simcenter Femap All versions V2512, Simcenter Nastran All versions V2512. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted NDB files. This could allow an attacker to execute code in the context of the curre...
CVE-2026-2163
A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTPST/REMOTEADDR/REMOTEPORT/SERVERID leads to command injection. The attack may be launched remotely. The exploit is publicly availabl...
CVE-2025-11839
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...
CVE-2025-4427
An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. Recent assessments: remmons-r7 at May 22, 2025 5:21am UTC reported: On May 13, 2025, Ivanti published an adviso...
CVE-2021-26138
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...
CVE-2024-39744
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2024-4879
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...
CVE-2023-32172
Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is required to exploit this vulnerability. The...
CVE-2022-4554
B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347...
CVE-2022-43821
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...
CVE-2022-30576
The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site...
CVE-2022-26980
Teampass 2.1.26 allows reflected XSS via the index.php PATHINFO...
CVE-2022-0870
Server-Side Request Forgery SSRF in GitHub repository gogs/gogs prior to 0.12.5...
CVE-2022-25824
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview...
CVE-2022-22912
Prototype pollution vulnerability via .parse in Plist before v3.0.4 allows attackers to cause a Denial of Service DoS and may lead to remote code execution...
CVE-2022-23223
On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later...
CVE-2021-20028
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access SRA products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...
CVE-2020-10644
The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to 7.9.14, allowing an attacker to obtain sensitive information. Recent assessments:...
Windowsrcer IE/Edge Cross-URL vulnerabilities
Cross-Origin bugs in IE and Edge allow bypassing SOP in both browsers. 0-days released by James Lee @Windowsrcer Recent assessments: busterb at August 21, 2019 4:31pm UTC reported: A SOP bug requires the attacker to inject a resource into one domain, and be listening on another. Such a...
CVE-2020-1984
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with ‘create folders or append data’ access to the root of the OS disk C: to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo f...
CVE-2020-10560
An issue was discovered in Open Source Social Network OSSN through 5.3. A user-controlled file path with a weak cryptographic rand can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the...
CVE-2020-8864
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login...
CVE-2020-10535
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address. Recent assessments: ericalexanderorg at March 16, 2020 3:55pm UTC reported: Not enough details to fully assess ATM bu...