Export limit exceeded: 345221 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345221 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345221 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33721 | 2 Mapserver, Osgeo | 2 Mapserver, Mapserver | 2026-04-17 | 5.3 Medium |
| MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior to version 8.6.1, a heap-buffer-overflow write in MapServer’s SLD (Styled Layer Descriptor) parser lets a remote, unauthenticated attacker crash the MapServer process by sending a crafted SLD with more than 100 Threshold elements inside a ColorMap/Categorize structure (commonly reachable via WMS GetMap with SLD_BODY). Version 8.6.1 patches the issue. | ||||
| CVE-2026-2731 | 1 Dynamicweb | 1 Dynamicweb | 2026-04-17 | N/A |
| Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via simple web requests | ||||
| CVE-2026-26361 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 6.5 Medium |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. | ||||
| CVE-2026-26362 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 8.1 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized modification of critical system files. | ||||
| CVE-2026-23543 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Essential Addons For Elementor | 2026-04-17 | 5.3 Medium |
| Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a through <= 6.5.5. | ||||
| CVE-2026-23548 | 2 Designinvento, Wordpress | 2 Directorypress, Wordpress | 2026-04-17 | 5.3 Medium |
| Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.25. | ||||
| CVE-2026-25305 | 2 8theme, Wordpress | 2 Xstore, Wordpress | 2026-04-17 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore xstore allows DOM-Based XSS.This issue affects XStore: from n/a through <= 9.6.4. | ||||
| CVE-2026-25325 | 2 Rtcamp, Wordpress | 2 Rtmedia For Wordpress, Buddypress And Bbpress, Wordpress | 2026-04-17 | 5.3 Medium |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in rtCamp rtMedia for WordPress, BuddyPress and bbPress buddypress-media allows Retrieve Embedded Sensitive Data.This issue affects rtMedia for WordPress, BuddyPress and bbPress: from n/a through <= 4.7.8. | ||||
| CVE-2026-25333 | 2 Peregrinethemes, Wordpress | 2 Shopwell, Wordpress | 2026-04-17 | 5.3 Medium |
| Missing Authorization vulnerability in peregrinethemes Shopwell shopwell allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shopwell: from n/a through <= 1.0.11. | ||||
| CVE-2026-25393 | 2 Sparklewpthemes, Wordpress | 2 Hello Fse, Wordpress | 2026-04-17 | 4.3 Medium |
| Missing Authorization vulnerability in sparklewpthemes Hello FSE hello-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hello FSE: from n/a through <= 1.0.6. | ||||
| CVE-2026-26359 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-04-17 | 8.8 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files. | ||||
| CVE-2026-2736 | 1 Alkacon | 1 Opencms | 2026-04-17 | 6.1 Medium |
| Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL containing the ‘q’ parameter in ‘/search/index.html’. This vulnerability can be exploited to steal sensitive user information such as session cookies, or to perform actions while impersonating the user. | ||||
| CVE-2026-22268 | 1 Dell | 1 Powerprotect Data Manager | 2026-04-17 | 6.3 Medium |
| Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service of a Dell Enterprise Support connection. | ||||
| CVE-2026-22267 | 1 Dell | 1 Powerprotect Data Manager | 2026-04-17 | 8.1 High |
| Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2026-1219 | 2 Sonaar, Wordpress | 2 Mp3 Audio Player – Music Player, Podcast Player & Radio By Sonaar, Wordpress | 2026-04-17 | 5.3 Medium |
| The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 4.0 to 5.10 via the 'load_track_note_ajax' due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to view the contents of private posts. | ||||
| CVE-2026-25535 | 1 Parall | 1 Jspdf | 2026-04-17 | 7.5 High |
| jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the first argument of the `addImage` method results in denial of service. If given the possibility to pass unsanitized image data or URLs to the `addImage` method, a user can provide a harmful GIF file that results in out of memory errors and denial of service. Harmful GIF files have large width and/or height entries in their headers, which lead to excessive memory allocation. Other affected methods are: `html`. The vulnerability has been fixed in jsPDF 4.2.0. As a workaround, sanitize image data or URLs before passing it to the addImage method or one of the other affected methods. | ||||
| CVE-2026-25755 | 1 Parall | 1 Jspdf | 2026-04-17 | 8.1 High |
| jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of the argument of the `addJS` method allows an attacker to inject arbitrary PDF objects into the generated document. By crafting a payload that escapes the JavaScript string delimiter, an attacker can execute malicious actions or alter the document structure, impacting any user who opens the generated PDF. The vulnerability has been fixed in jspdf@4.2.0. As a workaround, escape parentheses in user-provided JavaScript code before passing them to the `addJS` method. | ||||
| CVE-2026-25940 | 1 Parall | 1 Jspdf | 2026-04-17 | 8.1 High |
| jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control of properties and methods of the Acroform module allows users to inject arbitrary PDF objects, such as JavaScript actions. If given the possibility to pass unsanitized input to one of the following property, a user can inject arbitrary PDF objects, such as JavaScript actions, which are executed when the victim hovers over the radio option. The vulnerability has been fixed in jsPDF@4.2.0. As a workaround, sanitize user input before passing it to the vulnerable API members. | ||||
| CVE-2026-25998 | 1 Strongswan | 1 Strongman | 2026-04-17 | 7.5 High |
| strongMan is a management interface for strongSwan, an OpenSource IPsec-based VPN. When storing credentials in the database (private keys, EAP secrets), strongMan encrypts the corresponding database fields. So far it used AES in CTR mode with a global database key. Together with an initialization vector (IV), a key stream is generated to encrypt the data in the database fields. But because strongMan did not generate individual IVs, every database field was encrypted using the same key stream. An attacker that has access to the database can use this to recover the encrypted credentials. In particular, because certificates, which have to be considered public information, are also encrypted using the same mechanism, an attacker can directly recover a large chunk of the key stream, which allows them to decrypt basically all other secrets especially ECDSA private keys and EAP secrets, which are usually a lot shorter. Version 0.2.0 fixes the issue by switching to AES-GCM-SIV encryption with a random nonce and an individually derived encryption key, using HKDF, for each encrypted value. Database migrations are provided to automatically re-encrypt all credentials. | ||||
| CVE-2026-26016 | 1 Pterodactyl | 1 Panel | 2026-04-17 | 8.1 High |
| Wings is the server control plane for Pterodactyl, a free, open-source game server management panel. Prior to version 1.12.1, a missing authorization check in multiple controllers allows any user with access to a node secret token to fetch information about any server on a Pterodactyl instance, even if that server is associated with a different node. This issue stems from missing logic to verify that the node requesting server data is the same node that the server is associated with. Any authenticated Wings node can retrieve server installation scripts (potentially containing secret values) and manipulate the installation status of servers belonging to other nodes. Wings nodes may also manipulate the transfer status of servers belonging to other nodes. This vulnerability requires a user to acquire a secret access token for a node. Unless a user gains access to a Wings secret access token they would not be able to access any of these vulnerable endpoints, as every endpoint requires a valid node access token. A single compromised Wings node daemon token (stored in plaintext at `/etc/pterodactyl/config.yml`) grants access to sensitive configuration data of every server on the panel, rather than only to servers that the node has access to. An attacker can use this information to move laterally through the system, send excessive notifications, destroy server data on other nodes, and otherwise exfiltrate secrets that they should not have access to with only a node token. Additionally, triggering a false transfer success causes the panel to delete the server from the source node, resulting in permanent data loss. Users should upgrade to version 1.12.1 to receive a fix. | ||||