Export limit exceeded: 349277 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349277 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-11823 | 2026-04-15 | 6.1 Medium | ||
| The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'foldergallery' shortcode in all versions up to, and including, 1.7.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-40345 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject out-of-bound new_pba Discovered by Atuin - Automated Vulnerability Discovery Engine. new_pba comes from the status packet returned after each write. A bogus device could report values beyond the block count derived from info->capacity, letting the driver walk off the end of pba_to_lba[] and corrupt heap memory. Reject PBAs that exceed the computed block count and fail the transfer so we avoid touching out-of-range mapping entries. | ||||
| CVE-2025-40342 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing port_state and rport state nvme_fc_unregister_remote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because nvme_fc_create_association is not taking a lock to check the port_state and atomically increase the active count on the rport. | ||||
| CVE-2025-53350 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webjunk Calendar Plus calendar-plus allows Reflected XSS.This issue affects Calendar Plus: from n/a through <= 1.2.4. | ||||
| CVE-2025-49955 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rajan Vijayan WP Smart Flexslider wp-smart-flexslider allows Reflected XSS.This issue affects WP Smart Flexslider: from n/a through <= 2.5. | ||||
| CVE-2024-34897 | 2026-04-15 | 7.5 High | ||
| Nedis SmartLife android app v1.4.0 was discovered to contain an API key disclosure vulnerability. | ||||
| CVE-2025-40339 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vm_handle_moved If a amdgpu_bo_va is fpriv->prt_va, the bo of this one is always NULL. So, such kind of amdgpu_bo_va should be updated separately before amdgpu_vm_handle_moved. | ||||
| CVE-2024-34329 | 1 Entrust | 1 Datacard Xps Card Printer Driver | 2026-04-15 | 8.4 High |
| Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.5 and earlier without the dxp1-patch-E24-004 patch allows unauthenticated attackers to execute arbitrary code as SYSTEM via a crafted DLL payload. | ||||
| CVE-2025-40338 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of operations - since commit cee28113db17 ("ASoC: dmaengine_pcm: Allow passing component name via config") the framework does not override component->name if set before invoking the initializer. | ||||
| CVE-2025-4701 | 2026-04-15 | 5.3 Medium | ||
| A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils.py. The manipulation of the argument path leads to deserialization. It is possible to launch the attack on the local host. | ||||
| CVE-2025-49938 | 2 Crocoblock, Wordpress | 2 Jetengine, Wordpress | 2026-04-15 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine jet-engine allows Stored XSS.This issue affects JetEngine: from n/a through <= 3.7.3. | ||||
| CVE-2024-51984 | 2026-04-15 | 6.8 Medium | ||
| An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the existing credentials for that external service. In the case of an external LDAP or FTP service, this will disclose the plaintext password for that external service to the attacker. | ||||
| CVE-2024-51982 | 2026-04-15 | 7.5 High | ||
| An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash. | ||||
| CVE-2024-51981 | 2026-04-15 | 5.3 Medium | ||
| An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling. This SSRF leverages the WS-Addressing feature used during a WS-Eventing subscription SOAP operation. The attacker can control all the HTTP data sent in the SSRF connection, but the attacker can not receive any data back from this connection. | ||||
| CVE-2025-40332 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svm_range_restore_pages calls mmap_read_unlock then returns. This causes deadlock and system hangs later because mmap read or write lock cannot be taken. Downgrade mmap write lock to read lock if draining retry fault fix this bug. | ||||
| CVE-2025-12143 | 1 Abb | 1 Terra Ac Wallbox Jp | 2026-04-15 | 6.1 Medium |
| Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | ||||
| CVE-2025-40331 | 1 Linux | 1 Linux Kernel | 2026-04-15 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bounds in case the address list has grown between buffer allocation (time-of-check) and write (time-of-use). | ||||
| CVE-2024-51978 | 2026-04-15 | 9.8 Critical | ||
| An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP request. | ||||
| CVE-2024-6827 | 1 Redhat | 1 Discovery | 2026-04-15 | N/A |
| Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default fallback method of 'Content-Length,' making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning, data exposure, session manipulation, SSRF, XSS, DoS, data integrity compromise, security bypass, information leakage, and business logic abuse. | ||||
| CVE-2024-6646 | 1 Netgear | 1 Wn604 | 2026-04-15 | 5.3 Medium |
| A vulnerability was found in Netgear WN604 up to 20240710. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /downloadFile.php of the component Web Interface. The manipulation of the argument file with the input config leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||