Export limit exceeded: 338335 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338335 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25472 | 1 Intelbras | 2 Telefone Ip Tip 200, Telefone Ip Tip 200 Lite | 2026-03-12 | 7.5 High |
| IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read vulnerability in the dumpConfigFile function accessible via the cgiServer.exx endpoint. Attackers can send GET requests to /cgi-bin/cgiServer.exx with the command parameter containing dumpConfigFile() to read sensitive files including /etc/shadow and configuration files without proper authorization. | ||||
| CVE-2025-70024 | 1 Benkeen | 1 Generatedata | 2026-03-12 | 9.8 Critical |
| An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command was discovered in benkeen generatedata 4.0.14. | ||||
| CVE-2026-2368 | 1 Lenovo | 1 Filez | 2026-03-12 | 7.1 High |
| An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code. | ||||
| CVE-2025-70330 | 1 Easy | 1 Grade Pro | 2026-03-12 | 3.3 Low |
| Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP gradebook files. By modifying specific fields at precise offsets within an otherwise valid .EGP file, an attacker can trigger an out-of-bounds memory read during parsing. This results in an unhandled access violation and application crash, leading to a local denial-of-service condition when the crafted file is opened by a user. | ||||
| CVE-2019-25474 | 1 Easy Mp3 Downloader | 1 Easy Mp3 Downloader | 2026-03-12 | 6.2 Medium |
| Easy MP3 Downloader 4.7.8.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long unlock code. Attackers can generate a file containing 6000 'A' characters and paste the contents into the Unlock Code field during application startup to trigger a denial of service condition. | ||||
| CVE-2026-30900 | 1 Zoom | 1 Workplace | 2026-03-12 | 7.8 High |
| Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30901 | 1 Zoom | 1 Rooms | 2026-03-12 | 7 High |
| Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-31839 | 1 Striae-org | 1 Striae | 2026-03-12 | 8.2 High |
| Striae is a firearms examiner's comparison companion. A high-severity integrity bypass vulnerability existed in Striae's digital confirmation workflow prior to v3.0.0. Hash-only validation trusted manifest hash fields that could be modified together with package content, allowing tampered confirmation packages to pass integrity checks. This vulnerability is fixed in 3.0.0. | ||||
| CVE-2026-31858 | 1 Craftcms | 1 Craftcms | 2026-03-12 | N/A |
| Craft is a content management system (CMS). The ElementSearchController::actionSearch() endpoint is missing the unset() protection that was added to ElementIndexesController in CVE-2026-25495. The exact same SQL injection vulnerability (including criteria[orderBy], the original advisory vector) works on this controller because the fix was never applied to it. Any authenticated control panel user (no admin required) can inject arbitrary SQL via criteria[where], criteria[orderBy], or other query properties, and extract the full database contents via boolean-based blind injection. Users should update to the patched 5.9.9 release to mitigate the issue. | ||||
| CVE-2026-31975 | 1 Siteboon | 1 Claudecodeui | 2026-03-12 | N/A |
| Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for Claude Code, Cursor CLI, Codex, and Gemini-CLI. Prior to 1.25.0, OS Command Injection via WebSocket Shell. Both projectPath and initialCommand in server/index.js are taken directly from the WebSocket message payload and interpolated into a bash command string without any sanitization, enabling arbitrary OS command execution. A secondary injection vector exists via unsanitized sessionId. This vulnerability is fixed in 1.25.0. | ||||
| CVE-2026-32111 | 1 Homeassistant-ai | 1 Ha-mcp | 2026-03-12 | 5.3 Medium |
| ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form (beta feature) accepts a user-supplied ha_url and makes a server-side HTTP request to {ha_url}/api/config with no URL validation. An unauthenticated attacker can submit arbitrary URLs to perform internal network reconnaissance via an error oracle. Two additional code paths in OAuth tool calls (REST and WebSocket) are affected by the same primitive. The primary deployment method (private URL with pre-configured HOMEASSISTANT_TOKEN) is not affected. This vulnerability is fixed in 7.0.0. | ||||
| CVE-2026-3954 | 1 Openbmb | 1 Xagent | 2026-03-12 | 6.5 Medium |
| A weakness has been identified in OpenBMB XAgent 1.0.0. Affected by this vulnerability is the function workspace of the file XAgentServer/application/routers/workspace.py. This manipulation of the argument file_name causes path traversal. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-3955 | 1 Elecv2 | 1 Elecv2p | 2026-03-12 | 6.3 Medium |
| A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpoint. Such manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-70041 | 1 Oslabs-beta | 1 Thermakube | 2026-03-12 | 9.8 Critical |
| An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master. | ||||
| CVE-2026-31863 | 1 Anyproto | 3 Anytype-cli, Anytype-heart, Anytype-ts | 2026-03-12 | 3.6 Low |
| Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5. | ||||
| CVE-2026-31867 | 1 Craftcms | 1 Commerce | 2026-03-12 | N/A |
| Craft Commerce is an ecommerce platform for Craft CMS. Prior to 4.11.0 and 5.6.0, An Insecure Direct Object Reference (IDOR) vulnerability exists in Craft Commerce’s cart functionality that allows users to hijack any shopping cart by knowing or guessing its 32-character number. The CartController accepts a user-supplied number parameter to load and modify shopping carts. No ownership validation is performed - the code only checks if the order exists and is incomplete, not whether the requester has authorization to access it. This vulnerability enables the takeover of shopping sessions and potential exposure of PII. This vulnerability is fixed in 4.11.0 and 5.6.0. | ||||
| CVE-2026-32112 | 1 Homeassistant-ai | 1 Ha-mcp | 2026-03-12 | 6.8 Medium |
| ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth endpoint and convince the server operator to follow a crafted authorization URL could execute JavaScript in the operator's browser. This affects only users running the beta OAuth mode (ha-mcp-oauth), which is not part of the standard setup and requires explicit configuration. This vulnerability is fixed in 7.0.0. | ||||
| CVE-2026-3848 | 1 Gitlab | 1 Gitlab | 2026-03-12 | 5 Medium |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input validation in import functionality. | ||||
| CVE-2025-67035 | 1 Lantronix | 1 Eds5000 | 2026-03-12 | 9.8 Critical |
| An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The SSH Client and SSH Server pages are affected by multiple OS injection vulnerabilities due to missing sanitization of input parameters. An attacker can inject arbitrary commands in delete actions of various objects, such as server keys, users, and known hosts. Commands are executed with root privileges. | ||||
| CVE-2026-32104 | 1 Withstudiocms | 1 Studiocms | 2026-03-12 | 5.4 Medium |
| StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the updateUserNotifications endpoint accepts a user ID from the request payload and uses it to update that user's notification preferences. It checks that the caller is logged in but never verifies that the caller owns the target account (id !== userData.user.id). Any authenticated visitor can modify notification preferences for any user, including disabling admin notifications to suppress detection of malicious activity. This vulnerability is fixed in 0.4.3. | ||||