Export limit exceeded: 347825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347825 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-38991 | 1 Cockpit-hq | 1 Cockpit | 2026-05-02 | 8.8 High |
| Cockpit 2.13.5 and earlier is affected by a misconfiguration within the Bucket component _isFileTypeAllowed function where a specially crafted filename bypasses an extension filter. This allows an authenticated attacker to rename arbitrary files with the .php file extension enabling arbitrary code to be executed on the underlying server. | ||||
| CVE-2025-56535 | 1 Opennebula | 1 Opennebula | 2026-05-02 | 6.1 Medium |
| A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter. | ||||
| CVE-2025-56537 | 1 Opennebula | 1 Opennebula | 2026-05-02 | 6.1 Medium |
| A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter. | ||||
| CVE-2026-36956 | 1 Dbit | 1 N300 T1 Pro Wireless Router | 2026-05-02 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-36960 | 1 U-speed | 1 N300 Router | 2026-05-02 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-36959 | 1 U-speed | 1 N300 Router | 2026-05-02 | 7.5 High |
| U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication attempts, enabling brute-force attacks against the administrator account and potential unauthorized access to the router management interface. | ||||
| CVE-2026-36757 | 1 Halo | 1 Halo | 2026-05-02 | 4.3 Medium |
| A Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36759 | 1 Halo | 1 Halo | 2026-05-02 | 6.5 Medium |
| A Server-Side Request Forgery (SSRF) in the /themes/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36760 | 1 Thinkgem | 1 Jeesite | 2026-05-02 | 9.6 Critical |
| An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled. | ||||
| CVE-2026-36764 | 1 Chillzhuang | 1 Springblade | 2026-05-02 | 5 Medium |
| A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36767 | 1 Shopizer | 1 Shopizer | 2026-05-02 | 10 Critical |
| A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request. | ||||
| CVE-2026-36762 | 1 Thinkgem | 1 Jeesite | 2026-05-02 | N/A |
| An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations. | ||||
| CVE-2026-36766 | 1 Shopizer | 1 Shopizer | 2026-05-02 | 5.4 Medium |
| Multiple authenticated cross-site scripting (XSS) vulnerabilities in the XssHttpServletRequestWrapper class of shopizer v3.2.5 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the getInputStream() or getReader() functions. | ||||
| CVE-2025-46115 | 1 Open5gs | 1 Open5gs | 2026-05-02 | N/A |
| An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request | ||||
| CVE-2025-56568 | 1 Open5gs | 1 Open5gs | 2026-05-02 | N/A |
| Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data. | ||||
| CVE-2026-41882 | 1 Jetbrains | 1 Intellij Idea | 2026-05-02 | 7.4 High |
| In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server | ||||
| CVE-2026-7600 | 2026-05-02 | 6.3 Medium | ||
| A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii_command_help/yii_execute_command of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-43001 | 1 Openstack | 1 Keystone | 2026-05-02 | 7.9 High |
| An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credential for project A to create an EC2 credential targeting project B; a subsequent /v3/ec2tokens exchange would then issue a Keystone token scoped to project B while still carrying the original app_cred_id, enabling cross-project lateral movement within the credential owner's role footprint. | ||||
| CVE-2026-42474 | 2026-05-02 | 6.5 Medium | ||
| SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted `data` array to the data function in BuildHelper.php. | ||||
| CVE-2026-37457 | 1 Frrouting | 1 Frrouting | 2026-05-02 | 7.5 High |
| An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component. | ||||