Export limit exceeded: 347399 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347399 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7470 | 1 Tenda | 2 4g300, 4g300 Firmware | 2026-04-30 | 8.8 High |
| A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-42208 | 1 Berriai | 1 Litellm | 2026-04-30 | 9.8 Critical |
| A flaw was found in LiteLLM. A database query used for proxy API key checks incorrectly incorporated caller-supplied key values directly into the query. This vulnerability allows an unauthenticated attacker to send a specially crafted Authorization header to any Large Language Model (LLM) API route, exploiting the proxy's error-handling path. Successful exploitation could enable the attacker to read and potentially modify data within the proxy's database, leading to unauthorized access to the proxy and its managed credentials. | ||||
| CVE-2026-42510 | 1 Openstack | 1 Ironic | 2026-04-30 | 6.6 Medium |
| OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface. | ||||
| CVE-2026-37750 | 1 Mahmoudai1 | 1 School Management System | 2026-04-30 | 6.1 Medium |
| A reflected Cross-Site Scripting (XSS) vulnerability in School Management System by mahmoudai1 allows unauthenticated remote attackers to execute arbitrary JavaScript in victim's browsers via the unsanitized type parameter in register.php. | ||||
| CVE-2026-42643 | 2 Stellarwp, Wordpress | 2 Image Widget, Wordpress | 2026-04-30 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP Image Widget image-widget allows Stored XSS.This issue affects Image Widget: from n/a through <= 4.4.11. | ||||
| CVE-2026-0205 | 1 Sonicwall | 1 Sonicos | 2026-04-30 | 6.8 Medium |
| A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services. | ||||
| CVE-2026-35155 | 1 Dell | 1 Idrac10 | 2026-04-30 | 7.1 High |
| Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privileged attacker to gain elevated access. | ||||
| CVE-2026-5550 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-29 | 8.8 High |
| A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected. | ||||
| CVE-2026-5549 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-04-29 | 5.3 Medium |
| A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2018-25259 | 1 Lizardsystems | 1 Terminal Services Manager | 2026-04-29 | 8.4 High |
| Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard. | ||||
| CVE-2018-25260 | 1 Magix | 2 Magix Music Editor, Music Editor Deluxe | 2026-04-29 | 8.4 High |
| MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted. | ||||
| CVE-2018-25261 | 2 Entersrl, Iperiusbackup | 2 Iperius Backup, Iperius Backup | 2026-04-29 | 8.4 High |
| Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location field that triggers a buffer overflow when the backup job executes, enabling code execution with application privileges. | ||||
| CVE-2018-25267 | 2 Ezbsystems, Ultraiso | 2 Ultraiso, Ultraiso | 2026-04-29 | 6.2 Medium |
| UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash. | ||||
| CVE-2026-40910 | 1 Fatedier | 1 Frp | 2026-04-29 | 6.5 Medium |
| frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser backend, while the access control check uses credentials from the regular Authorization header. As a result, an attacker who can reach the HTTP vhost entrypoint and knows or can guess the protected routeByHTTPUser value may access a backend protected by httpUser / httpPassword even with an incorrect Proxy-Authorization password. This issue affects deployments that explicitly use routeByHTTPUser. It does not affect ordinary HTTP proxies that do not use this feature. This vulnerability is fixed in 0.68.1. | ||||
| CVE-2025-62153 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 5.3 Medium |
| Missing Authorization vulnerability in Graham Quick Interest Slider quick-interest-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Interest Slider: from n/a through <= 3.1.7. | ||||
| CVE-2025-58888 | 2 Ancorathemes, Wordpress | 2 Theflash, Wordpress | 2026-04-29 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes The Flash theflash allows PHP Local File Inclusion.This issue affects The Flash: from n/a through <= 1.15. | ||||
| CVE-2026-5685 | 1 Tenda | 2 Cx12l, Cx12l Firmware | 2026-04-29 | 8.8 High |
| A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-5686 | 1 Tenda | 2 Cx12l, Cx12l Firmware | 2026-04-29 | 8.8 High |
| A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-5687 | 1 Tenda | 2 Cx12l, Cx12l Firmware | 2026-04-29 | 8.8 High |
| A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7033 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-29 | 8.8 High |
| A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||