Export limit exceeded: 345102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345102 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33082 | 1 Dataease | 1 Dataease | 2026-04-17 | N/A |
| DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree parameter in POST /de2api/datasetTree/exportDataset is deserialized into a filtering object and passed to WhereTree2Str.transFilterTrees for SQL translation, where user-controlled values in "like" filter terms are directly concatenated into SQL fragments without sanitization. An attacker can inject arbitrary SQL commands by escaping the string literal in the filter value, enabling blind SQL injection through techniques such as time-based extraction of database information. This issue has been fixed in version 2.10.21. | ||||
| CVE-2026-29955 | 1 Cloudark | 1 Kubeplus | 2026-04-17 | 8.8 High |
| The `/registercrd` endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to command injection. The component uses `subprocess.Popen()` with `shell=True` parameter to execute shell commands, and the user-supplied `chartName` parameter is directly concatenated into the command string without any sanitization or validation. An attacker can inject arbitrary shell commands by crafting a malicious `chartName` parameter value. | ||||
| CVE-2026-33435 | 1 Weblate | 1 Weblate | 2026-04-17 | 8.1 High |
| Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which could lead to remote code execution under certain circumstances. This issue has been fixed in version 5.17. If developers are unable to update immediately, they can limit the scope of the vulnerability by restricting access to the project backup, as it is only accessible to users who can create projects. | ||||
| CVE-2026-37100 | 1 Yamaha | 1 Sr-b30a Sound Bar Firmware | 2026-04-17 | N/A |
| An issue in the Bluetooth Low Energy (BLE) control interface of the Yamaha SR-B30A sound bar firmware 2.40 (Mobile App: Sound Bar Remote / version: 2.40) allows remote attackers within BLE radio range to connect without authentication via the Sound Bar Remote protocol | ||||
| CVE-2026-30459 | 1 Daylightstudio | 1 Fuel Cms | 2026-04-17 | 7.1 High |
| An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message. | ||||
| CVE-2026-40959 | 1 Luanti | 1 Luanti | 2026-04-17 | 9.3 Critical |
| Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. | ||||
| CVE-2026-38530 | 1 Krayin | 1 Laravel-crm | 2026-04-17 | 8.1 High |
| A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users via supplying a crafted GET request. | ||||
| CVE-2026-6388 | 1 Redhat | 1 Openshift Gitops | 2026-04-17 | 9.1 Critical |
| A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in a multi-tenant environment, to bypass namespace boundaries. By exploiting insufficient validation, the attacker can trigger unauthorized image updates on applications managed by other tenants. This leads to cross-namespace privilege escalation, impacting application integrity through unauthorized application updates. | ||||
| CVE-2026-38532 | 1 Krayin | 1 Laravel-crm | 2026-04-17 | 8.1 High |
| A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request. | ||||
| CVE-2023-3634 | 1 Festo | 24 Mse6-c2m-5000-fb36-d-m-rg-bar-m12l4-agd, Mse6-c2m-5000-fb36-d-m-rg-bar-m12l4-agd Firmware, Mse6-c2m-5000-fb36-d-m-rg-bar-m12l5-agd and 21 more | 2026-04-17 | 8.8 High |
| In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability. | ||||
| CVE-2026-25133 | 1 Octobercms | 1 October | 2026-04-17 | N/A |
| October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnerability in the SVG sanitization logic. The regex pattern used to strip event handler attributes (such as onclick or onload) could be bypassed using a crafted payload that exploits how the pattern matches attribute boundaries, allowing malicious SVG files to be uploaded through the Media Manager with embedded JavaScript. Exploitation could lead to privilege escalation if a superuser views or embeds the malicious SVG, and requires authenticated backend access with media upload permissions. The SVG must be viewed or embedded in a page for the payload to trigger. This issue has been fixed in versions 3.7.14 and 4.1.10. | ||||
| CVE-2026-31987 | 1 Apache | 1 Airflow | 2026-04-17 | N/A |
| JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue. | ||||
| CVE-2026-31048 | 1 Irmen | 1 Pyro3 | 2026-04-17 | 9.8 Critical |
| An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. | ||||
| CVE-2026-38533 | 1 Snipeitapp | 1 Snipe-it | 2026-04-17 | 6.5 Medium |
| An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request. | ||||
| CVE-2026-5088 | 1 Jdeguest | 1 Apache::api::password | 2026-04-17 | 7.5 High |
| Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply return 16 bytes generated with Perl's built-in rand function. The rand function is unsuitable for cryptographic use. These salts are used for password hashing. | ||||
| CVE-2026-41082 | 1 Ocaml | 1 Ocaml | 2026-04-17 | 7.3 High |
| In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. | ||||
| CVE-2026-32605 | 1 Nimiq | 1 Core-rs-albatross | 2026-04-17 | 7.5 High |
| nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.num_validators(). ProposalSender::send uses > instead of >= for the signer bounds check, so the equality case passes and reaches validators.get_validator_by_slot_band(signer), which panics with an out-of-bounds index before any signature verification runs. This issue has been fixed in version 1.3.0. | ||||
| CVE-2026-41153 | 1 Jetbrains | 1 Junie | 2026-04-17 | 5.8 Medium |
| In JetBrains Junie before 252.549.29 command execution was possible via malicious project file | ||||
| CVE-2024-58343 | 1 Vision | 1 Helpdesk | 2026-04-17 | 4.3 Medium |
| Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id. | ||||
| CVE-2025-12624 | 1 Wso2 | 2 Identity Server, Wso2 Identity Server | 2026-04-17 | 6 Medium |
| Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usable, enabling continued access to protected resources by locked user accounts. The security consequence is that a locked user account can maintain access to protected resources through the use of existing, unexpired access tokens. This creates a security gap where access control policies are bypassed, potentially leading to unauthorized data access or actions until the tokens naturally expire. | ||||