Export limit exceeded: 345573 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345573 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30459 | 1 Daylightstudio | 1 Fuel Cms | 2026-04-17 | 7.1 High |
| An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message. | ||||
| CVE-2026-40959 | 1 Luanti | 1 Luanti | 2026-04-17 | 9.3 Critical |
| Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod. | ||||
| CVE-2026-38530 | 1 Krayin | 1 Laravel-crm | 2026-04-17 | 8.1 High |
| A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any lead owned by other users via supplying a crafted GET request. | ||||
| CVE-2026-38532 | 1 Krayin | 1 Laravel-crm | 2026-04-17 | 8.1 High |
| A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently delete any contact owned by other users via supplying a crafted GET request. | ||||
| CVE-2023-3634 | 1 Festo | 24 Mse6-c2m-5000-fb36-d-m-rg-bar-m12l4-agd, Mse6-c2m-5000-fb36-d-m-rg-bar-m12l4-agd Firmware, Mse6-c2m-5000-fb36-d-m-rg-bar-m12l5-agd and 21 more | 2026-04-17 | 8.8 High |
| In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, integrity and availability. | ||||
| CVE-2026-25133 | 1 Octobercms | 1 October | 2026-04-17 | N/A |
| October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a stored cross-site scripting (XSS) vulnerability in the SVG sanitization logic. The regex pattern used to strip event handler attributes (such as onclick or onload) could be bypassed using a crafted payload that exploits how the pattern matches attribute boundaries, allowing malicious SVG files to be uploaded through the Media Manager with embedded JavaScript. Exploitation could lead to privilege escalation if a superuser views or embeds the malicious SVG, and requires authenticated backend access with media upload permissions. The SVG must be viewed or embedded in a page for the payload to trigger. This issue has been fixed in versions 3.7.14 and 4.1.10. | ||||
| CVE-2026-31048 | 1 Irmen | 1 Pyro3 | 2026-04-17 | 9.8 Critical |
| An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message. | ||||
| CVE-2026-38533 | 1 Snipeitapp | 1 Snipe-it | 2026-04-17 | 6.5 Medium |
| An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request. | ||||
| CVE-2026-5088 | 1 Jdeguest | 1 Apache::api::password | 2026-04-17 | 7.5 High |
| Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are unavailable, it will simply return 16 bytes generated with Perl's built-in rand function. The rand function is unsuitable for cryptographic use. These salts are used for password hashing. | ||||
| CVE-2026-32605 | 1 Nimiq | 1 Core-rs-albatross | 2026-04-17 | 7.5 High |
| nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.num_validators(). ProposalSender::send uses > instead of >= for the signer bounds check, so the equality case passes and reaches validators.get_validator_by_slot_band(signer), which panics with an out-of-bounds index before any signature verification runs. This issue has been fixed in version 1.3.0. | ||||
| CVE-2024-58343 | 1 Vision | 1 Helpdesk | 2026-04-17 | 4.3 Medium |
| Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id. | ||||
| CVE-2025-12624 | 1 Wso2 | 2 Identity Server, Wso2 Identity Server | 2026-04-17 | 6 Medium |
| Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usable, enabling continued access to protected resources by locked user accounts. The security consequence is that a locked user account can maintain access to protected resources through the use of existing, unexpired access tokens. This creates a security gap where access control policies are bypassed, potentially leading to unauthorized data access or actions until the tokens naturally expire. | ||||
| CVE-2026-22615 | 1 Eaton | 1 Ipp Software | 2026-04-17 | 6 Medium |
| Due to improper input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre. | ||||
| CVE-2026-22617 | 1 Eaton | 1 Ipp Software | 2026-04-17 | 5.7 Medium |
| Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it through a man‑in‑the‑middle attack. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre. | ||||
| CVE-2026-22618 | 1 Eaton | 1 Ipp Software | 2026-04-17 | 5.9 Medium |
| A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download centre. | ||||
| CVE-2026-22619 | 1 Eaton | 1 Ipp Software | 2026-04-17 | 7.8 High |
| Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an attacker with access to the software package. This security issue has been fixed in the latest version of Eaton IPP software which is available on the Eaton download center. | ||||
| CVE-2026-31843 | 1 Goodoneuz | 1 Pay-uz | 2026-04-17 | 9.8 Critical |
| The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any() without authentication middleware, enabling remote access without credentials. User-controlled input is directly written into executable PHP files using file_put_contents(). These files are later executed via require() during normal payment processing workflows, resulting in remote code execution under default application behavior. The payment secret token mentioned by the vendor is unrelated to this endpoint and does not mitigate the vulnerability. | ||||
| CVE-2026-30656 | 1 Axboe | 1 Fio | 2026-04-17 | 7.5 High |
| A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified without an argument. This results in a segmentation fault and process crash. | ||||
| CVE-2026-35034 | 1 Jellyfin | 1 Jellyfin | 2026-04-17 | 6.5 Medium |
| Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a denial of service vulnerability in the SyncPlay group creation endpoint (POST /SyncPlay/New), where an authenticated user can create groups with names of unlimited size due to insufficient input validation. By sending large payloads combined with arbitrary group IDs, an attacker can lock out the endpoint for other clients attempting to join SyncPlay groups and significantly increase the memory usage of the Jellyfin process, potentially leading to an out-of-memory crash. This issue has been fixed in version 10.11.7. | ||||
| CVE-2026-3861 | 1 Line Corporation | 1 Line Client For Ios | 2026-04-17 | 6.5 Medium |
| LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs, potentially causing the iOS device to become temporarily inoperable. | ||||