Export limit exceeded: 343831 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343831 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33866 | 1 Mlflow | 1 Mlflow | 2026-04-09 | N/A |
| MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to access. This issue affects MLflow version through 3.10.1 | ||||
| CVE-2026-33865 | 1 Mlflow | 1 Mlflow | 2026-04-09 | N/A |
| MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actions such as session hijacking or performing operations on behalf of the victim. This issue affects MLflow version through 3.10.1 | ||||
| CVE-2026-31272 | 1 Wuweiit | 1 Mushroom | 2026-04-09 | 9.8 Critical |
| MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addition of super administrator accounts without authentication. | ||||
| CVE-2026-31271 | 1 Megagao | 1 Production Ssm | 2026-04-09 | 9.8 Critical |
| megagao production_ssm v1.0 contains an authorization bypass vulnerability in the user addition functionality. The insert() method in UserController.java lacks authentication checks, allowing unauthenticated attackers to create super administrator accounts by directly accessing the /user/insert endpoint. This leads to complete system compromise. | ||||
| CVE-2026-30079 | 1 Openairinterface | 1 Oai-cn5g-amf | 2026-04-09 | 9.8 Critical |
| In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a registration accept! This leads the UE to be registered without proper authentication. | ||||
| CVE-2025-70844 | 1 Kantorge | 1 Yaffa | 2026-04-09 | 6.1 Medium |
| yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary script in the context of users who view the affected page. | ||||
| CVE-2025-62818 | 1 Samsung | 1 Exynos | 2026-04-09 | 9.8 Critical |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch between the TP-UDHI and UDL values when processing an SMS TP-UD packet. | ||||
| CVE-2025-52909 | 1 Samsung | 1 Exynos | 2026-04-09 | 9.8 Critical |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2. | ||||
| CVE-2024-36058 | 1 Koha-community | 1 Koha | 2026-04-09 | 9.8 Critical |
| The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter bib_list in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database. | ||||
| CVE-2024-36057 | 1 Koha-community | 1 Koha Library Software | 2026-04-09 | 9.8 Critical |
| Koha Library before 23.05.10 fails to sanitize user-controllable filenames prior to unzipping, leading to remote code execution. The line "qx/unzip $filename -d $dirname/;" in upload-cover-image.pl is vulnerable to command injection via shell metacharacters because input data can be controlled by an attacker and is directly included in a system command, i.e., an attack can occur via malicious filenames after uploading a .zip file and clicking Process Images. | ||||
| CVE-2018-25116 | 2 Jamiesage123, Mybb | 2 Mybb Thread Redirect Plugin, Thread Redirect | 2026-04-09 | 6.1 Medium |
| MyBB Thread Redirect Plugin 0.2.1 contains a cross-site scripting vulnerability in the custom text input field for thread redirects. Attackers can inject malicious SVG scripts that will execute when other users view the thread, allowing arbitrary script execution. | ||||
| CVE-2018-25132 | 2 Mybb, Zainali99 | 2 Trending Widget, Mybb Trending Widget Plugin | 2026-04-09 | 6.1 Medium |
| MyBB Trending Widget Plugin 1.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through thread titles. Attackers can modify thread titles with script payloads that will execute when other users view the trending widget. | ||||
| CVE-2026-1340 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-04-09 | 9.8 Critical |
| A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. | ||||
| CVE-2026-5826 | 1 Code-projects | 1 Simple It Discussion Forum | 2026-04-09 | 4.3 Medium |
| A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. The attack can be launched remotely. The exploit has been published and may be used. | ||||
| CVE-2021-47905 | 2 Mybb, Vintagedaddyo | 2 Delete Account, Mybb Delete Account Plugin | 2026-04-09 | 6.1 Medium |
| MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons. | ||||
| CVE-2026-39863 | 1 Kamailio | 1 Kamailio | 2026-04-09 | 7.5 High |
| Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.1.1, 6.0.6, and 5.8.8, an out-of-bounds access in the core of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted data packet sent over TCP. The issue impacts Kamailio instances having TCP or TLS listeners. This vulnerability is fixed in 5.1.1, 6.0.6, and 5.8.8. | ||||
| CVE-2026-39415 | 1 Frappe | 1 Lms | 2026-04-09 | N/A |
| Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in Frappe Learning where quiz scores can be modified by students before submission. The application currently relies on client-side calculated scores, which can be altered using browser developer tools prior to sending the submission request. While this does not allow modification of other users’ data or privilege escalation, it compromises the integrity of quiz results and undermines academic reliability. This issue affects data integrity but does not expose confidential information or allow unauthorized access to other accounts. This vulnerability is fixed in 2.46.0. | ||||
| CVE-2026-5803 | 1 Bigsk1 | 1 Openai-realtime-ui | 2026-04-09 | 6.3 Medium |
| A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API Proxy Endpoint. Performing a manipulation of the argument Query results in server-side request forgery. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The patch is named 54f8f50f43af97c334a881af7b021e84b5b8310f. It is suggested to install a patch to address this issue. | ||||
| CVE-2026-4326 | 2 Webilia, Wordpress | 2 Vertex Addons For Elementor, Wordpress | 2026-04-09 | 8.8 High |
| The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. This is due to improper authorization enforcement in the activate_required_plugins() function. Specifically, the current_user_can('install_plugins') capability check does not terminate execution when it fails — it only sets an error message variable while allowing the plugin installation and activation code to execute. The error response is only sent after the installation and activation have already completed. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate arbitrary plugins from the WordPress. | ||||
| CVE-2026-39881 | 1 Vim | 1 Vim | 2026-04-09 | 5 Medium |
| Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol messages. This vulnerability is fixed in 9.2.0316. | ||||