Export limit exceeded: 335271 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335271 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27727 | 1 Swaldman | 1 Mchange-commons-java | 2026-02-27 | 8.3 High |
| mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote `factoryClassLocation` values, by which code can be downloaded and invoked within a running application. If an attacker can provoke an application to read a maliciously crafted `jaxax.naming.Reference` or serialized object, they can provoke the download and execution of malicious code. Implementations of this functionality within the JDK were disabled by default behind a System property that defaults to `false`, `com.sun.jndi.ldap.object.trustURLCodebase`. However, since mchange-commons-java includes an independent implementation of JNDI derefencing, libraries (such as c3p0) that resolve references via that implementation could be provoked to download and execute malicious code even after the JDK was hardened. Mirroring the JDK patch, mchange-commons-java's JNDI functionality is gated by configuration parameters that default to restrictive values starting in version 0.4.0. No known workarounds are available. Versions prior to 0.4.0 should be avoided on application CLASSPATHs. | ||||
| CVE-2026-27829 | 1 Withastro | 1 Astro | 2026-02-27 | 6.5 Medium |
| Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows bypassing `image.domains` / `image.remotePatterns` restrictions, enabling the server to fetch content from unauthorized remote hosts. Astro provides an `inferSize` option that fetches remote images at render time to determine their dimensions. Remote image fetches are intended to be restricted to domains the site developer has manually authorized (using the `image.domains` or `image.remotePatterns` options). However, when `inferSize` is used, no domain validation is performed — the image is fetched from any host regardless of the configured restrictions. An attacker who can influence the image URL (e.g., via CMS content or user-supplied data) can cause the server to fetch from arbitrary hosts. This allows bypassing `image.domains` / `image.remotePatterns` restrictions to make server-side requests to unauthorized hosts. This includes the risk of server-side request forgery (SSRF) against internal network services and cloud metadata endpoints. Version 9.5.4 fixes the issue. | ||||
| CVE-2026-0871 | 1 Redhat | 4 Build Keycloak, Jboss Enterprise Application Platform, Jbosseapxp and 1 more | 2026-02-27 | 4.9 Medium |
| A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the "Only administrators can view" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications. | ||||
| CVE-2026-27449 | 1 Umbraco | 1 Umbraco Forms | 2026-02-27 | 7.5 High |
| Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the network without requiring a valid session or user credentials. By supplying a user-controlled identifier parameter (e.g., ?id=), an attacker can retrieve sensitive data associated with arbitrary records. Because no access control validation is performed, the endpoints are vulnerable to enumeration attacks, allowing attackers to iterate over identifiers and extract data at scale. An unauthenticated attacker can retrieve sensitive Engage-related data by directly querying the affected API endpoints. The vulnerability allows arbitrary record access through predictable or enumerable identifiers. The confidentiality impact is considered high. No direct integrity or availability impact has been identified. The scope of exposed data depends on the deployment but may include analytics data, tracking data, customer-related information, or other Engage-managed content. The vulnerability affects both v16 and v17. Patches have already been released. Users are advised to update to 16.2.1 or 17.1.1. No known workarounds are available. | ||||
| CVE-2025-56605 | 1 Puneethreddyhc | 1 Event Management System | 2026-02-27 | 5.4 Medium |
| A reflected Cross-Site Scripting (XSS) vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute arbitrary JavaScript code in the victim's browser. | ||||
| CVE-2026-26682 | 1 My-fastcms | 1 Fastcms | 2026-02-27 | 7.8 High |
| An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component | ||||
| CVE-2026-25774 | 1 Ev Energy | 1 Ev.energy | 2026-02-27 | 6.5 Medium |
| Charging station authentication identifiers are publicly accessible via web-based mapping platforms. | ||||
| CVE-2025-71057 | 1 D-link | 1 Wireless N 300 Adsl2+ Modem Router | 2026-02-27 | 8.2 High |
| Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user. | ||||
| CVE-2025-50857 | 1 Zentao | 1 Zentao Pms | 2026-02-27 | 9.8 Critical |
| ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload | ||||
| CVE-2026-2678 | 1 A3factura | 1 A3factura | 2026-02-27 | N/A |
| Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/customers' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. | ||||
| CVE-2026-22890 | 1 Ev2go | 1 Ev2go.io | 2026-02-27 | 6.5 Medium |
| Charging station authentication identifiers are publicly accessible via web-based mapping platforms. | ||||
| CVE-2026-2677 | 1 A3factura | 1 A3factura | 2026-02-27 | N/A |
| Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'name', in 'a3factura-app.wolterskluwer.es/#/incomes/representatives-management' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. | ||||
| CVE-2026-2679 | 1 A3factura | 1 A3factura | 2026-02-27 | N/A |
| Reflected Cross-Site Scripting (XSS) on the A3factura web platform, in parameter 'customerName', in 'a3factura-app.wolterskluwer.es/#/incomes/salesInvoices' endpoint, which could allow an attacker to execute arbitrary code in the victim's browser. | ||||
| CVE-2026-28296 | 1 Redhat | 1 Enterprise Linux | 2026-02-27 | 4.3 Medium |
| A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF) sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and inject arbitrary FTP commands, potentially leading to arbitrary code execution or other severe impacts. | ||||
| CVE-2026-26935 | 1 Elastic | 1 Kibana | 2026-02-27 | 6.5 Medium |
| Improper Input Validation (CWE-20) in the internal Content Connectors search endpoint in Kibana can lead Denial of Service via Input Data Manipulation (CAPEC-153) | ||||
| CVE-2026-26934 | 1 Elastic | 1 Kibana | 2026-02-27 | 6.5 Medium |
| Improper Validation of Specified Quantity in Input (CWE-1284) in Kibana can allow an authenticated attacker with view-only privileges to cause a Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted, malformed payload causing excessive resource consumption and resulting in Kibana becoming unresponsive or crashing. | ||||
| CVE-2026-26932 | 1 Elastic | 1 Packetbeat | 2026-02-27 | 5.7 Medium |
| Improper Validation of Array Index (CWE-129) in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation (CAPEC-153). An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requires the pgsql protocol to be explicitly enabled and configured to monitor traffic on the targeted port. | ||||
| CVE-2026-26936 | 1 Elastic | 1 Kibana | 2026-02-27 | 4.9 Medium |
| Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonymization Engine in Kibana can lead Denial of Service via Regular Expression Exponential Blowup (CAPEC-492). | ||||
| CVE-2026-26979 | 1 Discourse | 1 Discourse | 2026-02-27 | N/A |
| Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users are able to close, archive and pin topics in private categories they don't have access to. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the issue. No known workarounds are available. | ||||
| CVE-2026-27149 | 1 Discourse | 1 Discourse | 2026-02-27 | N/A |
| Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, SQL injection in PM tag filtering (`list_private_messages_tag`) allows bypassing tag filter conditions, potentially disclosing unauthorized private message metadata. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the issue. No known workarounds are available. | ||||