Export limit exceeded: 345124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345124 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345124 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2624 | 2 Epati, Epati Cyber security Technologies | 2 Antikor Next Generation Firewall, Antikor Next Generation Firewall | 2026-04-17 | 9.8 Critical |
| Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall (NGFW) allows Authentication Bypass.This issue affects Antikor Next Generation Firewall (NGFW): from v.2.0.1298 before v.2.0.1301. | ||||
| CVE-2026-28193 | 1 Jetbrains | 1 Youtrack | 2026-04-17 | 8.8 High |
| In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint | ||||
| CVE-2026-28194 | 1 Jetbrains | 1 Teamcity | 2026-04-17 | 4.3 Medium |
| In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React project creation flow | ||||
| CVE-2026-28195 | 1 Jetbrains | 1 Teamcity | 2026-04-17 | 4.3 Medium |
| In JetBrains TeamCity before 2025.11.3 missing authorization allowed project developers to add parameters to build configurations | ||||
| CVE-2026-27692 | 2 Color, Internationalcolorconsortium | 2 Iccdev, Iccdev | 2026-04-17 | 7.1 High |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. In versions up to and including 2.3.1.4, heap-buffer-overflow read occurs during CIccTagTextDescription::Release() when strlen() reads past a heap buffer while parsing ICC profile XML text description tags, causing a crash. Commit 29d088840b962a7cdd35993dfabc2cb35a049847 fixes the issue. No known workarounds are available. | ||||
| CVE-2026-2878 | 1 Progress | 1 Telerik Ui For Asp.net Ajax | 2026-04-17 | 5.3 Medium |
| In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficient entropy vulnerability exists in RadAsyncUpload, where a predictable temporary identifier, based on timestamp and filename, can enable collisions and file content tampering. | ||||
| CVE-2026-6491 | 1 Libvips | 1 Libvips | 2026-04-17 | 5.3 Medium |
| A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor confirms that they will "be removing the deprecated area in libvips 8.19". | ||||
| CVE-2026-40262 | 1 Enchant97 | 1 Note-mark | 2026-04-17 | 8.7 High |
| Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which does not identify text-based formats such as HTML, SVG, or XHTML. These files are served with an empty Content-Type, no X-Content-Type-Options: nosniff header, and inline disposition, allowing browsers to sniff and render active content. An authenticated user can upload an HTML or SVG file containing JavaScript as a note asset, and when a victim navigates to the asset URL, the script executes under the application's origin with access to the victim's authenticated session and API actions. This issue has been fixed in version 0.19.2. | ||||
| CVE-2026-40263 | 1 Enchant97 | 1 Note-mark | 2026-04-17 | 3.7 Low |
| Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the login endpoint performs bcrypt password verification only when the supplied username exists, returning immediately for nonexistent usernames. This timing discrepancy allows unauthenticated attackers to enumerate valid usernames by measuring response times, enabling targeted credential attacks. This issue has been fixed in version 0.19.2. | ||||
| CVE-2026-36952 | 1 Sourcecodester | 1 Online Thesis Archiving System | 2026-04-17 | 2.7 Low |
| Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/admin/curriculum/manage_curriculum.php. | ||||
| CVE-2026-40038 | 1 Pachno | 1 Pachno | 2026-04-17 | 7.2 High |
| Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into POST parameters. Attackers can inject scripts through the value, comment_body, article_content, description, and message parameters across multiple controllers, which are stored in the database and executed in users' browser sessions due to improper sanitization via Request::getRawParameter() or Request::getParameter() calls. | ||||
| CVE-2026-40039 | 1 Pachno | 1 Pachno | 2026-04-17 | 6.5 Medium |
| Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers can craft malicious login URLs with unvalidated return_to values to conduct phishing attacks and steal user credentials. | ||||
| CVE-2026-40041 | 1 Pachno | 1 Pachno | 2026-04-17 | 4.3 Medium |
| Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload, milestone editing, and administrative functions to force logout, create accounts, modify roles, inject comments, or upload files when authenticated users visit attacker-controlled websites. | ||||
| CVE-2026-40042 | 1 Pachno | 1 Pachno | 2026-04-17 | 9.8 Critical |
| Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers can inject malicious XML entities through wiki table syntax and inline tags in issue descriptions, comments, and wiki articles to trigger entity resolution via simplexml_load_string() without LIBXML_NONET restrictions. | ||||
| CVE-2026-40043 | 1 Pachno | 1 Pachno | 2026-04-17 | 6.5 Medium |
| Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allows authenticated low-privilege users to escalate privileges by manipulating the original_username cookie. Attackers can set the client-controlled original_username cookie to any value and request a switch to user ID 1 to obtain session tokens or password hashes belonging to administrator accounts. | ||||
| CVE-2026-40044 | 1 Pachno | 1 Pachno | 2026-04-17 | 9.8 Critical |
| Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory, which are unserialized during framework bootstrap before authentication checks occur. | ||||
| CVE-2026-36941 | 1 Sourcecodester | 1 Online Resort Management System | 2026-04-17 | 2.7 Low |
| Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms/admin/rooms/manage_room.php. | ||||
| CVE-2026-36942 | 1 Sourcecodester | 1 Online Resort Management System | 2026-04-17 | 2.7 Low |
| Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php. | ||||
| CVE-2026-36943 | 1 Sourcecodester | 1 Computer And Mobile Repair Shop Management System | 2026-04-17 | 2.7 Low |
| Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php. | ||||
| CVE-2026-36945 | 1 Sourcecodester | 1 Computer And Mobile Repair Shop Management System | 2026-04-17 | 2.7 Low |
| Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/clients/manage_client.php | ||||