Export limit exceeded: 343465 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343465 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-35044 | 1 Bentoml | 1 Bentoml | 2026-04-07 | 8.8 High |
| BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generate_containerfile() in src/bentoml/_internal/container/generate.py uses an unsandboxed jinja2.Environment with the jinja2.ext.do extension to render user-provided dockerfile_template files. When a victim imports a malicious bento archive and runs bentoml containerize, attacker-controlled Jinja2 template code executes arbitrary Python directly on the host machine, bypassing all container isolation. This vulnerability is fixed in 1.4.38. | ||||
| CVE-2026-35166 | 1 Gohugo | 1 Hugo | 2026-04-07 | 4.6 Medium |
| Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. This vulnerability is fixed in 0.159.2. | ||||
| CVE-2026-35209 | 1 Unjs | 1 Defu | 2026-04-07 | 7.5 High |
| defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input (e.g. parsed JSON request bodies, database records, or config files from untrusted sources) as the first argument to `defu()` are vulnerable to prototype pollution. A crafted payload containing a `__proto__` key can override intended default values in the merged resul. The internal `_defu` function used `Object.assign({}, defaults)` to copy the defaults object. `Object.assign` invokes the `__proto__` setter, which replaces the resulting object's `[[Prototype]]` with attacker-controlled values. Properties inherited from the polluted prototype then bypass the existing `__proto__` key guard in the `for...in` loop and land in the final result. Version 6.1.5 replaces `Object.assign({}, defaults)` with object spread (`{ ...defaults }`), which uses `[[DefineOwnProperty]]` and does not invoke the `__proto__` setter. | ||||
| CVE-2017-13083 | 1 Akeo | 1 Rufus | 2026-04-07 | N/A |
| Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of updates downloaded over HTTP, allowing an attacker to easily convince a user to execute arbitrary code | ||||
| CVE-2026-5342 | 1 Libraw | 1 Libraw | 2026-04-07 | 5.3 Medium |
| A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikon_load_padded_packed_raw of the file src/decoders/decoders_libraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument load_flags/raw_width can lead to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been published and may be used. Upgrading to version 0.22.1 mitigates this issue. This patch is called b8397cd45657b84e88bd1202528d1764265f185c. It is advisable to upgrade the affected component. | ||||
| CVE-2026-5318 | 1 Libraw | 1 Libraw | 2026-04-07 | 4.3 Medium |
| A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits[] causes out-of-bounds write. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.22.1 will fix this issue. Patch name: a6734e867b19d75367c05f872ac26322464e3995. It is advisable to upgrade the affected component. | ||||
| CVE-2026-4325 | 1 Redhat | 2 Build Keycloak, Build Of Keycloak | 2026-04-07 | 5.3 Medium |
| A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an attacker to delete arbitrary single-use entries, which can enable the replay of consumed action tokens, such as password reset links. This could lead to unauthorized access or account compromise. | ||||
| CVE-2026-4282 | 1 Redhat | 2 Build Keycloak, Build Of Keycloak | 2026-04-07 | 7.4 High |
| A flaw was found in Keycloak. The SingleUseObjectProvider, a global key-value store, lacks proper type and namespace isolation. This vulnerability allows an unauthenticated attacker to forge authorization codes. Successful exploitation can lead to the creation of admin-capable access tokens, resulting in privilege escalation. | ||||
| CVE-2026-27348 | 2 Themegoods, Wordpress | 2 Photography, Wordpress | 2026-04-07 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Photography allows DOM-Based XSS.This issue affects Photography: from n/a before 7.7.6. | ||||
| CVE-2025-69303 | 2 Modeltheme, Wordpress | 2 Modeltheme Framework, Wordpress | 2026-04-07 | 7.5 High |
| Missing Authorization vulnerability in ModelTheme ModelTheme Framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ModelTheme Framework: from n/a before 2.0.0. | ||||
| CVE-2026-27367 | 2 Themegoods, Wordpress | 2 Musico, Wordpress | 2026-04-07 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Musico allows Reflected XSS.This issue affects Musico: from n/a before 3.4.5. | ||||
| CVE-2026-27358 | 2 Themegoods, Wordpress | 2 Architecturer, Wordpress | 2026-04-07 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Architecturer allows Reflected XSS.This issue affects Architecturer: from n/a before 3.9.5. | ||||
| CVE-2026-27352 | 2 Themegoods, Wordpress | 2 Starto, Wordpress | 2026-04-07 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Starto allows Reflected XSS.This issue affects Starto: from n/a before 2.2.5. | ||||
| CVE-2025-5372 | 2 Libssh, Redhat | 5 Libssh, Enterprise Linux, Openshift and 2 more | 2026-04-07 | 5 Medium |
| A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability. | ||||
| CVE-2026-4252 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-04-07 | 9.8 Critical |
| A vulnerability was identified in Tenda AC8 16.03.50.11. Affected by this issue is the function check_is_ipv6 of the component IPv6 Handler. The manipulation leads to reliance on ip address for authentication. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-4465 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-04-07 | 6.3 Medium |
| A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-4486 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-04-07 | 8.8 High |
| A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-4499 | 2 D-link, Dlink | 3 Dir-820lw, Dir-820lw, Dir-820lw Firmware | 2026-04-07 | 7.3 High |
| A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgi_main of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-4534 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-04-07 | 8.8 High |
| A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. | ||||
| CVE-2026-4555 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-04-07 | 8.8 High |
| A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | ||||