Export limit exceeded: 344354 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344354 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344354 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15632 | 1 Maxkb | 1 Maxkb | 2026-04-13 | 3.5 Low |
| A vulnerability has been found in 1Panel-dev MaxKB up to 2.4.2. Impacted is an unknown function of the file ui/src/chat.ts of the component MdPreview. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.5.0 is recommended to address this issue. The name of the patch is 7230daa5ec3e6574b6ede83dd48a4fbc0e70b8d8. It is advisable to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. | ||||
| CVE-2026-0233 | 1 Palo Alto Networks | 1 Autonomous Digital Experience Manager | 2026-04-13 | N/A |
| A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges. | ||||
| CVE-2019-25689 | 2 Bplugins, Html5videoplayer | 2 Html5 Video Player, Html5 Video Player | 2026-04-13 | 8.4 High |
| HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process. | ||||
| CVE-2019-25691 | 1 Faleemi | 1 Faleemi Desktop Software | 2026-04-13 | 8.4 High |
| Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer overflow and execute arbitrary code via ROP chain gadgets. | ||||
| CVE-2019-25701 | 1 Ether Software | 1 Easy Video To Ipod Converter | 2026-04-13 | 8.4 High |
| Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code with user privileges. | ||||
| CVE-2019-25705 | 1 Sourceforge | 1 Echo Mirage | 2026-04-13 | 8.4 High |
| Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized string in the Rules action field. Attackers can create a malicious text file with a crafted payload exceeding buffer boundaries and paste it into the action field through the Rules dialog to trigger the overflow and overwrite the return address. | ||||
| CVE-2026-21013 | 1 Samsung Mobile | 1 Galaxy Wearable | 2026-04-13 | N/A |
| Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information. | ||||
| CVE-2019-25710 | 1 Dolibarr | 2 Dolibarr Erp/crm, Dolibarr Erp\/crm | 2026-04-13 | 8.2 High |
| Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary SQL queries. Attackers can inject malicious SQL code through the rowid POST parameter to extract sensitive database information using error-based SQL injection techniques. | ||||
| CVE-2026-21014 | 1 Samsung Mobile | 1 Samsung Camera | 2026-04-13 | N/A |
| Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability. | ||||
| CVE-2026-25205 | 1 Samsung Open Source | 1 Escargot | 2026-04-13 | 7.4 High |
| Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335 . | ||||
| CVE-2026-25206 | 1 Samsung Open Source | 1 Escargot | 2026-04-13 | 6.7 Medium |
| Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | ||||
| CVE-2026-25208 | 1 Samsung Open Source | 1 Escargot | 2026-04-13 | 8.1 High |
| Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | ||||
| CVE-2026-31419 | 1 Linux | 1 Linux Kernel | 2026-04-13 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave (determined by bond_is_last_slave()) and clones it for others. Concurrent slave enslave/release can mutate the slave list during RCU-protected iteration, changing which slave is "last" mid-loop. This causes the original skb to be double-consumed (double-freed). Replace the racy bond_is_last_slave() check with a simple index comparison (i + 1 == slaves_count) against the pre-snapshot slave count taken via READ_ONCE() before the loop. This preserves the zero-copy optimization for the last slave while making the "last" determination stable against concurrent list mutations. The UAF can trigger the following crash: ================================================================== BUG: KASAN: slab-use-after-free in skb_clone Read of size 8 at addr ffff888100ef8d40 by task exploit/147 CPU: 1 UID: 0 PID: 147 Comm: exploit Not tainted 7.0.0-rc3+ #4 PREEMPTLAZY Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:123) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) kasan_report (mm/kasan/report.c:597) skb_clone (include/linux/skbuff.h:1724 include/linux/skbuff.h:1792 include/linux/skbuff.h:3396 net/core/skbuff.c:2108) bond_xmit_broadcast (drivers/net/bonding/bond_main.c:5334) bond_start_xmit (drivers/net/bonding/bond_main.c:5567 drivers/net/bonding/bond_main.c:5593) dev_hard_start_xmit (include/linux/netdevice.h:5325 include/linux/netdevice.h:5334 net/core/dev.c:3871 net/core/dev.c:3887) __dev_queue_xmit (include/linux/netdevice.h:3601 net/core/dev.c:4838) ip6_finish_output2 (include/net/neighbour.h:540 include/net/neighbour.h:554 net/ipv6/ip6_output.c:136) ip6_finish_output (net/ipv6/ip6_output.c:208 net/ipv6/ip6_output.c:219) ip6_output (net/ipv6/ip6_output.c:250) ip6_send_skb (net/ipv6/ip6_output.c:1985) udp_v6_send_skb (net/ipv6/udp.c:1442) udpv6_sendmsg (net/ipv6/udp.c:1733) __sys_sendto (net/socket.c:730 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) </TASK> Allocated by task 147: Freed by task 147: The buggy address belongs to the object at ffff888100ef8c80 which belongs to the cache skbuff_head_cache of size 224 The buggy address is located 192 bytes inside of freed 224-byte region [ffff888100ef8c80, ffff888100ef8d60) Memory state around the buggy address: ffff888100ef8c00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc ffff888100ef8c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff888100ef8d00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc ^ ffff888100ef8d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb ffff888100ef8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== | ||||
| CVE-2026-40354 | 1 Flatpak | 1 Xdg-desktop-portal | 2026-04-13 | 2.9 Low |
| Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash. | ||||
| CVE-2026-40447 | 1 Samsung Open Source | 1 Escargot | 2026-04-13 | 5.1 Medium |
| Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | ||||
| CVE-2026-34855 | 1 Huawei | 2 Emui, Harmonyos | 2026-04-13 | 5.7 Medium |
| Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-34857 | 1 Huawei | 1 Harmonyos | 2026-04-13 | 4.7 Medium |
| UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34858 | 1 Huawei | 1 Harmonyos | 2026-04-13 | 4.1 Medium |
| UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34859 | 1 Huawei | 2 Emui, Harmonyos | 2026-04-13 | 5.9 Medium |
| UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-34861 | 1 Huawei | 1 Harmonyos | 2026-04-13 | 6.3 Medium |
| Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||