Export limit exceeded: 356046 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 356046 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (82750 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11482 | 1 Br-automation | 1 Ppt30 Operating System | 2026-05-27 | 7.5 High |
| An Allocation of Resources Without Limits or Throttling vulnerability in the OPC-UA Server used in PPT30 Operating System versions before 1.8.0 may be used by an unauthenticated network-based attacker to permanently prevent legitimate users from interacting with the service. | ||||
| CVE-2026-42425 | 1 Openkm | 3 Openkm, Openkm Community Edition, Openkm Professional Edition | 2026-05-27 | 7.2 High |
| OpenKM 6.3.12 contains an unrestricted SQL execution vulnerability that allows authenticated administrative users to execute arbitrary SQL statements against the application database via the DatabaseQuery interface. Attackers can submit malicious SQL queries through the qs parameter to the /admin/DatabaseQuery endpoint to extract sensitive data including usernames and password hashes from the OKM_USER table, modify permissions, or delete database records. | ||||
| CVE-2026-42785 | 1 Openkm | 3 Openkm, Openkm Community Edition, Openkm Professional Edition | 2026-05-27 | 7.2 High |
| OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can submit malicious script content with an action=Evaluate parameter to execute operating system commands in the context of the OpenKM application server. | ||||
| CVE-2026-46368 | 1 Mossdef-org | 1 Luci-app-https-dns-proxy | 2026-05-27 | 8.8 High |
| luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user holding the luci.https-dns-proxy ACL permission can inject shell metacharacters through the 'name' parameter of a ubus RPC call to luci.https-dns-proxy setInitAction, resulting in arbitrary command execution as root on the underlying device. Core OpenWrt is not affected; only installations that have opted in to the luci-app-https-dns-proxy package are vulnerable. | ||||
| CVE-2026-25112 | 1 Genetec | 7 Genetec Airport Operational Manager, Genetec Industrial Iot, Genetec Inter-system Gateway and 4 more | 2026-05-27 | 7.8 High |
| A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack. | ||||
| CVE-2026-45728 | 1 Xyproto | 1 Algernon | 2026-05-27 | 7.5 High |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error response dumps the absolute path of the file that errored, complete byte contents of that file, and exception or parser error text. This response is served with HTTP 200 OK to whoever sent the request that triggered the error. Any client able to reach the server and able to provoke a runtime error in the served script obtains the full server-side source of that script and of any sibling Lua data file consulted during the request. This vulnerability is fixed in 1.17.7. | ||||
| CVE-2026-48126 | 1 Xyproto | 1 Algernon | 2026-05-27 | 8.2 High |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request handler resolves the served directory by joining the configured --dir with the value of the client-supplied Host header. The join is performed by filepath.Join with no validation, so a Host: .. header walks one level above the document root. Subsequent file resolution then exposes everything in that parent directory — arbitrary file read, full directory listing, and, if any .lua file is present, server-side Lua execution. This vulnerability is fixed in 1.17.8. | ||||
| CVE-2018-25372 | 1 Meddream | 1 Pacs Premium | 2026-05-27 | 8.2 High |
| MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads in the email field to extract sensitive database information from the backend MySQL database. | ||||
| CVE-2018-25377 | 1 Socusoft | 1 Flash Slideshow Maker | 2026-05-27 | 8.4 High |
| Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog to trigger a reverse shell with system privileges. | ||||
| CVE-2026-24937 | 2 Videowhisper, Wordpress | 2 Broadcast Live Video, Wordpress | 2026-05-27 | 7.2 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3. | ||||
| CVE-2026-45082 | 1 Karakeep | 1 Karakeep | 2026-05-27 | 7.6 High |
| Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery (SSRF) protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward internal/private network destinations, these protections could be bypassed through crafted HTTP redirect chains. By leveraging attacker-controlled redirects, an authenticated user could cause vulnerable application components to initiate requests toward internally reachable Docker network services accessible from the application environment. The issue affected multiple processing paths, including crawler-related functionality and video download processing flows. Version 0.32.0 contains a patch. | ||||
| CVE-2025-26570 | 1 Wordpress | 1 Wordpress | 2026-05-27 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That allows Cross Site Request Forgery. This issue affects Glance That: from n/a through 4.9. | ||||
| CVE-2025-26569 | 1 Wordpress | 1 Wordpress | 2026-05-27 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Callmeforsox Post Thumbs allows Stored XSS. This issue affects Post Thumbs: from n/a through 1.5. | ||||
| CVE-2026-8676 | 1 Silabs | 1 Simplicity Sdk | 2026-05-27 | 8.8 High |
| An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond. | ||||
| CVE-2026-5718 | 2 Glenwpcoder, Wordpress | 2 Drag And Drop Multiple File Upload For Contact Form 7, Wordpress | 2026-05-27 | 8.1 High |
| The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.7. This is due to insufficient file type validation that occurs when custom blacklist types are configured, which replaces the default dangerous extension denylist instead of merging with it, and the wpcf7_antiscript_file_name() sanitization function being bypassed for filenames containing non-ASCII characters. This makes it possible for unauthenticated attackers to upload arbitrary files, such as PHP files, to the server, which can be leveraged to achieve remote code execution. The vulnerability was originally reported by Leonid Semenenko (lsemenenko) and partially patched in version 1.3.9.7. A bypass for the patch was separately discovered and reported by Nguyen Hung (Mitchell). | ||||
| CVE-2026-6659 | 1 Rsavage | 1 Crypt::passwdmd5 | 2026-05-26 | 7.5 High |
| Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. | ||||
| CVE-2026-24192 | 1 Nvidia | 6 Geforce, Nvs, Quadro and 3 more | 2026-05-26 | 7.8 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-8850 | 3 Ibm, Linux, Microsoft | 5 Aix, Http Server, Z\/os and 2 more | 2026-05-26 | 7.5 High |
| IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload. | ||||
| CVE-2026-24193 | 1 Nvidia | 5 Geforce, Nvs, Quadro and 2 more | 2026-05-26 | 7.8 High |
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution. | ||||
| CVE-2026-8834 | 3 Ibm, Linux, Microsoft | 5 Aix, Http Server, Z\/os and 2 more | 2026-05-26 | 8 High |
| IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service. | ||||