Export limit exceeded: 35438 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3089 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27489 | 2 Linuxfoundation, Onnx | 2 Onnx, Onnx | 2026-04-08 | 7.5 High |
| Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, a path traversal vulnerability via symlink allows to read arbitrary files outside model or user-provided directory. This issue has been patched in version 1.21.0. | ||||
| CVE-2026-4820 | 1 Ibm | 1 Maximo Application Suite | 2026-04-08 | 4.3 Medium |
| IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. | ||||
| CVE-2026-30867 | 2 Apple, Emqx | 3 Iphone Os, Macos, Cocoamqtt | 2026-04-08 | 5.7 Medium |
| CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker (or a compromised/malicious MQTT broker) to remotely crash the host iOS/macOS/tvOS application. If an attacker publishes the 4-byte malformed payload to a shared topic with the RETAIN flag set to true, the MQTT broker will persist the payload. Any time a vulnerable client connects and subscribes to that topic, the broker will automatically push the malformed packet. The app will instantly crash in the background before the user can even interact with it. This effectively "bricks" the mobile application (a persistent DoS) until the retained message is manually wiped from the broker database. This issue has been patched in version 2.2.2. | ||||
| CVE-2022-50899 | 3 Geonetwork, Geonetwork-opensource, Osgeo | 3 Opensource, Geonetwork, Geonetwork | 2026-04-07 | 6.5 Medium |
| Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests. | ||||
| CVE-2026-29924 | 1 Getgrav | 2 Grav, Grav Cms | 2026-04-07 | 7.6 High |
| Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through the SVG file upload functionality in the admin panel and File Manager plugin. | ||||
| CVE-2026-34570 | 1 Ci4-cms-erp | 1 Ci4ms | 2026-04-07 | 8.8 High |
| CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deleted. Due to a logic flaw in the backend design, account state changes are enforced only during authentication (login), not for already-established sessions. The system implicitly assumes that authenticated users remain trusted for the lifetime of their session. There is no session expiration or account expiration mechanism in place, causing deleted accounts to retain indefinite access until the user manually logs out. This behavior breaks the intended access control policy and results in persistent unauthorized access. This issue has been patched in version 0.31.0.0. | ||||
| CVE-2026-34572 | 1 Ci4-cms-erp | 1 Ci4ms | 2026-04-07 | 8.8 High |
| CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deactivated. Due to a logic flaw in the backend design, account state changes are enforced only during authentication (login), not for already-established sessions. The system implicitly assumes that authenticated users remain trusted for the lifetime of their session. There is no session expiration or account expiration mechanism in place, causing deactivated accounts to retain indefinite access until the user manually logs out. This behavior breaks the intended access control policy and results in persistent unauthorized access, representing a critical security flaw. This issue has been patched in version 0.31.0.0. | ||||
| CVE-2025-66483 | 1 Ibm | 1 Aspera Shares | 2026-04-07 | 6.3 Medium |
| IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. | ||||
| CVE-2023-3972 | 1 Redhat | 23 Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Desktop and 20 more | 2026-04-06 | 7.8 High |
| A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide). | ||||
| CVE-2026-5170 | 1 Mongodb | 2 Mongodb, Mongodb Server | 2026-04-03 | 5.3 Medium |
| A user with access to the cluster with a limited set of privilege actions can trigger a crash of a mongod process during the limited and unpredictable window when the cluster is being promoted from a replica set to a sharded cluster. This may cause a denial of service by taking down the primary of the replica set. This issue affects MongoDB Server v8.2 versions prior to 8.2.2, MongoDB Server v8.0 versions between 8.0.18, MongoDB Server v7.0 versions between 7.0.31. | ||||
| CVE-2026-22767 | 1 Dell | 1 Appsync | 2026-04-03 | 7.3 High |
| Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | ||||
| CVE-2026-32745 | 1 Jetbrains | 1 Datalore | 2026-04-02 | 6.3 Medium |
| In JetBrains Datalore before 2026.1 session hijacking was possible due to missing secure attribute for cookie settings | ||||
| CVE-2024-27872 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sonoma 14.6. An app may be able to access protected user data. | ||||
| CVE-2024-23285 | 1 Apple | 1 Macos | 2026-04-02 | 7.8 High |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk. | ||||
| CVE-2024-44132 | 1 Apple | 1 Macos | 2026-04-02 | 8.4 High |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox. | ||||
| CVE-2026-20694 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-04-02 | 5.5 Medium |
| This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data. | ||||
| CVE-2026-33952 | 1 Freerdp | 1 Freerdp | 2026-04-02 | 6.5 Medium |
| FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, an unvalidated auth_length field read from the network triggers a WINPR_ASSERT() failure in rts_read_auth_verifier_no_checks(), causing any FreeRDP client connecting through a malicious RDP Gateway to crash with SIGABRT. This is a pre-authentication denial of service affecting all FreeRDP clients using RPC-over-HTTP gateway transport. The assertion is active in default release builds (WITH_VERBOSE_WINPR_ASSERT=ON). This issue has been patched in version 3.24.2. | ||||
| CVE-2026-34503 | 1 Openclaw | 1 Openclaw | 2026-04-02 | 8.1 High |
| OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. Attackers with revoked credentials can maintain unauthorized access through existing live sessions until forced reconnection. | ||||
| CVE-2024-47522 | 1 Oisf | 1 Suricata | 2026-04-02 | 7.5 High |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, invalid ALPN in TLS/QUIC traffic when JA4 matching/logging is enabled can lead to Suricata aborting with a panic. This issue has been addressed in 7.0.7. One may disable ja4 as a workaround. | ||||
| CVE-2024-45795 | 1 Oisf | 1 Suricata | 2026-04-02 | 7.5 High |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service. This issue is addressed in 7.0.7. As a workaround, use only trusted and well tested rulesets. | ||||