Export limit exceeded: 361364 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361364 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56787 | 1 Tomojitakasu | 1 Rtklib | 2026-06-26 | 6.5 Medium |
| RTKLIB through 2.4.3 contains an off-by-one out-of-bounds read vulnerability in the decode_ssr3 function at src/rtcm3.c:1446 that allows remote attackers to trigger a global buffer overflow via crafted RTCM3 SSR messages with attacker-controlled signal mode fields. Remote attackers can exploit this vulnerability by sending malicious SSR correction streams over NTRIP or serial connections to cause denial of service or crash RTKLIB rovers and CORS servers. | ||||
| CVE-2026-56788 | 1 Tomojitakasu | 1 Rtklib | 2026-06-26 | 4.4 Medium |
| RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table, resulting in reliable crashes and potential memory disclosure of adjacent global data. | ||||
| CVE-2026-56789 | 1 Tomojitakasu | 1 Rtklib | 2026-06-26 | 6.5 Medium |
| RTKLIB through 2.4.3 contains a heap buffer overflow vulnerability in the readrnxobsb function in src/rinex.c that allows attackers to trigger memory corruption by failing to clamp satellite count values from RINEX epoch headers. Attackers can craft malicious RINEX files declaring more than 64 satellites per epoch to cause heap buffer overflow writes and out-of-bounds stack reads, crashing RTKLIB-based applications including rnx2rtkp and RTKPOST. | ||||
| CVE-2026-56790 | 1 Canboat | 1 Canboat | 2026-06-26 | 7.3 High |
| CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or N2K-over-IP to trigger an out-of-bounds array access and denial of service. | ||||
| CVE-2026-44279 | 1 Fortinet | 2 Fortitoken Mobile, Fortitokenandroid | 2026-06-26 | 5 Medium |
| An improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to disclose information via an exported Content Provider URI. | ||||
| CVE-2026-12183 | 1 Nefteprodukttekhnika Llc | 1 Buk Ts-g Gas Station Automation System | 2026-06-26 | 9.8 Critical |
| Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules. | ||||
| CVE-2026-11527 | 1 Shlomi Fish | 1 Config-inifiles | 2026-06-26 | 8.6 High |
| Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle. Config::IniFiles::_make_filehandle opens a filename argument with Perl's 2-arg open(), so a filename that begins or ends with a pipe ("| cmd", "cmd |") or begins with a redirect ("> path", ">> path") is run as a command or redirect rather than opened as a file. The helper is the open path behind the documented -file argument: new(-file => $thing) reaches it through ReadConfig. An in-memory scalar reference (-file => \$text) does not open a path and is unaffected. Any caller that forwards untrusted input to the -file argument can run an arbitrary command or truncate a file under the process UID. | ||||
| CVE-2026-12197 | 1 Ruijie | 2 Eg105g-p, Rg-eg105g-p | 2026-06-26 | 7.2 High |
| A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-36670 | 1 Opensips | 1 Opensips | 2026-06-26 | 8.8 High |
| A Time-Based Blind SQL Injection vulnerability in the alias_management module of OpenSIPS Control Panel (opensips-cp) prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in alias_management.php. | ||||
| CVE-2026-9278 | 2 Formbuilder Project, Wordpress | 2 Formbuilder, Wordpress | 2026-06-26 | 5.4 Medium |
| The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of a client-side script execution, allowing authenticated users with Editor-level access and above to perform Stored Cross-Site Scripting attacks against any visitor of a page rendering the affected form, even when the `unfiltered_html` capability is disallowed (e.g. in a multisite network). | ||||
| CVE-2026-49111 | 2 Themegrill, Wordpress | 2 Masteriyo, Wordpress | 2026-06-26 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n/a through 2.2.0. | ||||
| CVE-2026-48969 | 2 Really-simple-plugins, Wordpress | 2 Really Simple Ssl, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions. | ||||
| CVE-2025-64215 | 2 Stylemixthemes, Wordpress | 2 Masterstudy Lms, Wordpress | 2026-06-26 | 6.5 Medium |
| Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects MasterStudy LMS Pro: from n/a before 4.7.16. | ||||
| CVE-2023-4727 | 1 Redhat | 6 Certificate System Eus, Enterprise Linux, Rhel Aus and 3 more | 2026-06-26 | 7.5 High |
| A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. | ||||
| CVE-2026-9691 | 2 Crm Perks, Wordpress | 2 Integration For Mailchimp And Contact Form 7, Wpforms, Elementor, Ninja Forms, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Integration for ActiveCampaign and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 versions. | ||||
| CVE-2026-24637 | 2 Blubrry, Wordpress | 2 Powerpress Podcasting, Wordpress | 2026-06-26 | 8.5 High |
| Contributor SQL Injection in PowerPress Podcasting <= 11.15.10 versions. | ||||
| CVE-2026-27053 | 2 Videowhisper, Wordpress | 2 Broadcast Live Video, Wordpress | 2026-06-26 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions. | ||||
| CVE-2026-27407 | 2 Meowapps, Wordpress | 2 Ai Engine, Wordpress | 2026-06-26 | 7.2 High |
| Editor Privilege Escalation in AI Engine <= 3.4.9 versions. | ||||
| CVE-2026-39450 | 2 Funnelkit, Wordpress | 2 Funnelkit Automations, Wordpress | 2026-06-26 | 7.1 High |
| Subscriber Broken Authentication in FunnelKit Automations <= 3.7.3 versions. | ||||
| CVE-2026-39515 | 2 Stylemix, Wordpress | 2 Motors, Wordpress | 2026-06-26 | 6.5 Medium |
| Subscriber Broken Access Control in Motors < 1.4.107 versions. | ||||