Export limit exceeded: 355073 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355073 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4992 | 1 Draeger | 2 Infinity Acute Care System, Standalone Infinity M540 Patient Monitor | 2026-06-03 | 8.6 High |
| Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected) contain a network message handling vulnerability that allows remote attackers to inject spoofed or tampered data and cause denial-of-service conditions. Attackers can compromise network communications to modify device settings such as alarm states or alarm limits, or overwhelm the system with excessive network traffic causing the Cockpit or M540 to reboot and lose network functionality. | ||||
| CVE-2024-14036 | 1 Draeger | 2 Core, M540 Converter Service | 2026-06-03 | 7.5 High |
| Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network can send malformed SDC packets to exhaust CPU resources in the affected process, causing further SDC messages to no longer be processed. | ||||
| CVE-2025-15653 | 1 Draeger | 2 Zeus Ie, Zeus Rs C500 | 2026-06-03 | 6.8 Medium |
| Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to impair therapy functions, manipulate device-processed data, or leverage the device as a pivot point for broader network-based attacks when connected to a network or Dräger Service Connect. | ||||
| CVE-2021-4480 | 1 Draeger | 1 Protector Software | 2026-06-03 | 8.2 High |
| Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges. | ||||
| CVE-2021-4481 | 1 Draeger | 1 Protector Software | 2026-06-03 | 8.2 High |
| Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges. | ||||
| CVE-2026-42504 | 1 Golang | 1 Mime | 2026-06-03 | N/A |
| Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. | ||||
| CVE-2026-42507 | 1 Golang | 1 Net | 2026-06-03 | N/A |
| When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged. | ||||
| CVE-2026-10717 | 1 Seagate | 1 Open Seachest | 2026-06-03 | N/A |
| Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect response length. | ||||
| CVE-2026-25861 | 1 Qloapps | 1 Qloapps | 2026-06-03 | 5.9 Medium |
| QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password hashing in the Tools::encrypt() function within classes/Tools.php, which concatenates a static cookie key with the supplied password. Attackers can perform offline brute-force attacks against the MD5 hashes, with the risk compounded by auto-generated 8-character passwords assigned during guest-to-customer account conversion in classes/Customer.php, making credential recovery trivial. | ||||
| CVE-2026-10718 | 1 Seagate | 1 Open Seachest | 2026-06-03 | N/A |
| Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 bytes outside of the allocated space when running this operation. | ||||
| CVE-2026-10719 | 1 Seagate | 1 Open Seachest | 2026-06-03 | N/A |
| Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte. | ||||
| CVE-2026-35482 | 1 Alfio-event | 1 Alf.io | 2026-06-03 | 8 High |
| alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, a sandbox escape vulnerability in the alf.io extension script engine allows an authenticated administrator to execute arbitrary operating system commands on the server. The extension system is intended to execute restricted JavaScript in a sandboxed Rhino environment; however, a combination of an unguarded injected Java object (`returnClass`) and an incomplete AST blocklist allows the sandbox to be fully escaped using Java reflection without triggering any validation errors. Version 2.0-M5-2606 patches the issue. | ||||
| CVE-2026-41412 | 1 Alfio-event | 1 Alf.io | 2026-06-03 | 4.9 Medium |
| alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client (`simpleHttpClient`) into every extension script's scope. The `postFileAndSaveResponse()` method accepts an arbitrary filesystem path as its `file` parameter and reads the file contents using `new FileInputStream(file)` with no path validation, directory restriction, or allowlist. A malicious extension script can read any file accessible to the JVM process user and exfiltrate it to an attacker-controlled server via HTTP POST. Version 2.0-M5-2606 patches the issue. | ||||
| CVE-2026-7421 | 2 Passeum, Wordpress | 2 Passeum Ticketing, Wordpress | 2026-06-03 | 4.4 Medium |
| The Passeum Ticketing plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.0. This is due to the `get_shop_url()` method returning the `shop_name` setting value without sanitization when it begins with "http", combined with insufficient validation in the `validate_shop_name()` function which only checks for empty values and string type. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary external scripts by setting the `shop_name` to an attacker-controlled URL (e.g., `https://attacker.com`), which causes the plugin to enqueue external JavaScript and CSS from the attacker-controlled domain via `wp_register_script()` and `wp_register_style()`. The injected scripts execute on every frontend page containing any Passeum Ticketing shortcode, affecting all site visitors. Please note that this does not affect single-site installations as administrators already have the `unfiltered_html` capability. | ||||
| CVE-2026-9732 | 2 Planetshaker, Wordpress | 2 Emergencywp – Dead Man's Switch & Legacy Deliverance, Wordpress | 2026-06-03 | 4.3 Medium |
| The EmergencyWP – Dead Man's switch & legacy deliverance plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the form_settings_ui (settings save handler, procedural include scope) function. This makes it possible for unauthenticated attackers to modify plugin settings including the minimum access role (altering WordPress role capabilities via add_cap/remove_cap), the data-erasure-on-uninstall flag, life-check timing values, the mandator email address, the confirmation page ID, and date/time formats via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2026-10722 | 1 Cilium | 1 Ebpf | 2026-06-03 | 3.3 Low |
| A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The name of the patch is 533dfc82fd228bfadf42ea7180c39de7d9af47fa. A patch should be applied to remediate this issue. | ||||
| CVE-2026-35085 | 1 Mbs | 18 Double A Profibus Firmware, Double A X Link Firmware, Double X Can Firmware and 15 more | 2026-06-03 | 8.8 High |
| A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. | ||||
| CVE-2026-35084 | 1 Mbs | 18 Double A Profibus Firmware, Double A X Link Firmware, Double X Can Firmware and 15 more | 2026-06-03 | 8.8 High |
| A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. | ||||
| CVE-2026-35083 | 1 Mbs | 18 Double A Profibus Firmware, Double A X Link Firmware, Double X Can Firmware and 15 more | 2026-06-03 | 8.8 High |
| A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. | ||||
| CVE-2026-35082 | 1 Mbs | 18 Double A Profibus Firmware, Double A X Link Firmware, Double X Can Firmware and 15 more | 2026-06-03 | 8.8 High |
| The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. | ||||