Export limit exceeded: 355362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355362 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355362 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25736 | 1 Labf | 1 Nfsaxe | 2026-06-04 | 8.4 High |
| LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands. | ||||
| CVE-2019-25735 | 1 Allplayer | 1 Allplayer | 2026-06-04 | 8.4 High |
| AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger SEH-based code execution to run arbitrary commands with user privileges. | ||||
| CVE-2019-25741 | 2026-06-04 | 9.8 Critical | ||
| Mobatek MobaXterm 12.1 contains a structured exception handling (SEH) based buffer overflow vulnerability in the username field of session files that allows remote attackers to execute arbitrary code. Attackers can craft a malicious MobaXterm sessions file with overflow data that triggers the vulnerability when imported and executed, enabling reverse shell execution with user privileges. | ||||
| CVE-2019-25739 | 2026-06-04 | 6.4 Medium | ||
| GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the create_proposal endpoint that execute when administrators or other users view the stored proposal, enabling cookie theft and malicious redirects. | ||||
| CVE-2019-25728 | 1 Care2x | 2 Care2x, Hospital Information Management | 2026-06-04 | 8.2 High |
| Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie parameter. Attackers can inject malicious SQL through the ck_config cookie in multiple endpoints including login.php, indexframe.php, and various module files to extract sensitive database information without authentication. | ||||
| CVE-2019-25745 | 2026-06-04 | 8.2 High | ||
| WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with malicious 'tid' values to extract sensitive database information using time-based blind SQL injection techniques. | ||||
| CVE-2025-62338 | 2026-06-04 | 3.3 Low | ||
| The HCL BigFix Cloud Lifecycle Management is affected by Lack Of Input Validation. It may leads to an information exposure vulnerability. This low-level flaw allows unauthorized access. | ||||
| CVE-2025-46638 | 1 Dell | 1 Bsafe Ssl-j | 2026-06-04 | 7.5 High |
| Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service (DoS). | ||||
| CVE-2026-10855 | 1 Misp | 1 Misp | 2026-06-04 | N/A |
| An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already existed but did not verify that the importing user belonged to the organization that owned the existing template. As a result, an authenticated user with access to the template import functionality could forcibly overwrite an event template owned by another organization. Successful exploitation could allow unauthorized modification of another organization’s event template, potentially altering template structure, attributes, or metadata used for subsequent event creation or sharing workflows. Site administrators are not affected by this restriction, as they are explicitly allowed to overwrite templates across organizations. The issue was fixed by enforcing an ownership check before overwrite: non-site-admin users may only overwrite templates owned by their own organization. | ||||
| CVE-2026-10856 | 1 Misp | 1 Misp | 2026-06-04 | N/A |
| A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation rejected URLs containing an explicit scheme, host, or user component, but did not reject paths beginning with a slash followed by a backslash, such as /\example.com. Some browsers normalize backslashes in URLs as forward slashes, which can turn this into a scheme-relative external navigation target. In addition, the generated href concatenated the reconstructed URL with the original URL, increasing the possibility of unsafe or malformed link generation. An attacker able to configure or influence a dashboard button URL could craft a button that appears to point inside the application but redirects users to an attacker-controlled site when clicked. This could be used for phishing, credential theft, or social engineering. The patch fixes the issue by rejecting empty paths and paths starting with /\, and by emitting only the reconstructed validated URL in the anchor href. | ||||
| CVE-2026-10861 | 1 Misp | 1 Misp | 2026-06-04 | N/A |
| An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination without sufficiently enforcing that it was a local application path. An unauthenticated remote attacker could craft a link that causes a victim to visit a trusted MISP instance and, after successful authentication, be redirected to an attacker-controlled external URL. This could be abused to increase the credibility of phishing attacks, redirect users to counterfeit login pages, or deliver attacker-controlled content from an untrusted domain. CWE-601 describes this weakness as accepting user-controlled input that specifies an external link and using it in a redirect, with phishing as a common consequence. The patch mitigates the issue by decoding and parsing the URL, rejecting URLs with a scheme, host, user component, missing or non-local path, and protocol-relative forms such as //example.com and /\example.com. | ||||
| CVE-2026-41283 | 2026-06-04 | 9.9 Critical | ||
| OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials. | ||||
| CVE-2026-32590 | 1 Redhat | 3 Mirror Registry, Mirror Registry For Red Hat Openshift, Quay | 2026-06-04 | 7.1 High |
| A flaw was found in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database using a format that, if tampered with, could allow an attacker to execute arbitrary code on the Quay server. | ||||
| CVE-2026-32589 | 1 Redhat | 3 Mirror Registry, Mirror Registry For Red Hat Openshift, Quay | 2026-06-04 | 7.4 High |
| A flaw was found in Red Hat Quay's container image upload process. An authenticated user with push access to any repository on the registry can interfere with image uploads in progress by other users, including those in repositories they do not have access to. This could allow the attacker to read, modify, or cancel another user's in-progress image upload. | ||||
| CVE-2026-45287 | 2026-06-04 | N/A | ||
| OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on each successful `ParseFile` call. `ParseFile` opens the schema file and passes it to `Parse` without closing it; repeated parsing in a long-running process can exhaust the process file descriptor limit and cause denial of service. Exploitation depends on a consuming application exposing repeated schema parsing to an attacker-controlled path. Version 0.0.17 contains a patch for the issue. | ||||
| CVE-2026-2377 | 1 Redhat | 3 Mirror Registry, Mirror Registry For Red Hat Openshift, Quay | 2026-06-04 | 6.5 Medium |
| A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF). This could lead to unauthorized access to sensitive information or other internal systems. | ||||
| CVE-2026-8398 | 2 Disc-soft, Microsoft | 2 Daemon Tools, Windows | 2026-06-04 | 9.8 Critical |
| A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe. These files were digitally signed with the legitimate AVB Disc Soft code-signing certificate, allowing the malicious installers to appear trustworthy and bypass signature-based detection. | ||||
| CVE-2019-25740 | 1 Joomsky | 1 Js Jobs | 2026-06-04 | 6.5 Medium |
| Joomla com_jsjobs 1.2.6 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating custom userfield parameters. Attackers can send POST requests to the job.savejob task with path traversal sequences in the field_2 parameter to delete arbitrary files accessible to the web server. | ||||
| CVE-2019-25744 | 2 Popup Builder, Wordpress | 2 Popup Builder, Wordpress | 2026-06-04 | 6.4 Medium |
| WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post_title parameter. Attackers can submit crafted POST requests to the post.php endpoint with script payloads in the post_title field that execute when pages or posts display popup selections. | ||||
| CVE-2026-3888 | 1 Canonical | 2 Ubuntu, Ubuntu Linux | 2026-06-04 | 7.8 High |
| Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS. | ||||