Export limit exceeded: 11511 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11511 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10770 | 1 Envothemes | 1 Envo Extra | 2026-04-08 | 4.3 Medium |
| The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.3 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | ||||
| CVE-2024-11181 | 1 Greenshiftwp | 1 Greenshift - Animation And Page Builder Blocks | 2026-04-08 | 4.3 Medium |
| The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wp_reusable_render' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. | ||||
| CVE-2022-4100 | 2 Gioni, Wpcerber | 2 Wp Cerber Security, Cerber Security Antispam \& Malware Scan | 2026-04-08 | 5.3 Medium |
| The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it possible for an attacker whose IP address has been blocked to bypass this control by setting the X-Forwarded-For: HTTP header to an IP Address that hasn't been blocked. | ||||
| CVE-2026-35540 | 1 Roundcube | 1 Webmail | 2026-04-07 | 5.4 Medium |
| An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. | ||||
| CVE-2026-35545 | 1 Roundcube | 1 Webmail | 2026-04-07 | 5.3 Medium |
| An issue was discovered in Roundcube Webmail before 1.5.15 and 1.6.15. The remote image blocking feature can be bypassed via SVG content in an e-mail message. This may lead to information disclosure or access-control bypass. This involves the animate element with attributeName=fill/filter/stroke. | ||||
| CVE-2023-53930 | 1 Projectsend | 1 Projectsend | 2026-04-07 | 7.5 High |
| ProjectSend r1605 contains an insecure direct object reference vulnerability that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Attackers can access any user's private files by changing the 'id' parameter in the download request to process.php. | ||||
| CVE-2023-53914 | 1 Ulicms | 1 Ulicms | 2026-04-07 | 9.8 Critical |
| UliCMS 2023.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to create admin users through mass assignment in the UserController. Attackers can send a crafted POST request to the admin index.php endpoint with specific parameters to generate an administrative account with full system access. | ||||
| CVE-2023-53901 | 1 Wbce | 1 Wbce Cms | 2026-04-07 | 5.4 Medium |
| WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests. | ||||
| CVE-2022-50899 | 3 Geonetwork, Geonetwork-opensource, Osgeo | 3 Opensource, Geonetwork, Geonetwork | 2026-04-07 | 6.5 Medium |
| Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests. | ||||
| CVE-2020-37094 | 1 Espocrm | 1 Espocrm | 2026-04-07 | 9.8 Critical |
| EspoCRM 5.8.5 contains an authentication vulnerability that allows attackers to access other user accounts by manipulating authorization headers. Attackers can decode and modify Basic Authorization and Espo-Authorization tokens to gain unauthorized access to administrative user information and privileges. | ||||
| CVE-2026-5599 | 1 Pretix | 1 Venueless | 2026-04-07 | N/A |
| A user with API access and "manage users" permission in any venueless world is able to trigger deletion of user accounts in other worlds. | ||||
| CVE-2026-29924 | 1 Getgrav | 2 Grav, Grav Cms | 2026-04-07 | 7.6 High |
| Grav CMS v1.7.x and before is vulnerable to XML External Entity (XXE) through the SVG file upload functionality in the admin panel and File Manager plugin. | ||||
| CVE-2026-34570 | 1 Ci4-cms-erp | 1 Ci4ms | 2026-04-07 | 8.8 High |
| CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deleted. Due to a logic flaw in the backend design, account state changes are enforced only during authentication (login), not for already-established sessions. The system implicitly assumes that authenticated users remain trusted for the lifetime of their session. There is no session expiration or account expiration mechanism in place, causing deleted accounts to retain indefinite access until the user manually logs out. This behavior breaks the intended access control policy and results in persistent unauthorized access. This issue has been patched in version 0.31.0.0. | ||||
| CVE-2026-34572 | 1 Ci4-cms-erp | 1 Ci4ms | 2026-04-07 | 8.8 High |
| CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deactivated. Due to a logic flaw in the backend design, account state changes are enforced only during authentication (login), not for already-established sessions. The system implicitly assumes that authenticated users remain trusted for the lifetime of their session. There is no session expiration or account expiration mechanism in place, causing deactivated accounts to retain indefinite access until the user manually logs out. This behavior breaks the intended access control policy and results in persistent unauthorized access, representing a critical security flaw. This issue has been patched in version 0.31.0.0. | ||||
| CVE-2025-66483 | 1 Ibm | 1 Aspera Shares | 2026-04-07 | 6.3 Medium |
| IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. | ||||
| CVE-2025-66485 | 1 Ibm | 1 Aspera Shares | 2026-04-07 | 5.4 Medium |
| IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. | ||||
| CVE-2025-58136 | 1 Apache | 1 Traffic Server | 2026-04-07 | 7.5 High |
| A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to set proxy.config.http.request_buffer_enabled to 0 (the default value is 0). | ||||
| CVE-2026-34083 | 1 Signalk | 2 Signal K Server, Signalk-server | 2026-04-07 | 6.1 Medium |
| Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.24.0, SignalK Server contains a code-level vulnerability in its OIDC login and logout handlers where the unvalidated HTTP Host header is used to construct the OAuth2 redirect_uri. Because the redirectUri configuration is silently unset by default, an attacker can spoof the Host header to steal OAuth authorization codes and hijack user sessions in realistic deployments as The OIDC provider will then send the authorization code to whatever domain was injected. This issue has been patched in version 2.24.0. | ||||
| CVE-2026-35386 | 1 Openbsd | 1 Openssh | 2026-04-07 | 3.6 Low |
| In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config. | ||||
| CVE-2026-35387 | 1 Openbsd | 1 Openssh | 2026-04-07 | 3.1 Low |
| OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms. | ||||