Export limit exceeded: 355183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 355183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0077 | 1 Google | 1 Android | 2026-06-03 | 7.8 High |
| In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch (bal) due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-1829 | 2 Jhorowitz, Wordpress | 2 Content Visibility For Divi Builder, Wordpress | 2026-06-03 | 8.8 High |
| The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcode 'cvdb_content_visibility_check' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server. | ||||
| CVE-2026-48598 | 1 Elixir-tesla | 1 Tesla | 2026-06-03 | N/A |
| Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.part_headers_for_disposition/1 interpolates each disposition parameter as #{k}="#{v}" with no validation of CR (\r), LF (\n), or double-quote characters. The values come verbatim from the caller via Tesla.Multipart.add_field/4 (the name parameter), Tesla.Multipart.add_file/3, and Tesla.Multipart.add_file_content/4 (both the filename parameter and other disposition opts). A " in the value closes the quoted parameter early; a \r\n ends the Content-Disposition header line and starts a new part header (such as a forged Content-Type), or, after a second \r\n, ends the entire part header block and prepends bytes to the part body. The default-filename path in add_file/3 derives the filename via Path.basename/1, which does not strip CR or LF, so any application forwarding a partially-attacker-controlled file path inherits the same issue. This issue affects tesla: from 0.8.0 before 1.18.3. | ||||
| CVE-2026-26213 | 2 Themactep, Thingino | 2 Thingino-firmware, Thingino Firmware | 2026-06-03 | 9.8 Critical |
| thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter names. Attackers can exploit the eval function in parse_query() and parse_post() functions to achieve remote code execution and perform privileged configuration changes including root password reset and SSH authorized_keys modification, resulting in full persistent device compromise. | ||||
| CVE-2026-10607 | 1 Dedecms | 1 Dedecms | 2026-06-03 | 7.3 High |
| A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument msg leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-10258 | 1 Itsourcecode | 1 Content Management System | 2026-06-03 | 6.3 Medium |
| A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/add_sub_topic.php. This manipulation of the argument topic_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-4258 | 1 Bitwiseshiftleft | 2 Sjcl, Stanford Javascript Crypto Library | 2026-06-03 | 7.5 High |
| All versions of the package sjcl are vulnerable to Improper Verification of Cryptographic Signature due to missing point-on-curve validation in sjcl.ecc.basicKey.publicKey(). An attacker can recover a victim's ECDH private key by sending crafted off-curve public keys and observing ECDH outputs. The dhJavaEc() function directly returns the raw x-coordinate of the scalar multiplication result (no hashing), providing a plaintext oracle without requiring any decryption feedback. | ||||
| CVE-2026-42167 | 1 Proftpd | 1 Proftpd | 2026-06-03 | 8.1 High |
| mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM). | ||||
| CVE-2026-48597 | 1 Elixir-tesla | 1 Tesla | 2026-06-03 | N/A |
| Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open_conn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.to_atom(uri.scheme) with no allow-list validation. BEAM atoms are never garbage-collected and the atom table is bounded (approximately 1,048,576 entries by default). An attacker who can influence the URL of a Tesla request — either via an application-level URL-forwarding feature (webhook, proxy, importer) or via a Location header returned by a server when Tesla.Middleware.FollowRedirects is in the pipeline — can mint one fresh permanent atom per request by varying the scheme string. After enough requests the atom table fills and the VM crashes, taking down the entire application. This issue affects tesla: from 1.3.0 before 1.18.3. | ||||
| CVE-2026-10264 | 1 Lharries | 1 Whatsapp-mcp | 2026-06-03 | 3.5 Low |
| A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint. This manipulation of the argument mediaPath causes path traversal. The exploit has been publicly disclosed and may be utilized. Patch name: 6657cdceadd361e8fbe824afe9d00b4504009a5d. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2026-32284 | 1 Shamaton | 1 Msgpack | 2026-06-03 | 7.5 High |
| The msgpack decoder fails to properly validate the input buffer length when processing truncated fixext data (format codes 0xd4-0xd8). This can lead to an out-of-bounds read and a runtime panic, allowing a denial of service attack. | ||||
| CVE-2024-0336 | 1 Emta Grup | 1 Pdks | 2026-06-03 | N/A |
| Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-10060 | 1 Trendnet | 2 Tew-432brp, Tew-432brp Firmware | 2026-06-03 | 6.3 Medium |
| A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetRoute of the file /goform/formSetRoute. The manipulation of the argument ip/mask/gateway leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-48594 | 1 Elixir-tesla | 1 Tesla | 2026-06-03 | N/A |
| Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is included in a Tesla middleware pipeline, HTTP response bodies are decompressed eagerly with no size limit. The decompress_body/2 function in lib/tesla/middleware/compression.ex passes the entire response body to :zlib.gunzip/1 or :zlib.unzip/1 without any cap on the output size. Additionally, compression_algorithms/1 splits the content-encoding header on commas and decompress_body/2 recurses once per token, applying a decompression pass on each iteration. A server advertising content-encoding: gzip, gzip, gzip, gzip causes four recursive decompression passes, yielding exponential amplification: each gzip layer can expand its input roughly 1000x, so a payload of a few hundred bytes on the wire inflates to gigabytes of BEAM heap, exhausting memory and crashing or freezing the calling process. This issue affects tesla: from 0.6.0 before 1.18.3. | ||||
| CVE-2026-10061 | 1 Trendnet | 2 Tew-432brp, Tew-432brp Firmware | 2026-06-03 | 6.3 Medium |
| A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-10624 | 1 Sourcecodester | 1 Human Resource Management | 2026-06-03 | 4.3 Medium |
| A vulnerability has been found in SourceCodester Human Resource Management 1.0. Affected by this vulnerability is an unknown functionality of the file /detailview.php of the component Employee View Page. Such manipulation of the argument employeeid leads to improper control of resource identifiers. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-48649 | 1 Google | 1 Android | 2026-06-03 | 7.8 High |
| In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0949 | 1 Talya Informatics | 1 Elektraweb | 2026-06-03 | 9.8 Critical |
| Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68. | ||||
| CVE-2026-40510 | 2 Opensc, Opensc Project | 2 Opensc, Opensc | 2026-06-03 | 3.8 Low |
| OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv_process_history() in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longer than 118 bytes in the Key History Object ASN.1 response. | ||||
| CVE-2024-1107 | 2 Talya Informatics, Talyabilisim | 2 Travel Apps, Travel Apps | 2026-06-03 | 9.8 Critical |
| Authorization Bypass Through User-Controlled Key vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68. | ||||