Export limit exceeded: 46127 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46127 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-13188 2 D-link, Dlink 3 Dir-816l, Dir-816l, Dir-816l Firmware 2025-11-20 9.8 Critical
A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta. Affected by this vulnerability is the function authenticationcgi_main of the file /authentication.cgi. Performing manipulation of the argument Password results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-13189 2 D-link, Dlink 3 Dir-816l, Dir-816l, Dir-816l Firmware 2025-11-20 8.8 High
A vulnerability has been found in D-Link DIR-816L 2_06_b09_beta. This affects the function genacgi_main of the file gena.cgi. The manipulation of the argument SERVER_ID/HTTP_SID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-13190 2 D-link, Dlink 3 Dir-816l, Dir-816l, Dir-816l Firmware 2025-11-20 8.8 High
A vulnerability was found in D-Link DIR-816L 2_06_b09_beta. This vulnerability affects the function scandir_main of the file /portal/__ajax_exporer.sgi. The manipulation of the argument en results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2024-0822 2 Ovirt, Redhat 2 Ovirt-engine, Rhev Manager 2025-11-20 7.5 High
An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command.
CVE-2024-0408 4 Fedoraproject, Redhat, Tigervnc and 1 more 12 Fedora, Enterprise Linux, Enterprise Linux Desktop and 9 more 2025-11-20 5.5 Medium
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.
CVE-2024-2829 1 Gitlab 1 Gitlab 2025-11-20 7.5 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. A crafted wildcard filter in FileFinder may lead to a denial of service.
CVE-2023-6678 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions starting from 16.9 before 16.9.4, all versions starting from 16.10 before 16.10.2. It was possible for an attacker to cause a denial of service using malicious crafted content in a junit test report file.
CVE-2023-6489 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6, 16.9 prior to 16.9.4 and 16.10 prior to 16.10.2 which allows an attacker to spike the GitLab instance resources usage resulting in service degradation via chat integration feature.
CVE-2023-6159 1 Gitlab 1 Gitlab 2025-11-20 6.5 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a `Cargo.toml` containing maliciously crafted input.
CVE-2023-4522 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
An issue has been discovered in GitLab affecting all versions before 16.2.0. Committing directories containing LF character results in 500 errors when viewing the commit.
CVE-2023-3917 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail.
CVE-2023-3909 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.3 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. A Regular Expression Denial of Service was possible by adding a large string in timeout input in gitlab-ci.yml file.
CVE-2023-3906 1 Gitlab 1 Gitlab 2025-11-20 3.5 Low
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.
CVE-2023-3904 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all versions starting from 16.5 before 16.5.4, all versions starting from 16.6 before 16.6.2. It was possible to overflow the time spent on an issue that altered the details shown in the issue boards.
CVE-2023-3900 1 Gitlab 1 Gitlab 2025-11-20 4.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. An invalid 'start_sha' value on merge requests page may lead to Denial of Service as Changes tab would not load.
CVE-2023-3364 1 Gitlab 1 Gitlab 2025-11-20 7.5 High
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use AutolinkFilter to the preview_markdown endpoint.
CVE-2023-3210 1 Gitlab 1 Gitlab 2025-11-20 6.5 Medium
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.
CVE-2023-3205 1 Gitlab 1 Gitlab 2025-11-20 6.5 Medium
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.
CVE-2023-0632 1 Gitlab 1 Gitlab 2025-11-20 6.5 Medium
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible by using crafted payloads to search Harbor Registry.
CVE-2025-11338 2 D-link, Dlink 3 Di-7100g C1, Di-7100g C1, Di-7100g C1 Firmware 2025-11-19 8.8 High
A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulnerability affects the function sub_4C0990 of the file /webchat/login.cgi of the component jhttpd. Executing manipulation of the argument openid can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.