Export limit exceeded: 342045 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342045 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342045 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34871 | 2026-04-02 | 6.7 Medium | ||
| An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG). | ||||
| CVE-2026-34874 | 2026-04-02 | 7.5 High | ||
| An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0. | ||||
| CVE-2026-34875 | 2026-04-02 | 9.8 Critical | ||
| An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. | ||||
| CVE-2025-13855 | 1 Ibm | 1 Storage Protect Server | 2026-04-02 | 7.6 High |
| IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. | ||||
| CVE-2026-3777 | 2026-04-02 | 5.5 Medium | ||
| The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers are still kept and later dereferenced, which under crafted JavaScript and document structures can lead to a use-after-free condition and potentially allow arbitrary code execution. | ||||
| CVE-2026-3779 | 2026-04-02 | 7.8 High | ||
| The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution. | ||||
| CVE-2026-3778 | 2026-04-02 | 6.2 Medium | ||
| The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause uncontrolled recursion, stack exhaustion, and application crashes. | ||||
| CVE-2026-3780 | 2026-04-02 | 7.3 High | ||
| The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation. | ||||
| CVE-2026-3776 | 2026-04-02 | 5.5 Medium | ||
| The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a crafted document to trigger a null pointer dereference and crash the application, resulting in denial of service. | ||||
| CVE-2026-3775 | 2026-04-02 | 7.8 High | ||
| The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writable locations, a local attacker can place a malicious library there and have it loaded with SYSTEM privileges, resulting in local privilege escalation and arbitrary code execution. | ||||
| CVE-2025-15484 | 2026-04-02 | 9.1 Critical | ||
| The Order Notification for WooCommerce WordPress plugin before 3.6.3 overrides WooCommerce's permission checks to grant full access to all unauthenticated requests, enabling complete read/write access to store resources like products, coupons, and customers. | ||||
| CVE-2026-2696 | 2026-04-02 | 5.3 Medium | ||
| The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can brute-force the filenames to gain access to sensitive data contained within the exported files. | ||||
| CVE-2026-21632 | 2026-04-02 | N/A | ||
| Lack of output escaping for article titles leads to XSS vectors in various locations. | ||||
| CVE-2026-21631 | 2026-04-02 | N/A | ||
| Lack of output escaping leads to a XSS vector in the multilingual associations component. | ||||
| CVE-2026-21629 | 2026-04-02 | N/A | ||
| The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers. | ||||
| CVE-2026-23898 | 2026-04-02 | N/A | ||
| Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | ||||
| CVE-2026-21630 | 2026-04-02 | N/A | ||
| Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. | ||||
| CVE-2026-35091 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-04-02 | 8.2 High |
| A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents. This vulnerability affects Corosync when running in totemudp/totemudpu mode, which is the default configuration. | ||||
| CVE-2026-20042 | 2026-04-02 | 6.5 Medium | ||
| A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information. This vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user. | ||||
| CVE-2026-20085 | 2026-04-02 | 6.1 Medium | ||
| A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information. | ||||