Export limit exceeded: 340845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 340845 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (340845 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32062 | 1 Openclaw | 3 Openclaw, Openclaw\/voice-call, Voice-call | 2026-03-27 | 7.5 High |
| OpenClaw versions2026.2.21-2 prior to 2026.2.22 and @openclaw/voice-call versions 2026.2.21 prior to 2026.2.22 accept media-stream WebSocket upgrades before stream validation, allowing unauthenticated clients to establish connections. Remote attackers can hold idle pre-authenticated sockets open to consume connection resources and degrade service availability for legitimate streams. | ||||
| CVE-2025-66955 | 1 Asseco | 1 See Live | 2026-03-27 | 6.5 Medium |
| Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls. | ||||
| CVE-2026-21670 | 1 Veeam | 1 Backup And Replication | 2026-03-27 | 7.7 High |
| A vulnerability allowing a low-privileged user to extract saved SSH credentials. | ||||
| CVE-2026-21669 | 1 Veeam | 1 Backup And Replication | 2026-03-27 | 10 Critical |
| A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server. | ||||
| CVE-2026-21668 | 1 Veeam | 1 Backup And Replication | 2026-03-27 | 8.8 High |
| A vulnerability allowing an authenticated domain user to bypass restrictions and manipulate arbitrary files on a Backup Repository. | ||||
| CVE-2026-21672 | 1 Veeam | 1 Backup And Recovery | 2026-03-27 | 8.8 High |
| A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers. | ||||
| CVE-2026-21708 | 1 Veeam | 1 Backup And Recovery | 2026-03-27 | 10 Critical |
| A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | ||||
| CVE-2026-22209 | 2 Gvectors, Wordpress | 2 Wpdiscuz, Wordpress | 2026-03-27 | 5.5 Medium |
| wpDiscuz before 7.6.47 contains a cross-site scripting vulnerability in the customCss field that allows administrators to inject malicious scripts by breaking out of style tags. Attackers with admin access can inject payloads like </style><script>alert(1)</script> in the custom CSS setting to execute arbitrary JavaScript in user browsers. | ||||
| CVE-2026-26133 | 1 Microsoft | 33 365 Copilot Android, 365 Copilot For Android, 365 Copilot For Ios and 30 more | 2026-03-27 | 7.1 High |
| AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-20993 | 1 Samsung | 1 Samsung Assistant | 2026-03-27 | N/A |
| Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. | ||||
| CVE-2026-20994 | 1 Samsung | 1 Account | 2026-03-27 | N/A |
| URL redirection in Samsung Account prior to version 15.5.01.1 allows remote attackers to potentially get access token. | ||||
| CVE-2026-20995 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration. | ||||
| CVE-2026-20996 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication. | ||||
| CVE-2026-20997 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication. | ||||
| CVE-2026-20998 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication. | ||||
| CVE-2026-20999 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions. | ||||
| CVE-2026-21000 | 1 Samsung | 1 Galaxy Store | 2026-03-27 | N/A |
| Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||||
| CVE-2026-21001 | 1 Samsung | 1 Galaxy Store | 2026-03-27 | N/A |
| Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||||
| CVE-2026-21002 | 1 Samsung | 1 Galaxy Store | 2026-03-27 | N/A |
| Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. | ||||
| CVE-2026-21004 | 1 Samsung | 1 Smart Switch | 2026-03-27 | N/A |
| Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service. | ||||