Total
34851 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0869 | 2 Broadcom, Brocade | 2 Brocade Active Support Connectivity Gateway, Ascg | 2026-03-09 | 8.8 High |
| Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support Link(BSL) and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric. | ||||
| CVE-2025-15315 | 1 Tanium | 3 Module Server, Moduleserver, Server | 2026-03-09 | 6.7 Medium |
| Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. | ||||
| CVE-2025-7375 | 1 Tp-link | 3 Eap610 V3, Omada Eap610, Omada Eap610 Firmware | 2026-03-09 | 6.5 Medium |
| A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the device’s HTTP service to crash. This results in temporary service unavailability until the device is rebooted. This issue affects Omada EAP610 firmware versions prior to 1.6.0. | ||||
| CVE-2025-66678 | 1 Faintsnow | 2 Hardware Read \& Write Utility, Nil Hardware Editor Hardware Read & Write Utility | 2026-03-09 | 9.8 Critical |
| An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request. | ||||
| CVE-2025-15545 | 1 Tp-link | 2 Archer Re605x, Archer Re605x Firmware | 2026-03-09 | 6.8 Medium |
| The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. Successful exploitation allows the attacker to gain root-level command execution, compromising confidentiality, integrity and availability. | ||||
| CVE-2026-3257 | 1 Tokuhirom | 1 Unqlite | 2026-03-09 | 9.8 Critical |
| UnQLite versions through 0.06 for Perl uses a potentially insecure version of the UnQLite library. UnQLite for Perl embeds the UnQLite library. Version 0.06 and earlier of the Perl module uses a version of the library from 2014 that may be vulnerable to a heap-based overflow. | ||||
| CVE-2025-21836 | 1 Linux | 1 Linux Kernel | 2026-03-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: reallocate buf lists on upgrade IORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it was created for legacy selected buffer and has been emptied. It violates the requirement that most of the field should stay stable after publish. Always reallocate it instead. | ||||
| CVE-2022-32148 | 2 Golang, Redhat | 19 Go, Acm, Application Interconnect and 16 more | 2026-03-06 | 6.5 Medium |
| Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the value of the X-Forwarded-For header. | ||||
| CVE-2022-37004 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2026-03-06 | 7.5 High |
| The Settings application has a vulnerability of bypassing the out-of-box experience (OOBE). Successful exploitation of this vulnerability may affect the availability. | ||||
| CVE-2022-35290 | 1 Sap | 1 Authenticator | 2026-03-06 | 7.5 High |
| Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted. | ||||
| CVE-2021-40040 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2026-03-06 | 7.5 High |
| Vulnerability of writing data to an arbitrary address in the HW_KEYMASTER module. Successful exploitation of this vulnerability may affect confidentiality. | ||||
| CVE-2021-40030 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2026-03-06 | 7.5 High |
| The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. | ||||
| CVE-2025-66490 | 1 Traefik | 1 Traefik | 2026-03-06 | 6.5 Medium |
| Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters (/, \, Null, ;, ?, #) can bypass the middleware chain and reach unintended backends. For example, a request to http://mydomain.example.com/admin%2F could reach service-a without triggering my-security-middleware, bypassing security controls for the /admin/ path. This issue is fixed in versions 2.11.32 and 3.6.3. | ||||
| CVE-2026-28559 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-06 | 5.3 Medium |
| wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query. | ||||
| CVE-2025-66319 | 1 Huawei | 1 Harmonyos | 2026-03-06 | 3.3 Low |
| Permission control vulnerability in the resource scheduling module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2026-28539 | 1 Huawei | 1 Harmonyos | 2026-03-06 | 6.2 Medium |
| Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-28541 | 1 Huawei | 1 Harmonyos | 2026-03-06 | 4 Medium |
| Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-28542 | 1 Huawei | 2 Emui, Harmonyos | 2026-03-06 | 7.3 High |
| Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-2805 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-06 | 9.8 Critical |
| Invalid pointer in the DOM: Core & HTML component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | ||||
| CVE-2026-2791 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-06 | 9.8 Critical |
| Mitigation bypass in the Networking: Cache component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8. | ||||