Export limit exceeded: 347900 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-6449 | 2026-05-04 | 5.3 Medium | ||
| The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and including, 2.1.2. This is due to a logical short-circuit flaw in authorization logic that causes token validation to be entirely skipped when a booking has a 'waiting' status. This makes it possible for unauthenticated attackers to approve any booking that is in 'waiting' status by sending a crafted request to the publicly-accessible admin-ajax endpoint. | ||||
| CVE-2026-27679 | 1 Sap | 3 Manage Reference Structures, S/4hana, S\/4hana | 2026-05-04 | 6.5 Medium |
| Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-22740 | 1 Vmware | 1 Spring Framework | 2026-05-04 | 6.5 Medium |
| A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully processed. This allows an attacker to consume available disk space. Older, unsupported versions are also affected. | ||||
| CVE-2026-34264 | 1 Sap | 3 Erp Human Capital Management, Human Capital Management, S\/4hana | 2026-05-04 | 6.5 Medium |
| During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information causing a high impact on confidentiality, while integrity and availability are unaffected. | ||||
| CVE-2026-22741 | 1 Vmware | 1 Spring Framework | 2026-05-04 | 3.1 Low |
| Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the application is using Spring MVC or Spring WebFlux * the application is configuring the resource chain support https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title with caching enabled * the application adds support for encoded resources resolution * the resource cache must be empty when the attacker has access to the application When all the conditions above are met, the attacker can send malicious requests and poison the resource cache with resources using the wrong encoding. This can cause a denial of service by breaking the front-end application for clients. | ||||
| CVE-2026-22745 | 2 Microsoft, Vmware | 2 Windows, Spring Framework | 2026-05-04 | 5.3 Medium |
| Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: * the application is using Spring MVC or Spring WebFlux * the application is serving static resources from the file system * the application is running on a Windows platform When all the conditions above are met, the attacker can send malicious requests that are slow to resolve and that can keep HTTP connections in use. This can cause a Denial of Service on the application. | ||||
| CVE-2026-26461 | 2026-05-04 | 6.5 Medium | ||
| A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request. | ||||
| CVE-2026-33857 | 1 Apache | 1 Apache Http Server | 2026-05-04 | 5.3 Medium |
| Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue. | ||||
| CVE-2026-32650 | 1 Anviz | 2 Anviz Crosschex Standard, Crosschex Standard | 2026-05-04 | 7.5 High |
| Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access. | ||||
| CVE-2026-40434 | 1 Anviz | 2 Anviz Crosschex Standard, Crosschex Standard | 2026-05-04 | 8.1 High |
| Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic. | ||||
| CVE-2026-24178 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 9.8 Critical |
| NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampering, information disclosure, code execution, and denial of service. | ||||
| CVE-2026-24186 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 8.8 High |
| NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution. | ||||
| CVE-2026-24204 | 3 Apple, Linux, Nvidia | 4 Macos, Linux Kernel, Flare Sdk and 1 more | 2026-05-04 | 6.5 Medium |
| NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2026-34262 | 1 Sap | 2 Hana Cockpit, Hana Database Explorer | 2026-05-04 | 5 Medium |
| Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer | ||||
| CVE-2026-31927 | 1 Anviz | 3 Anviz Cx7 Firmware, Cx7, Cx7 Firmware | 2026-05-04 | 4.9 Medium |
| Anviz CX7 Firmware is vulnerable to an authenticated CSV upload which allows path traversal to overwrite arbitrary files (e.g., /etc/shadow), enabling unauthorized SSH access when combined with debug‑setting changes | ||||
| CVE-2026-32324 | 1 Anviz | 3 Anviz Cx7 Firmware, Cx7, Cx7 Firmware | 2026-05-04 | 7.7 High |
| Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at scale. | ||||
| CVE-2026-32648 | 1 Anviz | 6 Anviz Cx2 Lite Firmware, Anviz Cx7 Firmware, Cx2 Lite and 3 more | 2026-05-04 | 5.3 Medium |
| Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY status), assisting attackers in reconnaissance against the device. | ||||
| CVE-2026-33093 | 1 Anviz | 3 Anviz Cx7 Firmware, Cx7, Cx7 Firmware | 2026-05-04 | 5.3 Medium |
| Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment. | ||||
| CVE-2026-33569 | 1 Anviz | 6 Anviz Cx2 Lite Firmware, Anviz Cx7 Firmware, Cx2 Lite and 3 more | 2026-05-04 | 6.5 Medium |
| Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to sniff credentials and session data, which can be used to compromise the device. | ||||
| CVE-2026-35061 | 1 Anviz | 3 Anviz Cx7 Firmware, Cx7, Cx7 Firmware | 2026-05-04 | 5.3 Medium |
| Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery. | ||||