Export limit exceeded: 348112 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348112 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-36957 | 2 Dbit, Dbitnet | 3 N300 T1 Pro Easy Setup Wireless Wi‑fi Router, Dbit N300 T1 Pro, Dbit N300 T1 Pro Firmware | 2026-05-05 | 7.5 High |
| Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities. | ||||
| CVE-2026-7163 | 1 Redhat | 2 Multicluster Engine, Multicluster Engine For Kubernetes | 2026-05-05 | 6.1 Medium |
| A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace. The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode. Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters. | ||||
| CVE-2025-14576 | 2 Qt, The Qt Company | 2 Qtdeclarative, Qt | 2026-05-05 | 7.8 High |
| Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of service, information disclosure, or other impacts depending on the application's privilege level and data access. | ||||
| CVE-2026-5080 | 2 Bigpresh, Perldancer | 2 Dancer::session::abstract, Dancer\ | 2026-05-05 | 5.9 Medium |
| Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely. The session id is generated from summing the character codepoints of the absolute pathname with the process id, the epoch time and calls to the built-in rand() function to return a number between 0 and 999-billion, and concatenating that result three times. The path name might be known or guessed by an attacker, especially for applications known to be written using Dancer with standard installation locations. The epoch time can be guessed by an attacker, and may be leaked in the HTTP header. The process id comes from a small set of numbers, and workers may have sequential process ids. The built-in rand() function is seeded with 32-bits and is considered unsuitable for security applications. Predictable session ids could allow an attacker to gain access to systems. | ||||
| CVE-2026-42800 | 1 Asrmicro | 5 Asr1901, Asr1901 Firmware, Asr1903 and 2 more | 2026-05-05 | 7.4 High |
| NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files sip/utils/src/sipuri.c. | ||||
| CVE-2026-42799 | 1 Asrmicro | 3 Asr1803, Asr1803 Firmware, Kestrel | 2026-05-05 | 7.4 High |
| Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel: before 2026/02/10. | ||||
| CVE-2026-22070 | 1 Oppo | 1 Coloros Assistant | 2026-05-05 | 7.1 High |
| ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. | ||||
| CVE-2024-39847 | 1 4d | 2 4d Server, Server | 2026-05-05 | 7.5 High |
| Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services. | ||||
| CVE-2025-13030 | 1 Pylixm | 1 Django-mdeditor | 2026-05-05 | 7.1 High |
| All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload malicious files and achieve arbitrary code execution since this endpoint lacks authentication protection and proper sanitisation of file names. | ||||
| CVE-2026-1858 | 1 Gnu | 1 Wget2 | 2026-05-05 | 4.8 Medium |
| wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication. | ||||
| CVE-2018-25317 | 1 Tenda | 6 A302, A302 Firmware, W3002r and 3 more | 2026-05-05 | 9.8 Critical |
| Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers. | ||||
| CVE-2026-42365 | 2 Geovision, Geovision Inc. | 5 Gv-lpc2011, Gv-lpc2011 Firmware, Gv-lpc2211 and 2 more | 2026-05-05 | 8.6 High |
| A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability. | ||||
| CVE-2026-42366 | 2 Geovision, Geovision Inc. | 5 Gv-lpc2011, Gv-lpc2011 Firmware, Gv-lpc2211 and 2 more | 2026-05-05 | 7.4 High |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. | ||||
| CVE-2026-42368 | 2 Geovision, Geovision Inc. | 5 Gv-lpc2011, Gv-lpc2011 Firmware, Gv-lpc2211 and 2 more | 2026-05-05 | 9.9 Critical |
| A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability. | ||||
| CVE-2026-42370 | 2 Geovision, Geovision Inc. | 3 Gv-vms, Gv-vms Firmware, Gv-vms V20.0.2 | 2026-05-05 | 9 Critical |
| A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. | ||||
| CVE-2026-7371 | 2 Geovision, Geovision Inc. | 5 Gv-lpc2011, Gv-lpc2011 Firmware, Gv-lpc2211 and 2 more | 2026-05-05 | 7.4 High |
| Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. Reflected XXS via the error message for requesting non-existing page. | ||||
| CVE-2026-29169 | 2 Apache, Apache Software Foundation | 2 Http Server, Apache Http Server | 2026-05-05 | 7.5 High |
| A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.mod_dav_lock is not used internally by mod_dav or mod_dav_fs. The only known use-case for mod_dav_lock was mod_dav_svn from Apache Subversion earlier than version 1.2.0. Users are recommended to upgrade to version 2.4.66, which fixes this issue, or remove mod_dav_lock. | ||||
| CVE-2026-40950 | 1 Absolute | 1 Secure Access | 2026-05-05 | 6.5 Medium |
| CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access server prior to 14.50. Attackers with control of a modified client can send a specially crafted message to the server and cause a denial of service | ||||
| CVE-2026-40949 | 2 Absolute, Microsoft | 2 Secure Access, Windows | 2026-05-05 | 4.4 Medium |
| CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to trigger a denial of service. | ||||
| CVE-2026-33452 | 2 Absolute, Microsoft | 2 Secure Access, Windows | 2026-05-05 | 5.5 Medium |
| CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can use it to ‘blue screen’ the system. | ||||