Export limit exceeded: 362659 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362659 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44877 | 2026-07-07 | 6.5 Medium | ||
| An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system. | ||||
| CVE-2026-12195 | 2026-07-07 | N/A | ||
| myVesta is affected by an authenticated remote code execution vulnerability. Low privileged users can insert arbitrary commands as a part of the v_ftp_user parameter when deleting FTP usernames. This could result in the execution of commands as the admin user or takevoer of the admin user in myVesta. | ||||
| CVE-2026-48951 | 2026-07-07 | N/A | ||
| Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components. | ||||
| CVE-2026-48953 | 2026-07-07 | N/A | ||
| Lack of escaping leads to an XSS vulnerability in the generic image output layout. | ||||
| CVE-2026-48948 | 2026-07-07 | N/A | ||
| An improper access check allows user to download vcard exports of com_contact contacts that are inaccessible. | ||||
| CVE-2026-48949 | 2026-07-07 | N/A | ||
| Lack of validation leads to an XSS vulnerability in the MFA management views. | ||||
| CVE-2026-48954 | 2026-07-07 | N/A | ||
| Improper validation leads to a generic XSS vector in the language override feature. | ||||
| CVE-2026-48955 | 2026-07-07 | N/A | ||
| An improper access check allows unauthorized users to access workflow stage and transition information. | ||||
| CVE-2026-48950 | 2026-07-07 | N/A | ||
| Lack of escaping leads to an XSS vulnerability in the file management view of com_templates. | ||||
| CVE-2026-48957 | 2026-07-07 | N/A | ||
| An improper access check allows unauthorized users to access com_privacy datasets. | ||||
| CVE-2026-48958 | 2026-07-07 | N/A | ||
| An improper access check allows unauthorized users to create custom fields via webservices endpoints. | ||||
| CVE-2026-48956 | 2026-07-07 | N/A | ||
| An improper access check allows users to display a list of modules in the frontend. | ||||
| CVE-2026-9165 | 1 Redhat | 1 Advanced Cluster Security | 2026-07-07 | 7.7 High |
| A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane. | ||||
| CVE-2026-48947 | 2026-07-07 | N/A | ||
| An improper access check allows privileged users to overwrite media files without editing permissions. | ||||
| CVE-2026-48952 | 2026-07-07 | N/A | ||
| Lack of escaping leads to an XSS vulnerability in the update list view of com_installer. | ||||
| CVE-2021-30004 | 1 W1.fi | 2 Hostapd, Wpa Supplicant | 2026-07-07 | 4.3 Medium |
| In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. | ||||
| CVE-2026-42009 | 2 Gnu, Redhat | 26 Gnutls, Ai Inference Server, Discovery and 23 more | 2026-07-07 | 7.5 High |
| A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service. | ||||
| CVE-2026-42010 | 2 Gnu, Redhat | 15 Gnutls, Ai Inference Server, Discovery and 12 more | 2026-07-07 | 7.1 High |
| A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process. | ||||
| CVE-2026-11774 | 1 Redhat | 9 Directory Server, Directory Server E4s, Enterprise Linux and 6 more | 2026-07-07 | 7.6 High |
| An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer overflow of up to approximately 2 megabytes of attacker-controlled data. After a successful SASL bind with integrity protection (SSF > 0), a remote attacker can cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, enrolled host, or service account can trigger this vulnerability over the network. This flaw is independent of CVE-2025-14905, which patched schema.c only and did not modify sasl_io.c. | ||||
| CVE-2026-11610 | 1 Redhat | 8 Directory Server, Directory Server E4s, Enterprise Linux and 5 more | 2026-07-07 | 8.8 High |
| A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer without a bounds check in sasl_io_recv() in sasl_io.c. This allows up to approximately 2 megabytes of attacker-controlled data to overflow the buffer, causing a denial of service (server crash). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, any enrolled host, or any service account can trigger this vulnerability over the network after authenticating via GSSAPI. The vulnerable code path has existed since approximately 2013 (389-ds-base 1.3.2) and was not addressed by the CVE-2025-14905 fix, which patched a separate heap overflow in schema.c only. | ||||