Export limit exceeded: 359701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359701 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-12812 | 1 Radware | 1 Cyber Controller | 2026-06-21 | 3.5 Low |
| A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12811 | 1 Kortix-ai | 1 Suna | 2026-06-21 | 4.3 Medium |
| A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.8.39 can resolve this issue. This patch is called f5dec7aa0c1b8fa0125938f292c0f2430ca75f6c. It is advisable to upgrade the affected component. The researcher explains: "The issue was fixed in v0.8.39 without notifying the wider user base via a security disclosure." | ||||
| CVE-2026-12809 | 1 Edimax | 1 Br-6478ac V2 | 2026-06-21 | 6.3 Medium |
| A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz_5in1_redirect of the file /goform/wiz_5in1_redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-12806 | 1 Edimax | 1 Br-6478ac V2 | 2026-06-21 | 8.8 High |
| A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-71378 | 2 Mmaitre314, Picklescan | 2 Picklescan, Picklescan | 2026-06-21 | 8.1 High |
| picklescan before 0.0.30 fails to detect cProfile.runctx function calls in pickle file reduce methods, allowing attackers to execute arbitrary code. Malicious pickle files bypass picklescan detection and execute remote code when loaded via pickle.load(). | ||||
| CVE-2026-56406 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 6.9 Medium |
| libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse. | ||||
| CVE-2026-56412 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 4.9 Medium |
| libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219. | ||||
| CVE-2026-56403 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 6.9 Medium |
| libexpat before 2.8.2 has an integer overflow in storeAtts. | ||||
| CVE-2026-56405 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 6.9 Medium |
| libexpat before 2.8.2 has an integer overflow in getAttributeId. | ||||
| CVE-2026-56411 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 6.9 Medium |
| xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. | ||||
| CVE-2026-56404 | 1 Libexpat Project | 1 Libexpat | 2026-06-21 | 6.9 Medium |
| libexpat before 2.8.2 has an integer overflow in addBinding. | ||||
| CVE-2026-56397 | 1 B3log | 1 Siyuan | 2026-06-21 | 9.6 Critical |
| SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious package authors to inject arbitrary HTML and JavaScript. Attackers can achieve remote code execution on any user browsing the Bazaar by embedding XSS payloads in package displayName, description, or README fields, exploiting Electron's nodeIntegration setting to execute OS commands. | ||||
| CVE-2026-56396 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-06-21 | 8.8 High |
| phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to escalate privileges. Non-SuperAdmin users with edit_user permission can set is_superadmin flag or grant arbitrary rights to escalate to SuperAdmin access. | ||||
| CVE-2026-56394 | 1 Juzaweb | 1 Cms | 2026-06-21 | 6.5 Medium |
| Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the extension parameter is not validated before file existence checks. Attackers can bypass extension validation by passing traversal sequences that resolve to existing SVG files, allowing local file read access. | ||||
| CVE-2026-56384 | 1 Juzaweb | 1 Cms | 2026-06-21 | 4.3 Medium |
| Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user without permission to view a target private asset can call the endpoint with an attacker-controlled assetId and receive preview HTML containing a signed fallback transform preview link for that private asset, because no asset-view permission check is performed before preview generation. This affects versions >= 4.0.0-RC1, <= 4.17.7 and >= 5.0.0-RC1, <= 5.9.13, and is fixed in 4.17.8 and 5.9.14. | ||||
| CVE-2026-56383 | 1 Juzaweb | 1 Cms | 2026-06-21 | 4.8 Medium |
| Craft CMS contains a stored cross-site scripting (XSS) vulnerability in the editableTable.twig component when using the 'Row Heading' column type. The application fails to sanitize input within row heading default values, allowing an attacker with an administrator account (with allowAdminChanges enabled) to inject arbitrary JavaScript that executes when another user views a page containing the affected table field. Affected versions are >= 4.5.0-beta.1 through 4.16.18 and >= 5.0.0-RC1 through 5.8.22; fixed in 4.16.19 and 5.8.23. | ||||
| CVE-2026-56381 | 1 Juzaweb | 1 Cms | 2026-06-21 | 4.8 Medium |
| Craft CMS from version 5.0.0-RC1 contains a stored cross-site scripting vulnerability in the User Permissions page where user group names are rendered without proper HTML escaping. Attackers with admin access can inject arbitrary JavaScript via the user group name field that executes when other users view or edit permissions. | ||||
| CVE-2026-56316 | 2026-06-21 | 5.3 Medium | ||
| Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/* endpoint that allows unauthenticated attackers to enumerate valid builder job IDs through observable response discrepancies. Attackers can probe the endpoint without authentication to distinguish valid job IDs from invalid ones and generate sustained unauthenticated traffic for resource consumption. | ||||
| CVE-2026-56299 | 2026-06-21 | 5.3 Medium | ||
| Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid credentials, enabling trivial request flooding and denial of service. | ||||
| CVE-2026-56253 | 2026-06-21 | 7.5 High | ||
| Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that allows unauthenticated attackers to enumerate organization members. Attackers can invoke the endpoint using only the public sb_publishable_* key and an organization UUID to retrieve sensitive member information including email addresses, user IDs, roles, and pending invitations. | ||||