Export limit exceeded: 347858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347858 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347858 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-36956 | 1 Dbit | 1 N300 T1 Pro Wireless Router | 2026-05-02 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-36960 | 1 U-speed | 1 N300 Router | 2026-05-02 | 8.8 High |
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-36959 | 1 U-speed | 1 N300 Router | 2026-05-02 | 7.5 High |
| U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication attempts, enabling brute-force attacks against the administrator account and potential unauthorized access to the router management interface. | ||||
| CVE-2026-36757 | 1 Halo | 1 Halo | 2026-05-02 | 4.3 Medium |
| A Server-Side Request Forgery (SSRF) in the /plugins/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36759 | 1 Halo | 1 Halo | 2026-05-02 | 6.5 Medium |
| A Server-Side Request Forgery (SSRF) in the /themes/{name}/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36760 | 1 Thinkgem | 1 Jeesite | 2026-05-02 | 9.6 Critical |
| An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled. | ||||
| CVE-2026-36764 | 1 Chillzhuang | 1 Springblade | 2026-05-02 | 5 Medium |
| A Server-Side Request Forgery (SSRF) in the /ureport/datasource/testConnection endpoint of SpringBlade v4.8.0 allows authenticated attackers to scan internal resources via a crafted GET request. | ||||
| CVE-2026-36767 | 1 Shopizer | 1 Shopizer | 2026-05-02 | 10 Critical |
| A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request. | ||||
| CVE-2026-36762 | 1 Thinkgem | 1 Jeesite | 2026-05-02 | N/A |
| An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations. | ||||
| CVE-2026-36766 | 1 Shopizer | 1 Shopizer | 2026-05-02 | 5.4 Medium |
| Multiple authenticated cross-site scripting (XSS) vulnerabilities in the XssHttpServletRequestWrapper class of shopizer v3.2.5 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the getInputStream() or getReader() functions. | ||||
| CVE-2025-46115 | 1 Open5gs | 1 Open5gs | 2026-05-02 | N/A |
| An issue in open5gs v.2.7.3 allows a remote attacker to cause a denial of service via a crafted PDU Session Modification Request | ||||
| CVE-2025-56568 | 1 Open5gs | 1 Open5gs | 2026-05-02 | N/A |
| Assertion failure vulnerability in the PCO (Protocol Configuration Options) parser in the SMF (Session Management Function) component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol configuration data. | ||||
| CVE-2026-6870 | 1 Wireshark | 1 Wireshark | 2026-05-02 | 5.5 Medium |
| GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6526 | 1 Wireshark | 1 Wireshark | 2026-05-02 | 5.5 Medium |
| RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | ||||
| CVE-2026-6531 | 1 Wireshark | 1 Wireshark | 2026-05-02 | 5.5 Medium |
| SANE protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-41882 | 1 Jetbrains | 1 Intellij Idea | 2026-05-02 | 7.4 High |
| In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server | ||||
| CVE-2026-5404 | 1 Wireshark | 1 Wireshark | 2026-05-02 | 4.7 Medium |
| K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-43001 | 1 Openstack | 1 Keystone | 2026-05-02 | 7.9 High |
| An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted application credential for project A to create an EC2 credential targeting project B; a subsequent /v3/ec2tokens exchange would then issue a Keystone token scoped to project B while still carrying the original app_cred_id, enabling cross-project lateral movement within the credential owner's role footprint. | ||||
| CVE-2026-42474 | 2026-05-02 | 6.5 Medium | ||
| SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted `data` array to the data function in BuildHelper.php. | ||||
| CVE-2026-37457 | 1 Frrouting | 1 Frrouting | 2026-05-02 | 7.5 High |
| An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component. | ||||