Export limit exceeded: 364918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12155 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10775 | 2026-04-15 | 4.3 Medium | ||
| The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.4.32 via the 'pafe-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. | ||||
| CVE-2023-52968 | 1 Mariadb | 1 Mariadb | 2026-04-15 | 4.9 Medium |
| MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash. | ||||
| CVE-2025-50340 | 1 Sogo | 1 Webmail | 2026-04-15 | 4.3 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or unauthorized communication within the system. NOTE: this is disputed by the Supplier because the only effective way to prevent this sender spoofing is on the SMTP server, not within a client such as SOGo. | ||||
| CVE-2025-13209 | 1 Bestfeng | 1 Oa Git Free | 2026-04-15 | 6.3 Medium |
| A weakness has been identified in bestfeng oa_git_free up to 9.5. This affects the function updateWriteBack of the file yimioa-oa9.5\server\c-flow\src\main\java\com\cloudweb\oa\controller\WorkflowPredefineController.java. This manipulation of the argument writeProp causes xml external entity reference. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2018-25142 | 2026-04-15 | 9.8 Critical | ||
| NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE) injection vulnerability in XML preference import settings. Attackers can craft malicious XML files with DTD parameter entities to retrieve arbitrary system files through an out-of-band channel attack. | ||||
| CVE-2025-14742 | 2 Brechtvds, Wordpress | 2 Wp Recipe Maker, Wordpress | 2026-04-15 | 4.3 Medium |
| The WP Recipe Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'ajax_search_recipes' and 'ajax_get_recipe' functions in all versions up to, and including, 10.2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve sensitive recipe information including draft, pending, and private recipes that they shouldn't be able to access. | ||||
| CVE-2024-43236 | 2026-04-15 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Easy PayPal Buy Now Button.This issue affects Easy PayPal Buy Now Button: from n/a through 1.9. | ||||
| CVE-2025-24024 | 2026-04-15 | 9.1 Critical | ||
| Mjolnir is a moderation tool for Matrix. Mjolnir v1.9.0 responds to management commands from any room the bot is member of. This can allow users who aren't operators of the bot to use the bot's functions, including server administration components if enabled. Version 1.9.1 reverts the feature that introduced the bug, and version 1.9.2 reintroduces the feature safely. Downgrading to version 1.8.3 is recommended if upgrading to 1.9.1 or higher isn't possible. | ||||
| CVE-2024-46528 | 1 Kubesphere | 1 Kubesphere | 2026-04-15 | 4.3 Medium |
| An Insecure Direct Object Reference (IDOR) vulnerability in KubeSphere 4.x before 4.1.3 and 3.x through 3.4.1 and KubeSphere Enterprise 4.x before 4.1.3 and 3.x through 3.5.0 allows low-privileged authenticated attackers to access sensitive resources without proper authorization checks. | ||||
| CVE-2024-12046 | 2026-04-15 | 4.3 Medium | ||
| The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedical_elementor_template' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the content of draft, pending, and private posts. | ||||
| CVE-2024-43704 | 1 Imaginationtech | 1 Ddk | 2026-04-15 | 8.4 High |
| Software installed and run as a non-privileged user may conduct improper GPU system calls to gain access to the graphics buffers of a parent process. | ||||
| CVE-2025-23001 | 2026-04-15 | 6.1 Medium | ||
| A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host header. An attacker can manipulate the Host header in HTTP requests, which may lead to phishing attacks, reset password, or cache poisoning. NOTE: the Supplier's position is that the end user is supposed to edit the NGINX configuration template to set server_name (with this setting, Host header injection cannot occur). | ||||
| CVE-2025-34293 | 1 Miles33 | 1 Gn4 Publishing System | 2026-04-15 | N/A |
| GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference (IDOR) vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the stored password and the account's security question and answer. The exposed recovery data and encrypted password may be used to reset or take over the target account. | ||||
| CVE-2025-34226 | 1 Openplcproject | 2 Openplc, Openplc V3 | 2026-04-15 | N/A |
| OpenPLC Runtime v3 contains an input validation flaw in the /upload-program-action endpoint: the epoch_time field supplied during program uploads is not validated and can be crafted to induce corruption of the programs database. After a successful malformed upload the runtime continues to operate until a restart; on restart the runtime can fail to start because of corrupted database entries, resulting in persistent denial of service requiring complete rebase of the product to recover. This vulnerability was remediated by commit 095ee09. | ||||
| CVE-2025-66223 | 1 Openobserve | 1 Openobserve | 2026-04-15 | N/A |
| OpenObserve is a cloud-native observability platform. Prior to version 0.16.0, organization invitation tokens do not expire once issued, remain valid even after the invited user is removed from the organization, and allow multiple invitations to the same email with different roles where all issued links remain valid simultaneously. This results in broken access control where a removed or demoted user can regain access or escalate privileges. This issue has been patched in version 0.16.0. | ||||
| CVE-2024-45298 | 1 Requarks | 1 Wiki.js | 2026-04-15 | 4.3 Medium |
| Wiki.js is an open source wiki app built on Node.js. A disabled user can still gain access to a wiki by abusing the password reset function. While setting up SMTP e-mail's on my server, I tested said e-mails by performing a password reset with my test user. To my shock, not only did it let me reset my password, but after resetting my password I can get into the wiki I was locked out of. The ramifications of this bug is a user can **bypass an account disabling by requesting their password be reset**. All users of wiki.js version `2.5.303` who use any account restrictions and have disabled user are affected. This issue has been addressed in version 2.5.304 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-38660 | 2026-04-15 | 3.8 Low | ||
| Protection mechanism failure in the SPP for some Intel(R) Xeon(R) processor family (E-Core) may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-9262 | 2026-04-15 | 6.5 Medium | ||
| The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.1.1 via the getUser() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to obtain user meta values from form fields. Please note that this requires a site administrator to create a form that displays potentially sensitive information like password hashes. This may also be exploited by unauthenticated users if the 'user-meta-public-profile' shortcode is used insecurely. | ||||
| CVE-2025-32428 | 2026-04-15 | N/A | ||
| Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network. This vulnerability does not affect users having TurboVNC as the vncserver executable. This issue is fixed in 3.0.1. | ||||
| CVE-2024-22248 | 2026-04-15 | 7.1 High | ||
| VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure. | ||||