Search Results (12743 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-12304 1 Time-sea-plus 1 Time-sea-plus 2026-04-15 4.3 Medium
A vulnerability has been found in dulaiduwang003 TIME-SEA-PLUS up to fb299162f18498dd9cf17da906886d80a077d53b. This affects the function alipayIsSucceed of the file PayController.java of the component Order Status Handler. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
CVE-2025-11852 1 Apeman 1 Apeman 2026-04-15 5.3 Medium
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown function of the file /onvif/device_service of the component ONVIF Service. Performing manipulation results in missing authentication. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-31512 2026-04-15 7.3 High
An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval via isAddedByApprover in a Request%20Building%20Access requestSubmit API call. The vendor has stated that the system is protected by updating to a version equal to or greater than one of the following build numbers: 4.1.12.2.1.19, 4.1.12.5.2.36, 4.1.13.0.60, 4.1.13.2.0.3.39, 4.1.13.2.0.3.41, 4.1.13.2.42, 4.1.13.2.25.44, 4.1.14.0.13, 4.1.14.0.43, 4.1.14.0.48, and 4.1.14.1.5.32.
CVE-2024-46941 2026-04-15 N/A
SystemUI has an incorrect component protection setting, which allows access to specific information.
CVE-2024-50641 2026-04-15 8.1 High
An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker can exploit this vulnerability to access API without any token.
CVE-2025-8265 1 299ko 1 Cms 2026-04-15 4.7 Medium
A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-47533 1 Cobbler Project 1 Cobbler 2026-04-15 9.8 Critical
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. `utils.get_shared_secret()` always returns `-1`, which allows anyone to connect to cobbler XML-RPC as user `''` password `-1` and make any changes. This gives anyone with network access to a cobbler server full control of the server. Versions 3.2.3 and 3.3.7 fix the issue.
CVE-2025-69257 2026-04-15 6.7 Medium
theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.1.1, the application loads custom Python rules and configuration files from user-writable locations (e.g., `~/.config/theshit/`) without validating ownership or permissions when executed with elevated privileges. If the tool is invoked with `sudo` or otherwise runs with an effective UID of root, it continues to trust configuration files originating from the unprivileged user's environment. This allows a local attacker to inject arbitrary Python code via a malicious rule or configuration file, which is then executed with root privileges. Any system where this tool is executed with elevated privileges is affected. In environments where the tool is permitted to run via `sudo` without a password (`NOPASSWD`), a local unprivileged user can escalate privileges to root without additional interaction. The issue has been fixed in version 0.1.1. The patch introduces strict ownership and permission checks for all configuration files and custom rules. The application now enforces that rules are only loaded if they are owned by the effective user executing the tool. When executed with elevated privileges (`EUID=0`), the application refuses to load any files that are not owned by root or that are writable by non-root users. When executed as a non-root user, it similarly refuses to load rules owned by other users. This prevents both vertical and horizontal privilege escalation via execution of untrusted code. If upgrading is not possible, users should avoid executing the application with `sudo` or as the root user. As a temporary mitigation, ensure that directories containing custom rules and configuration files are owned by root and are not writable by non-root users. Administrators may also audit existing custom rules before running the tool with elevated privileges.
CVE-2024-36444 1 Swissphone 1 Dical-red 4009 2026-04-15 8.1 High
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs.
CVE-2024-36438 1 Elinksmart 1 Smart Cabinet Lock 2026-04-15 7.3 High
eLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control and fails to perform an authorization check which can lead to card duplication and other attacks.
CVE-2024-36441 1 Swissphone 1 Dical-red 4009 2026-04-15 5.4 Medium
Swissphone DiCal-RED 4009 devices allow an unauthenticated attacker use a port-2101 TCP connection to gain access to operation messages that are received by the device.
CVE-2024-36443 2026-04-15 7.6 High
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain read access to almost the whole file system via anonymous FTP.
CVE-2024-4225 2026-04-15 7.6 High
Multiple security vulnerabilities has been discovered in web interface of NetGuardian DIN Remote Telemetry Unit (RTU), by DPS Telecom. Attackers can exploit those security vulnerabilities to perform critical actions such as escalate user's privilege, steal user's credential, Cross Site Scripting (XSS) and Cross-Site Request Forgery (CSRF).
CVE-2025-61673 1 Aiven 2 Aiven, Karapace 2026-04-15 8.6 High
Karapace is an open-source implementation of Kafka REST and Schema Registry. Versions 5.0.0 and 5.0.1 contain an authentication bypass vulnerability when configured to use OAuth 2.0 Bearer Token authentication. If a request is sent without an Authorization header, the token validation logic is skipped entirely, allowing an unauthenticated user to read and write to Schema Registry endpoints that should otherwise be protected. This effectively renders the OAuth authentication mechanism ineffective. This issue is fixed in version 5.0.2.
CVE-2024-41934 2026-04-15 5.9 Medium
Improper access control in some Intel(R) GPA software before version 2024.3 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2025-10116 2026-04-15 7.3 High
A vulnerability was identified in SiempreCMS up to 1.3.6. This vulnerability affects unknown code of the file /docs/admin/file_upload.php. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit is publicly available and might be used.
CVE-2025-63422 1 Each Italy 1 Wireless Mini Router 2026-04-15 7.5 High
Incorrect access control in the Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to arbitrarily change the administrator username and password via sending a crafted GET request.
CVE-2024-36532 1 Openkruise 1 Kruise 2026-04-15 10 Critical
Insecure permissions in kruise v1.6.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
CVE-2025-20131 1 Cisco 1 Identity Services Engine Software 2026-04-15 4.9 Medium
A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload using the Cisco ISE GUI. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
CVE-2024-57491 2026-04-15 8.8 High
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function.