Search Results (12168 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-30129 1 Hcltech 1 Hcl Nomad 2026-04-15 5.3 Medium
The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
CVE-2024-45289 1 Freebsd 1 Freebsd 2026-04-15 7.5 High
The fetch(3) library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch(1) to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a certificate included in the revocation file passed to the --crl option.
CVE-2025-11321 1 Zhuimengshaonian 1 Wisdom-education 2026-04-15 4.3 Medium
A vulnerability was detected in zhuimengshaonian wisdom-education up to 1.0.4. The affected element is an unknown function of the file src/main/java/com/education/api/controller/student/WrongBookController.java. Performing manipulation of the argument subjectId results in authorization bypass. The attack can be initiated remotely. The exploit is now public and may be used.
CVE-2025-3114 2026-04-15 N/A
Code Execution via Malicious Files: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise. Sandbox Bypass Vulnerability: A flaw in the TERR security mechanism allows attackers to bypass sandbox restrictions, enabling the execution of untrusted code without appropriate controls.
CVE-2024-28287 2026-04-15 7.3 High
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows attackers to redirect users to malicious sites via a crafted URL.
CVE-2024-10666 2026-04-15 4.3 Medium
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the [etf] shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.
CVE-2025-24302 1 Intel 1 Tinycbor 2026-04-15 6.7 Medium
Uncontrolled recursion for some TinyCBOR libraries maintained by Intel(R) before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-2493 2026-04-15 7.5 High
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.1-00.
CVE-2025-24511 2 Intel, Linux 3 Ethernet I350 Series, I350, Linux Kernel 2026-04-15 3.3 Low
Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via data exposure.
CVE-2024-10667 1 Wordpress 1 Wordpress 2026-04-15 4.3 Medium
The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1.5 via the [csb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.
CVE-2025-50340 1 Sogo 1 Webmail 2026-04-15 4.3 Medium
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or unauthorized communication within the system. NOTE: this is disputed by the Supplier because the only effective way to prevent this sender spoofing is on the SMTP server, not within a client such as SOGo.
CVE-2024-10497 2026-04-15 8.8 High
CWE-639: Authorization Bypass Through User-Controlled Key vulnerability exists that could allow an authorized attacker to modify values outside those defined by their privileges (Elevation of Privileges) when the attacker sends modified HTTPS requests to the device.
CVE-2024-13887 2026-04-15 5.3 Medium
The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.14 via the 'ajax_listing_submit_image_upload' function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to add arbitrary images to listings.
CVE-2025-32428 2026-04-15 N/A
Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network. This vulnerability does not affect users having TurboVNC as the vncserver executable. This issue is fixed in 3.0.1.
CVE-2024-13373 1 Wordpress 1 Wordpress 2026-04-15 8.1 High
The Exertio Framework plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.1. This is due to the plugin not properly validating a user's identity prior to updating their password through the fl_forgot_pass_new() function. This makes it possible for unauthenticated attackers to change arbitrary user's passwords, including administrators, and leverage that to gain access to their account.
CVE-2023-51803 1 Linuxserver 1 Heimdall Application Dashboard 2026-04-15 9.8 Critical
LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such as the "<?php ?>" substring.
CVE-2024-13040 2026-04-15 8.8 High
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation.
CVE-2023-49110 1 Kiuwan 2 Local Analyzer, Sast 2026-04-15 7.2 High
When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web application (either on-premises or cloud/SaaS solution), the transmitted data consists of a ZIP archive containing several files, some of them in the XML file format. During Kiuwan's server-side processing of these XML files, it resolves external XML entities, resulting in a XML external entity injection attack. An attacker with privileges to scan source code within the "Code Security" module is able to extract any files of the operating system with the rights of the application server user and is potentially able to gain sensitive files, such as configuration and passwords. Furthermore, this vulnerability also allows an attacker to initiate connections to internal systems, e.g. for port scans or accessing other internal functions / applications such as the Wildfly admin console of Kiuwan. This issue affects Kiuwan SAST: <master.1808.p685.q13371
CVE-2025-12903 3 Mrclayton, Woocommerce, Wordpress 3 Payment Plugins Braintree For Woocommerce, Woocommerce, Wordpress 2026-04-15 7.5 High
The Payment Plugins Braintree For WooCommerce plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the wc-braintree/v1/3ds/vaulted_nonce REST API endpoint in all versions up to, and including, 3.2.78. This is due to the endpoint being registered with permission_callback set to __return_true and processing user-supplied token IDs without verifying ownership or authentication. This makes it possible for unauthenticated attackers to retrieve payment method nonces for any stored payment token in the system, which can be used to create fraudulent transactions, charge customer credit cards, or attach payment methods to other subscriptions.
CVE-2024-25657 1 Avsystem 1 Unified Management Platform 2026-04-15 5.4 Medium
An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS could allow attackers to redirect authenticated users to malicious websites.