Export limit exceeded: 347143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347143 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42035 | 1 Axios | 1 Axios | 2026-04-28 | 7.4 High |
| Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in the Axios HTTP adapter (lib/adapters/http.js) that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toStringTag, Axios misidentifies any plain object payload as a FormData instance and calls the attacker-controlled getHeaders() function, merging the returned headers into the outgoing request. The vulnerable code resides exclusively in lib/adapters/http.js. The prototype pollution source does not need to originate from Axios itself — any prototype pollution primitive in any dependency in the application's dependency tree is sufficient to trigger this gadget. This vulnerability is fixed in 1.15.1 and 0.31.1. | ||||
| CVE-2026-42037 | 1 Axios | 1 Axios | 2026-04-28 | 5.3 Medium |
| Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToStream.js interpolates value.type directly into the Content-Type header of each multipart part without sanitizing CRLF (\r\n) sequences. An attacker who controls the .type property of a Blob/File-like object (e.g., via a user-uploaded file in a Node.js proxy service) can inject arbitrary MIME part headers into the multipart form-data body. This bypasses Node.js v18+ built-in header protections because the injection targets the multipart body structure, not HTTP request headers. This vulnerability is fixed in 1.15.1. | ||||
| CVE-2026-42042 | 1 Axios | 1 Axios | 2026-04-28 | 5.4 Medium |
| Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict boolean comparison for the withXSRFToken config property. When this property is set to any truthy non-boolean value (via prototype pollution or misconfiguration), the same-origin check (isURLSameOrigin) is short-circuited, causing XSRF tokens to be sent to all request targets including cross-origin servers controlled by an attacker. This vulnerability is fixed in 1.15.1 and 0.31.1. | ||||
| CVE-2026-7219 | 1 Totolink | 2 N300rt, N300rt Firmware | 2026-04-28 | 7.2 High |
| A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the argument entry_name can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2026-42171 | 1 Nullsoft | 1 Nullsoft Scriptable Install System | 2026-04-28 | 7.8 High |
| NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTempFileName to return 0, as shown in the references). | ||||
| CVE-2026-6993 | 1 Go-kratos | 1 Kratos | 2026-04-28 | 5.3 Medium |
| A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux Fallback Handler. The manipulation results in unintended intermediary. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The patch is identified as 0284a5bcf92b5a7ee015300ce3051baf7ae4718d. Applying a patch is advised to resolve this issue. | ||||
| CVE-2026-7230 | 2026-04-28 | 4.3 Medium | ||
| A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used. | ||||
| CVE-2026-42254 | 1 Hickory Project | 1 Hickory Dns | 2026-04-28 | 4 Medium |
| Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response. | ||||
| CVE-2026-7033 | 1 Tenda | 1 F456 | 2026-04-28 | 8.8 High |
| A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-3867 | 1 Moxa | 2 Edr-8010 Series, Edr-g9010 Series | 2026-04-28 | N/A |
| An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information. Exploitation is only possible under a specific condition — when the configuration file has been exported. This vulnerability does not impact the integrity or availability of the affected product, and no confidentiality, integrity, or availability impact to the subsequent system has been identified. | ||||
| CVE-2026-41990 | 1 Gnupg | 1 Libgcrypt | 2026-04-28 | 4 Medium |
| Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data. | ||||
| CVE-2026-7118 | 1 Code-projects | 1 Employee Management System | 2026-04-28 | 6.3 Medium |
| A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7202 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-41462 | 1 Projeqtor | 1 Projeqtor | 2026-04-28 | 9.8 Critical |
| ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inject arbitrary SQL expressions through the username field at the authentication endpoint to create privileged accounts, read sensitive data, and execute operating system commands if the database user has elevated permissions. | ||||
| CVE-2026-7141 | 1 Vllm | 1 Vllm | 2026-04-28 | 5.6 Medium |
| A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component KV Block Handler. Performing a manipulation results in uninitialized resource. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The patch is named 1ad67864c0c20f167929e64c875f5c28e1aad9fd. To fix this issue, it is recommended to deploy a patch. | ||||
| CVE-2026-7203 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-28 | 9.8 Critical |
| A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-7218 | 1 Totolink | 2 N300rt, N300rt Firmware | 2026-04-28 | 7.2 High |
| A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so. Performing a manipulation of the argument localPin results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2025-24109 | 1 Apple | 1 Macos | 2026-04-28 | 9.8 Critical |
| A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data. | ||||
| CVE-2025-24152 | 1 Apple | 1 Macos | 2026-04-28 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2025-24129 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-28 | 7.5 High |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may cause an unexpected app termination. | ||||