Search

Search Results (363807 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-48948 2026-07-07 N/A
An improper access check allows user to download vcard exports of com_contact contacts that are inaccessible.
CVE-2026-48949 2026-07-07 N/A
Lack of validation leads to an XSS vulnerability in the MFA management views.
CVE-2026-48954 2026-07-07 N/A
Improper validation leads to a generic XSS vector in the language override feature.
CVE-2026-48955 2026-07-07 N/A
An improper access check allows unauthorized users to access workflow stage and transition information.
CVE-2026-48950 2026-07-07 N/A
Lack of escaping leads to an XSS vulnerability in the file management view of com_templates.
CVE-2026-48957 2026-07-07 N/A
An improper access check allows unauthorized users to access com_privacy datasets.
CVE-2026-48958 2026-07-07 N/A
An improper access check allows unauthorized users to create custom fields via webservices endpoints.
CVE-2026-48956 2026-07-07 N/A
An improper access check allows users to display a list of modules in the frontend.
CVE-2026-9165 1 Redhat 1 Advanced Cluster Security 2026-07-07 7.7 High
A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.
CVE-2026-48947 2026-07-07 N/A
An improper access check allows privileged users to overwrite media files without editing permissions.
CVE-2026-48952 2026-07-07 N/A
Lack of escaping leads to an XSS vulnerability in the update list view of com_installer.
CVE-2026-14742 1 Langchain-ai 1 Langgraph 2026-07-07 3.1 Low
A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Result Cache. This manipulation of the argument default_cache_key causes use of weak hash. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
CVE-2021-30004 1 W1.fi 2 Hostapd, Wpa Supplicant 2026-07-07 4.3 Medium
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
CVE-2026-42009 2 Gnu, Redhat 26 Gnutls, Ai Inference Server, Discovery and 23 more 2026-07-07 7.5 High
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
CVE-2026-42010 2 Gnu, Redhat 15 Gnutls, Ai Inference Server, Discovery and 12 more 2026-07-07 7.1 High
A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
CVE-2026-11774 1 Redhat 9 Directory Server, Directory Server E4s, Enterprise Linux and 6 more 2026-07-07 7.6 High
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer overflow of up to approximately 2 megabytes of attacker-controlled data. After a successful SASL bind with integrity protection (SSF > 0), a remote attacker can cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, enrolled host, or service account can trigger this vulnerability over the network. This flaw is independent of CVE-2025-14905, which patched schema.c only and did not modify sasl_io.c.
CVE-2026-11610 1 Redhat 8 Directory Server, Directory Server E4s, Enterprise Linux and 5 more 2026-07-07 8.8 High
A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). After a successful SASL bind with integrity protection (SSF > 0), an authenticated attacker can send a specially crafted oversized LDAP UNBIND packet that is copied into a 512-byte heap receive buffer without a bounds check in sasl_io_recv() in sasl_io.c. This allows up to approximately 2 megabytes of attacker-controlled data to overflow the buffer, causing a denial of service (server crash). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, any enrolled host, or any service account can trigger this vulnerability over the network after authenticating via GSSAPI. The vulnerable code path has existed since approximately 2013 (389-ds-base 1.3.2) and was not addressed by the CVE-2025-14905 fix, which patched a separate heap overflow in schema.c only.
CVE-2022-30065 2 Busybox, Siemens 13 Busybox, Scalance Sc622-2c, Scalance Sc622-2c Firmware and 10 more 2026-07-07 7.8 High
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
CVE-2026-12866 1 Silentmatt 1 Expr-eval 2026-07-07 9.8 Critical
All versions of the package expr-eval are vulnerable to Code Execution via the toJSFunction() API. An attacker can execute arbitrary JavaScript by supplying crafted expressions that are compiled into native code using new Function(). Because user-controlled expressions are transformed directly into executable JavaScript, attackers can escape the intended expression sandbox and run arbitrary code within the application's context.
CVE-2025-59617 1 Qualcomm 1 Snapdragon 2026-07-07 6.6 Medium
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.