Export limit exceeded: 351172 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351172 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-42030 | 2 Mapserver, Osgeo | 2 Mapserver, Mapserver | 2026-05-14 | 6.1 Medium |
| MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker to inject arbitrary HTML/JavaScript into the browser of any user who opens a crafted WMS URL. The vulnerability is triggered via FORMAT=application/openlayers combined with an unsanitized SRS parameter in WMS 1.3.0 requests. This issue has been patched in version 8.6.2. | ||||
| CVE-2026-41308 | 2 Pglombardo, Pwpush | 2 Password Pusher, Password Pusher | 2026-05-14 | 6.5 Medium |
| Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated creation of file-type pushes through a generic JSON API create path under certain configurations. This could bypass the intended authentication boundary for file push creation. This issue has been patched in versions 1.69.3 and 2.4.2. | ||||
| CVE-2026-8113 | 1 8421bit | 1 Miniclaw | 2026-05-14 | 4.3 Medium |
| A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript. Executing a manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. This patch is called e8bd4e17e9428260f2161378356affc5ce90d6ed. It is advisable to implement a patch to correct this issue. | ||||
| CVE-2026-33381 | 1 Grafana | 1 Grafana | 2026-05-14 | 5.9 Medium |
| When a user's access to mint tokens for a service account is revoked, it is sometimes still possible to do so for a few seconds after the event. The user will eventually lose access to do this. | ||||
| CVE-2026-33380 | 1 Grafana | 1 Grafana | 2026-05-14 | 6.3 Medium |
| A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem. Only instances with the sqlExpressions feature toggle enabled are vulnerable. | ||||
| CVE-2026-42557 | 1 Jupyter | 2 Jupyterlab, Notebook | 2026-05-14 | N/A |
| jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all click events on document.body and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with a pre-saved HTML cell output containing a deceptive button can trigger arbitrary JupyterLab commands - including arbitrary code execution - on a single user click, without any code being submitted for execution by the user. This vulnerability is fixed in 4.5.7. | ||||
| CVE-2026-41935 | 1 Givanz | 1 Vvveb | 2026-05-14 | 7.1 High |
| Vvveb before 1.0.8.3 contains an uncontrolled recursion vulnerability in the admin controller dispatch cycle where Base::init() repeatedly invokes permission() on error handlers, causing infinite recursion until PHP memory limits are exhausted. Attackers can send sustained requests to forbidden admin URLs from a low-privilege account to exhaust PHP memory on all workers and cause denial of service to legitimate traffic. | ||||
| CVE-2025-68421 | 1 Comarch | 1 Erp Optima | 2026-05-14 | N/A |
| Comarch ERP Optima client makes use of a hard-coded password for a database user. These credentials cannot be changed. It is possible for a remote attacker to gain an access to the database with elevated privileges including executing system commands on a server. This issue has been fixed in version 2026.4 | ||||
| CVE-2026-7413 | 1 Yarbo | 5 Firmware, Lawn Mower, Lawn Mower Firmware and 2 more | 2026-05-14 | 7.2 High |
| A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates. | ||||
| CVE-2026-8468 | 2 Elixir-plug, Plug Project | 2 Plug Cowboy, Plug | 2026-05-14 | N/A |
| Allocation of Resources Without Limits or Throttling vulnerability in plug_project plug allows denial of service via unbounded buffer accumulation in multipart header parsing. 'Elixir.Plug.Conn':read_part_headers/2 in lib/plug/conn.ex does not obey its :length parameter. There is no upper bound on the size of the accumulated buffer. By contrast, the sibling function read_part_body has an explicit byte_size(acc) > length guard that stops accumulation once a limit is reached. No such guard exists in read_part_headers. An unauthenticated remote attacker can exhaust server memory by sending a crafted multipart/form-data request, causing a denial of service. This issue affects plug from 1.4.0 before 1.15.4, 1.16.3, 1.17.1, 1.18.2, and 1.19.2. | ||||
| CVE-2026-7414 | 1 Yarbo | 5 Firmware, Lawn Mower, Lawn Mower Firmware and 2 more | 2026-05-14 | 9.8 Critical |
| Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyone who knows them. | ||||
| CVE-2026-44197 | 2 Torchbox, Wagtail | 2 Wagtail, Wagtail | 2026-05-14 | 6.5 Medium |
| Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revision compare view if they knew the primary key of two revisions. This could potentially result in disclosure of sensitive information. This vulnerability is fixed in 7.0.7, 7.3.2, and 7.4. | ||||
| CVE-2026-40369 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-05-14 | 7.8 High |
| Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40377 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-05-14 | 7.8 High |
| Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-7415 | 1 Yarbo | 5 Firmware, Lawn Mower, Lawn Mower Firmware and 2 more | 2026-05-14 | 9.8 Critical |
| The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host on the same network can subscribe to sensitive telemetry topics or publish control messages directly to the robot without authentication or authorization of any kind. | ||||
| CVE-2026-40380 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-05-14 | 6.2 Medium |
| Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack. | ||||
| CVE-2025-15024 | 2026-05-14 | 8.8 High | ||
| Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Remote Code Inclusion. This issue affects Library Automation System: from v.19.5 before v.22.1. | ||||
| CVE-2026-8295 | 1 Simdjson Project | 1 Simdjson | 2026-05-14 | 5.3 Medium |
| An integer overflow vulnerability in the simdjson document-builder API allows incorrect buffer size calculations in "string_builder::escape_and_append()" when processing very large input strings on platforms with limited "size_t" width (e.g., 32-bit builds). The overflow can cause insufficient buffer allocation, leading to out-of-bounds memory reads in SIMD routines and potentially resulting in information disclosure, memory corruption, or malformed JSON output. This vulnerability has been fixed in 4.6.4 release | ||||
| CVE-2026-34344 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-05-14 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-2347 | 1 Akilli Commerce Software Technologies Ltd. Co. | 1 E-commerce Website | 2026-05-14 | 9.8 Critical |
| Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website: before 4.5.001. | ||||