Export limit exceeded: 345243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345243 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345243 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24805 | 1 Visualfc | 1 Liteide | 2026-04-18 | N/A |
| NULL Pointer Dereference vulnerability in visualfc liteide (liteidex/src/3rdparty/libvterm/src modules). This vulnerability is associated with program files screen.C, state.C, vterm.C. This issue affects liteide: before x38.4. | ||||
| CVE-2026-24806 | 1 Liuyueyi | 1 Quick-media | 2026-04-18 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media: before v1.0. | ||||
| CVE-2026-24807 | 1 Liuyueyi | 1 Quick-media | 2026-04-18 | N/A |
| Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media: before v1.0. | ||||
| CVE-2026-24808 | 1 Rawtherapee | 1 Rawtherapee | 2026-04-18 | N/A |
| Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11. | ||||
| CVE-2026-24809 | 1 Praydog | 1 Reframework | 2026-04-18 | N/A |
| An issue from the component luaG_runerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs. | ||||
| CVE-2026-24811 | 2 Riot Project, Root | 2 Riot, Root | 2026-04-18 | 9.8 Critical |
| Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inffast.C. This issue affects root. | ||||
| CVE-2026-24812 | 1 Riot Project | 1 Riot | 2026-04-18 | N/A |
| Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1. | ||||
| CVE-2026-24815 | 1 Datavane | 1 Tis | 2026-04-18 | N/A |
| Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0. | ||||
| CVE-2026-24816 | 1 Datavane | 1 Tis | 2026-04-18 | N/A |
| Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0. | ||||
| CVE-2026-24819 | 1 Foxinmy | 1 Weixin4j | 2026-04-18 | N/A |
| Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j. | ||||
| CVE-2026-24821 | 1 Turanszkij | 1 Wickedengine | 2026-04-18 | N/A |
| Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727. | ||||
| CVE-2026-24823 | 1 Fastshift | 1 X-track | 2026-04-18 | N/A |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7. | ||||
| CVE-2026-24345 | 2 Actions-micro, Nimbletech | 4 Ezcast Pro Ii, Ezcast Pro Ii Firmware, Ezcast Pro Dongle Ii and 1 more | 2026-04-18 | 8.8 High |
| Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI | ||||
| CVE-2026-24828 | 1 Is-daouda | 1 Is-engine | 2026-04-18 | 7.5 High |
| Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4. | ||||
| CVE-2026-24830 | 1 Ralim | 1 Ironos | 2026-04-18 | 9.8 Critical |
| Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2. | ||||
| CVE-2026-24831 | 1 Ixray-team | 2 Ix-ray Engine 1.6, Ixray | 2026-04-18 | 7.5 High |
| Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. | ||||
| CVE-2026-24832 | 1 Ixray-team | 2 Ix-ray Engine 1.6, Ixray | 2026-04-18 | 9.8 Critical |
| Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. | ||||
| CVE-2026-24870 | 1 Ixray-team | 2 Ix-ray Engine 1.6, Ixray | 2026-04-18 | 3.7 Low |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. | ||||
| CVE-2026-24875 | 1 Yoyofr | 1 Modizer | 2026-04-18 | 7.8 High |
| Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1. | ||||
| CVE-2026-22795 | 1 Openssl | 1 Openssl | 2026-04-18 | 5.5 Medium |
| Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS#12 file. Impact summary: An application processing a malformed PKCS#12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type confusion vulnerability exists in PKCS#12 parsing code where an ASN1_TYPE union member is accessed without first validating the type, causing an invalid pointer read. The location is constrained to a 1-byte address space, meaning any attempted pointer manipulation can only target addresses between 0x00 and 0xFF. This range corresponds to the zero page, which is unmapped on most modern operating systems and will reliably result in a crash, leading only to a Denial of Service. Exploiting this issue also requires a user or application to process a maliciously crafted PKCS#12 file. It is uncommon to accept untrusted PKCS#12 files in applications as they are usually used to store private keys which are trusted by definition. For these reasons, the issue was assessed as Low severity. The FIPS modules in 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the PKCS12 implementation is outside the OpenSSL FIPS module boundary. OpenSSL 3.6, 3.5, 3.4, 3.3, 3.0 and 1.1.1 are vulnerable to this issue. OpenSSL 1.0.2 is not affected by this issue. | ||||