Export limit exceeded: 29888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342740 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342740 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13044 | 1 Ibm | 1 Concert | 2026-04-07 | 6.2 Medium |
| IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2025-70128 | 1 Pluxml | 1 Pluxml | 2026-04-07 | 6.1 Medium |
| A Stored Cross-Site Scripting (XSS) vulnerability exists in the PluXml article comments feature for PluXml versions 5.8.22 and earlier. The application fails to properly sanitize or validate user-supplied input in the "link" field of a comment. An attacker can inject arbitrary JavaScript code using a <script> element. The injected payload is stored in the database and subsequently rendered in the Administration panel's "Comments" section when administrators review submitted comments. Importantly, the malicious script is not reflected in the public-facing comments interface, but only within the backend administration view. Alternatively, users of Administrator, Moderator, Manager roles can also directly input crafted payloads into existing comments. This makes the vulnerability a persistent XSS issue targeting administrative users. This affects /core/admin/comments.php, while CVE-2022-24585 affects /core/admin/comment.php, a uniquely distinct vulnerability. | ||||
| CVE-2025-70129 | 1 Pluxml | 1 Pluxml | 2026-04-07 | 5.3 Medium |
| If the anti spam-captcha functionality in PluXml versions 5.8.22 and earlier is enabled, a captcha challenge is generated with a format that can be automatically recognized for articles, such that an automated script is able to solve this anti-spam mechanism trivially and publish spam comments. The details of captcha challenge are exposed within document body of articles with comments & anti spam-captcha functionalities enabled, including "capcha-letter", "capcha-word" and "capcha-token" which can be used to construct a valid post request to publish a comment. As such, attackers can flood articles with automated spam comments, especially if there are no other web defenses available. | ||||
| CVE-2025-67298 | 1 Classroomio | 1 Classroomio | 2026-04-07 | 8.1 High |
| An issue in ClasroomIO before v.0.2.6 allows a remote attacker to escalate privileges via the endpoints /api/verify and /rest/v1/profile | ||||
| CVE-2019-25536 | 1 Netartmedia | 2 Php Real Estate Agency, Real Estate Portal | 2026-04-07 | 8.2 High |
| Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features[] parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features[] parameter to extract sensitive database information or manipulate database queries. | ||||
| CVE-2026-4193 | 2 D-link, Dlink | 3 Dir-823g, Dir-823g, Dir-823g Firmware | 2026-04-07 | 7.3 High |
| A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function GetDDNSSettings/GetDeviceDomainName/GetDeviceSettings/GetDMZSettings/GetFirewallSettings/GetGuestNetworkSettings/GetLanWanConflictInfo/GetLocalMacAddress/GetNetworkSettings/GetQoSSettings/GetRouterInformationSettings/GetRouterLanSettings/GetWanSettings/SetAccessCtlList/SetAccessCtlSwitch/SetDeviceSettings/SetGuestWLanSettings/SetIPv4FirewallSettings/SetNetworkSettings/SetNetworkTomographySettings/SetNTPServerSettings/SetRouterLanSettings/SetStaticClientInfo/SetStaticRouteSettings/SetWLanRadioSecurity/SetWPSSettings/UpdateClientInfo of the component goahead. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-3227 | 2 Tp-link, Tp Link | 7 Tl-wr802n, Tl-wr802n Firmware, Tl-wr840n and 4 more | 2026-04-07 | 6.8 Medium |
| A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privileges during port-trigger processing. Successful exploitation allows an authenticated attacker to execute system commands with root privileges, leading to full device compromise. | ||||
| CVE-2026-30405 | 1 Osrg | 1 Gobgp | 2026-04-07 | 7.5 High |
| An issue in GoBGP gobgpd v.4.2.0 allows a remote attacker to cause a denial of service via the NEXT_HOP path attribute | ||||
| CVE-2026-21991 | 2 Oracle, Oracle Corporation | 2 Linux, Oracle Linux | 2026-04-07 | 5.5 Medium |
| A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names. | ||||
| CVE-2026-3237 | 1 Octopus | 1 Octopus Server | 2026-04-07 | 4.3 Medium |
| In affected versions of Octopus Server it was possible for a low privileged user to manipulate an API request to change the signing key expiration and revocation time frames via an API endpoint that had incorrect permission validation. It was not possible to expose the signing keys using this vulnerability. | ||||
| CVE-2025-15554 | 1 Truesec | 1 Lapswebui | 2026-04-07 | 7.8 High |
| Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords. | ||||
| CVE-2026-20993 | 1 Samsung | 2 Assistant, Samsung Assistant | 2026-04-07 | 5.5 Medium |
| Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. | ||||
| CVE-2026-21000 | 1 Samsung | 1 Galaxy Store | 2026-04-07 | 5.5 Medium |
| Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||||
| CVE-2026-21001 | 1 Samsung | 1 Galaxy Store | 2026-04-07 | 5.5 Medium |
| Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. | ||||
| CVE-2026-21002 | 1 Samsung | 1 Galaxy Store | 2026-04-07 | 5.5 Medium |
| Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. | ||||
| CVE-2026-28766 | 1 Gardyn | 1 Cloud Api | 2026-04-06 | 9.3 Critical |
| A specific endpoint exposes all user account information for registered Gardyn users without requiring authentication. | ||||
| CVE-2026-25197 | 1 Gardyn | 1 Cloud Api | 2026-04-06 | 9.1 Critical |
| A specific endpoint allows authenticated users to pivot to other user profiles by modifying the id number in the API call. | ||||
| CVE-2025-10681 | 1 Gardyn | 2 Cloud Api, Mobile Application | 2026-04-06 | 8.6 High |
| Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers. | ||||
| CVE-2026-22661 | 1 F | 1 Prompts.chat | 2026-04-06 | 8.1 High |
| prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can exploit missing server-side filename validation to inject path traversal sequences ../ into skill file archives, which when extracted by vulnerable tools write files outside the intended directory and overwrite shell initialization files to achieve code execution. | ||||
| CVE-2026-22662 | 1 F | 1 Prompts.chat | 2026-04-06 | 4.3 Medium |
| prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in the Wiro media generator that allows authenticated users to perform server-side fetches of user-controlled inputImageUrl parameters. Attackers can exploit this vulnerability by sending POST requests to the /api/media-generate endpoint to probe internal networks, access internal services, and exfiltrate data through the upstream Wiro service without receiving direct response bodies. | ||||