Search Results (46053 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-30177 1 Apache 1 Camel 2025-04-15 6.5 Medium
Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the "out" direction, while it doesn't filter the "in" direction. This allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.
CVE-2020-36618 1 Furqansofware 1 Node Whois 2025-04-15 6.3 Medium
A vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252.
CVE-2020-36619 1 Multimon-ng Project 1 Multimon-ng 2025-04-15 5.5 Medium
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.
CVE-2025-28395 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-04-15 7.1 High
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
CVE-2025-28398 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-04-15 7.1 High
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
CVE-2022-47938 1 Linux 1 Linux Kernel 2025-04-15 6.5 Medium
An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2misc.c has an out-of-bounds read and OOPS for SMB2_TREE_CONNECT.
CVE-2023-36785 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-36417 1 Microsoft 2 Ole Db Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft SQL OLE DB Remote Code Execution Vulnerability
CVE-2023-36576 1 Microsoft 9 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 6 more 2025-04-14 5.5 Medium
Windows Kernel Information Disclosure Vulnerability
CVE-2023-36577 1 Microsoft 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more 2025-04-14 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36581 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36582 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.3 High
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36593 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36598 1 Microsoft 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more 2025-04-14 7.8 High
Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability
CVE-2023-36701 1 Microsoft 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more 2025-04-14 7.8 High
Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2023-36710 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-14 7.8 High
Windows Media Foundation Core Remote Code Execution Vulnerability
CVE-2023-36728 1 Microsoft 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server 2025-04-14 5.5 Medium
Microsoft SQL Server Denial of Service Vulnerability
CVE-2023-36729 1 Microsoft 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more 2025-04-14 7.8 High
Named Pipe File System Elevation of Privilege Vulnerability
CVE-2023-36730 1 Microsoft 2 Odbc Driver For Sql Server, Sql Server 2025-04-14 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2022-43598 2 Debian, Openimageio 2 Debian Linux, Openimageio 2025-04-14 8.1 High
Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`.