Search

Search Results (364491 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-9276 2 Cockroach Labs, Cockroachlabs 2 Cockroach-k8s-request-cert, Cockroach-k8s-request-cert 2026-01-30 N/A
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.
CVE-2025-59464 1 Nodejs 2 Node.js, Nodejs 2026-01-30 7.5 High
A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` certificate fields to UTF-8 without freeing the allocated buffer. When applications call `socket.getPeerCertificate(true)`, each certificate field leaks memory, allowing remote clients to trigger steady memory growth through repeated TLS connections. Over time this can lead to resource exhaustion and denial of service.
CVE-2025-59465 1 Nodejs 2 Node.js, Nodejs 2026-01-30 7.5 High
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cause Node.js to crash by triggering an unhandled `TLSSocket` error `ECONNRESET`. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not attach explicit error handlers to secure sockets, for example: ``` server.on('secureConnection', socket => { socket.on('error', err => { console.log(err) }) }) ```
CVE-2025-59466 1 Nodejs 2 Node.js, Nodejs 2026-01-30 7.5 High
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when `async_hooks.createHook()` is enabled. Instead of reaching `process.on('uncaughtException')`, the process terminates, making the crash unrecoverable. Applications that rely on `AsyncLocalStorage` (v22, v20) or `async_hooks.createHook()` (v24, v22, v20) become vulnerable to denial-of-service crashes triggered by deep recursion under specific conditions.
CVE-2025-66692 1 Trustwallet 1 Trust Wallet Core 2026-01-30 7.5 High
A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-66902 1 Pithikos 2 Websocket-server, Websocket Server 2026-01-30 7.5 High
An input validation issue in in Pithikos websocket-server v.0.6.4 allows a remote attacker to obtain sensitive information or cause unexpected server behavior via the websocket_server/websocket_server.py, WebSocketServer._message_received components.
CVE-2022-39314 1 Getkirby 1 Kirby 2026-01-30 3.7 Low
Kirby is a flat-file CMS. In versions prior to 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, Kirby is subject to user enumeration due to Improper Restriction of Excessive Authentication Attempts. This vulnerability affects you only if you are using the `code` or `password-reset` auth method with the `auth.methods` option or if you have enabled the `debug` option in production. By using two or more IP addresses and multiple login attempts, valid user accounts will lock, but invalid accounts will not, leading to account enumeration. This issue has been patched in versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1. If you cannot update immediately, you can work around the issue by setting the `auth.methods` option to `password`, which disables the code-based login and password reset forms.
CVE-2025-55423 1 Iptime 326 A1, A1004, A1004 Firmware and 323 more 2026-01-30 9.8 Critical
A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sanitization, allowing OS command injection.
CVE-2025-67261 1 Abacre 1 Retail Point Of Sale 2026-01-30 6.5 Medium
Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page.
CVE-2025-67263 1 Abacre 1 Retail Point Of Sale 2026-01-30 6.1 Medium
Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting (XSS) vulnerability in the Clients module. The application fails to properly sanitize user-supplied input stored in the Name and Surname fields. An attacker can insert malicious HTML or script content into these fields, which, persisted in the database.
CVE-2025-66803 1 Hotwired 1 Turbo 2026-01-30 4.8 Medium
Race condition in the turbo-frame element handler in Hotwired Turbo before 8.0.x causes logout operations to fail when delayed frame responses reapply session cookies after logout. This can be exploited by remote attackers via selective network delays (e.g. delaying requests based on sequence or timing) or by physically proximate attackers when the race condition occurs naturally on shared computers.
CVE-2021-47767 1 10-strike 1 Network Inventory Explorer 2026-01-30 7.8 High
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions.
CVE-2021-47768 2 Cleidigh, Thundernest 2 Importexporttools Ng, Importexporttools Ng 2026-01-30 6.1 Medium
ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that execute during HTML export, potentially compromising user data or session credentials.
CVE-2024-45810 2 Envoyproxy, Redhat 2 Envoy, Service Mesh 2026-01-30 6.5 Medium
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstance, e.g., websocket upgrade, and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client, one reason is http async client is duplicating the status code, another one is the destroy of router is called at the destructor of the async stream, while the stream is deferred deleted at first. There will be problems that the stream decoder is destroyed but its reference is called in `router.onDestroy()`, causing segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed, and request mirrorring. This issue has been addressed in versions 1.31.2, 1.30.6, 1.29.9, and 1.28.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-24771 1 Maykinmedia 1 Open Forms 2026-01-30 7.7 High
Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials (username + password) compromised could potentially have the second-factor authentication bypassed if an attacker somehow managed to authenticate to Open Forms. The maintainers of Open Forms do not believe it is or has been possible to perform this login. However, if this were possible, the victim's account may be abused to view (potentially sensitive) submission data or have been used to impersonate other staff accounts to view and/or modify data. Three mitigating factors to help prevent exploitation include: the usual login page (at `/admin/login/`) does not fully log in the user until the second factor was succesfully provided; the additional non-MFA protected login page at `/api/v2/api-authlogin/` was misconfigured and could not be used to log in; and there are no additional ways to log in. This also requires credentials of a superuser to be compromised to be exploitable. Versions 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain the following patches to address these weaknesses: Move and only enable the API auth endpoints (`/api/v2/api-auth/login/`) with `settings.DEBUG = True`. `settings.DEBUG = True` is insecure and should never be applied in production settings. Additionally, apply a custom permission check to the hijack flow to only allow second-factor-verified superusers to perform user hijacking.
CVE-2025-67025 1 Anycomment 2 Anycomment, Anycomment.io 2026-01-30 6.1 Medium
Cross Site Scripting vulnerability in Anycomment anycomment.io 0.4.4 allows a remote attacker to execute arbitrary code via the Anycomment comment section
CVE-2022-47425 2 Reputeinfosystems, Wordpress 2 Armember, Wordpress 2026-01-30 4.3 Medium
Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ARMember: from n/a through 3.4.10.
CVE-2025-13743 1 Docker 1 Docker Desktop 2026-01-30 7.5 High
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred.
CVE-2025-67488 2 B3log, Siyuan 2 Siyuan, Siyuan 2026-01-30 7.8 High
SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the import functionality in notes is able to overwrite any file on the system, and can escalate to full code execution under some circumstances. A fix is planned for version 3.5.0.
CVE-2025-40700 2 Idi Eikon, Idieikon 2 Governalia, Governalia 2026-01-30 6.1 Medium
Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim's browser when a malicious URL with the 'q' parameter in '/search' is sent to them. This vulnerability can be exploited to steal sensitive information such as session cookies or to perform actions on behalf of the victim.