Export limit exceeded: 206796 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 207082 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (207150 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0511 1 Microsoft 2 Windows 2000, Windows Nt 2026-05-28 9.1 Critical
IP forwarding is enabled on a machine which is not a router or firewall.
CVE-2019-6129 1 Libpng 1 Libpng 2026-05-28 6.5 Medium
png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer.
CVE-2008-4309 2 Net-snmp, Redhat 2 Net-snmp, Enterprise Linux 2026-05-28 7.5 High
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow, related to the number of responses or repeats.
CVE-2017-5753 14 Arm, Canonical, Debian and 11 more 396 Cortex-a12, Cortex-a12 Firmware, Cortex-a15 and 393 more 2026-05-28 5.6 Medium
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
CVE-2017-13165 1 Google 1 Android 2026-05-28 5.3 Medium
An elevation of privilege vulnerability in the kernel file system. Product: Android. Versions: Android kernel. Android ID A-31269937.
CVE-2017-12626 2 Apache, Redhat 3 Poi, Jboss Amq, Jboss Fuse 2026-05-28 7.5 High
Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).
CVE-2017-5754 3 Arm, Intel, Redhat 218 Cortex-a, Atom C, Atom E and 215 more 2026-05-28 5.6 Medium
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2012-10026 2 Asset-manager, Wordpress 2 Asset-manager Wordpress Plugin, Wordpress 2026-05-28 N/A
The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a predictable temporary directory. Once uploaded, the attacker can execute the file via a direct HTTP GET request, resulting in remote code execution under the web server’s context.
CVE-2021-47924 2 Etoilewebdesign, Wordpress 2 Ultimate Product Catalog, Wordpress 2026-05-28 6.4 Medium
Ultimate Product Catalogue 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price parameter. Attackers can submit POST requests to post.php with HTML/JavaScript payloads in the price field to execute arbitrary code when the product is viewed.
CVE-2015-2808 9 Canonical, Debian, Fujitsu and 6 more 102 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 99 more 2026-05-28 3.7 Low
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.
CVE-2018-25332 2 Gitbucket, Jenkins 2 Gitbucket, Gitbucket 2026-05-27 9.8 Critical
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR plugin via the git-lfs endpoint, and execute system commands through an exposed exploit endpoint.
CVE-2021-47942 2 Hacs, Home-assistant 2 Home Assistant Community Store, Home Assistant Community Store 2026-05-27 7.5 High
Home Assistant Community Store (HACS) prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh tokens, then craft valid JWT tokens to gain administrative access to Home Assistant instances.
CVE-2015-1916 1 Ibm 1 Java 2026-05-27 7.5 High
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
CVE-2015-6564 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-05-27 7 High
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
CVE-2015-6563 3 Apple, Openbsd, Redhat 3 Mac Os X, Openssh, Enterprise Linux 2026-05-27 6.4 Medium
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
CVE-2015-4000 13 Apple, Canonical, Debian and 10 more 31 Iphone Os, Mac Os X, Safari and 28 more 2026-05-27 3.7 Low
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2015-5600 2 Openbsd, Redhat 2 Openssh, Enterprise Linux 2026-05-27 8.1 High
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2018-25343 1 Behance 1 Smartshop 2026-05-27 4.3 Medium
Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting editprofile.php with hidden fields for email and password parameters that execute automatically when visited by an authenticated admin user.
CVE-2018-25349 1 Userspice 1 Userspice 2026-05-27 6.1 Medium
userSpice 4.3.24 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the X-Forwarded-For HTTP header. Attackers can send crafted requests to the backup.php endpoint with XSS payloads in the X-Forwarded-For header that execute when administrators visit the audit log page.
CVE-2018-25355 1 Audiograbber 1 Audiograbber 2026-05-27 8.4 High
Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges.