Export limit exceeded: 363821 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363821 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-58083 | 1 General Industrial Controls | 1 Lynx+ Gateway | 2026-04-15 | 10 Critical |
| General Industrial Controls Lynx+ Gateway is missing critical authentication in the embedded web server which could allow an attacker to remotely reset the device. | ||||
| CVE-2025-58438 | 1 Microsoft | 1 Windows | 2026-04-15 | N/A |
| internetarchive is a Python and Command-Line Interface to Archive.org In versions 5.5.0 and below, there is a directory traversal (path traversal) vulnerability in the File.download() method of the internetarchive library. The file.download() method does not properly sanitize user-supplied filenames or validate the final download path. A maliciously crafted filename could contain path traversal sequences (e.g., ../../../../windows/system32/file.txt) or illegal characters that, when processed, would cause the file to be written outside of the intended target directory. An attacker could potentially overwrite critical system files or application configuration files, leading to a denial of service, privilege escalation, or remote code execution, depending on the context in which the library is used. The vulnerability is particularly critical for users on Windows systems, but all operating systems are affected. This issue is fixed in version 5.5.1. | ||||
| CVE-2025-6076 | 1 Partner Software | 2 Partner Software, Partner Web | 2026-04-15 | 8.8 High |
| Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the vulnerability. | ||||
| CVE-2025-61084 | 1 Mdaemon | 1 Email Server | 2026-04-15 | 7.1 High |
| MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets (<>) in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing even when anti-spoofing protections are in place. NOTE: this is disputed by the Supplier because UI spoofing occurs in a client, not in a server such as MDaemon's product or any other server implementation. Also, if a client without its own spoofing protection must be used, the Header Screening feature in MDaemon's product can be employed to mitigate the client-side vulnerability. | ||||
| CVE-2025-61910 | 1 Nasajpl | 1 Iondtn | 2026-04-15 | 7.5 High |
| The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A BPv7 bundle with a malformed extension block causes uncontrolled memory allocation inside ION-DTN 4.1.3s, leading to receiver thread termination and a Denial-of-Service (DoS). The triggering bundle contains an extension block starting at `0x85070201005bbb0e20b4ea001a000927c0...`. The first byte in the extension block (0x85) indicates a CBOR array of five elements of which the first four are numbers (0x07, 0x02, 0x01, 0x00) but the fifth element is a byte string of length 27 (`0x5bbb0e20b4ea001a000927c0...`). The vulnerability seems to be due to processing the fifth element of the array (i.e., the byte string) as replacing it with a number makes the vulnerability no longer be triggered. While parsing this extension block, ION obtains a very large block length, which in the code in `bei.c`:764) seems to be passed from `blockLength` which is an unsigned int, to a 32 bit signed integer `blkSize`. The unsigned to signed conversion causes `blkSize` to hold the value of -369092043, which is then converted into a 64-bit unsigned value inside `MTAKE(blkSize)`, resulting in an attempt to allocate an unrealistic amount of memory, causing the error. As of time of publication, no known patched versions of BPv7 exist. | ||||
| CVE-2025-61984 | 1 Openbsd | 1 Openssh | 2026-04-15 | 3.6 Low |
| ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) | ||||
| CVE-2025-6242 | 1 Redhat | 2 Ai Inference Server, Enterprise Linux Ai | 2026-04-15 | 7.1 High |
| A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources. | ||||
| CVE-2025-62765 | 1 General Industrial Controls | 1 Lynx+ Gateway | 2026-04-15 | 7.5 High |
| General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including plaintext credentials. | ||||
| CVE-2025-64151 | 2 Microsoft, Roboticsware | 5 Windows, Ba-panel6, Fa-panel6 and 2 more | 2026-04-15 | N/A |
| Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege. | ||||
| CVE-2025-66237 | 1 Sunbirddcim | 2 Dctrack, Power Iq | 2026-04-15 | 6.7 Medium |
| DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host. | ||||
| CVE-2025-66555 | 2 Airkeyboardapp, Apple | 2 Airkeyboard Ios App, Ios | 2026-04-15 | N/A |
| AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control. | ||||
| CVE-2025-66559 | 1 Taiko | 1 Taiko-mono | 2026-04-15 | N/A |
| Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) advanced the local tid to whatever transition matched the current blockHash before knowing whether that batch would actually be verified. When the loop later broke (e.g., cooldown window not yet passed or transition invalidated), the function still wrote that newer tid into batches[lastVerifiedBatchId].verifiedTransitionId after decrementing batchId. Result: the last verified batch could end up pointing at a transition index from the next batch (often zeroed), corrupting the verified chain pointer. | ||||
| CVE-2025-8146 | 2 Qodeinteractive, Wordpress | 2 Qi Addons For Elementor, Wordpress | 2026-04-15 | 6.4 Medium |
| The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2025-8386 | 1 Aveva | 1 Application Server | 2026-04-15 | 6.9 Medium |
| The vulnerability, if exploited, could allow an authenticated miscreant (with privilege of "aaConfigTools") to tamper with App Objects' help files and persist a cross-site scripting (XSS) injection that when executed by a victim user, can result in horizontal or vertical escalation of privileges. The vulnerability can only be exploited during config-time operations within the IDE component of Application Server. Run-time components and operations are not affected. | ||||
| CVE-2025-8870 | 1 Arista | 1 Eos | 2026-04-15 | 4.9 Medium |
| On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153 | ||||
| CVE-2017-20201 | 2 Microsoft, Piriform | 2 Windows, Ccleaner | 2026-04-15 | N/A |
| CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 (32-bit builds) contained a malicious pre-entry-point loader that diverts execution from __scrt_common_main_seh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at runtime, and transfers execution to an in-memory payload. The payload performs anti-analysis checks, gathers host telemetry, encodes the data with a two-stage obfuscation, and attempts HTTPS exfiltration to hard-coded C2 servers or month-based DGA domains. Potential impacts include remote data collection and exfiltration, stealthy in-memory execution and persistence, and potential lateral movement. CCleaner was developed by Piriform, which was acquired by Avast in July 2017; Avast later merged with NortonLifeLock to form the parent company now known as Gen Digital. According to vendor advisories, the compromised CCleaner build was released on August 15, 2017 and remediated on September 12, 2017 with v5.34; the compromised CCleaner Cloud build was released on August 24, 2017 and remediated on September 15, 2017 with v1.07.3214. | ||||
| CVE-2017-20202 | 2 Google, Web Developer For Chrome | 2 Chrome, Web Developer For Chrome | 2026-04-15 | N/A |
| Web Developer for Chrome v0.4.9 contained malicious code that generated a domain via a DGA and fetched a remote script. The fetched script conditionally loaded follow-on modules that performed extensive ad substitution and malvertising, displayed fake “repair” alerts that redirected users to affiliate programs, and attempted to harvest credentials when users logged in. Injected components enumerate common banner sizes for substitution, replace third-party ad calls, and redirect victim traffic to affiliate landing pages. Potential impacts include user-level code execution in the browser context, large-scale ad fraud and traffic hijacking, credential theft, and exposure to additional payloads delivered by the actor. The compromise was reported on by the maintainer of Web Developer for Chrome on August 2, 2017 and remediated in v0.5.0. | ||||
| CVE-2020-36876 | 1 Request Serious Play | 2 Request Serious Play, Request Serious Play Pro | 2026-04-15 | N/A |
| ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro), 7.0.2.4954, 6.5.2.4954, 6.4.2.4681, 6.3.2.4203, and 2.0.1.823 allows unauthenticated attackers to disclose the webserver's Python debug log file containing system information, credentials, paths, processes and command arguments running on the device. Attackers can access sensitive information by visiting the message_log page. | ||||
| CVE-2022-50237 | 2026-04-15 | 5.9 Medium | ||
| The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key. | ||||
| CVE-2024-12057 | 1 Arcinfo | 1 Pcvue | 2026-04-15 | N/A |
| User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application. | ||||