Export limit exceeded: 363878 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363878 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-45832 1 Northernbeacheswebsites 1 Wp Gotowebinar 2026-01-15 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Gibson WP GoToWebinar plugin <= 14.45 versions.
CVE-2024-50566 1 Fortinet 3 Fortimanager, Fortimanager Cloud, Fortimanagercloud 2026-01-15 7.2 High
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiManager Cloud 7.6.0 through 7.6.1, FortiManager Cloud 7.4.0 through 7.4.4, FortiManager Cloud 7.2.2 through 7.2.7, FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.0 through 7.4.5, FortiManager 7.2.1 through 7.2.8 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests.
CVE-2025-26507 1 Hp 403 115p9aw, 115q0aw, 17f27aw and 400 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2025-26506 1 Hp 190 499m6a, 499m6a Firmware, 499m7a and 187 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2025-26508 1 Hp 593 115p9aw, 115q0aw, 17f27aw and 590 more 2026-01-15 9.8 Critical
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
CVE-2024-1869 1 Hp 4 Cq891c, Cq891c Firmware, Cq893c and 1 more 2026-01-15 7.5 High
Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.
CVE-2024-27778 1 Fortinet 1 Fortisandbox 2026-01-15 8.3 High
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0.0 through 4.0.4, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0.5 through 3.0.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.
CVE-2026-23582 2026-01-15 N/A
Not used
CVE-2026-23581 2026-01-15 N/A
Not used
CVE-2026-23580 2026-01-15 N/A
Not used
CVE-2026-23579 2026-01-15 N/A
Not used
CVE-2026-23578 2026-01-15 N/A
Not used
CVE-2026-23577 2026-01-15 N/A
Not used
CVE-2026-23576 2026-01-15 N/A
Not used
CVE-2026-23575 2026-01-15 N/A
Not used
CVE-2026-23574 2026-01-15 N/A
Not used
CVE-2025-48371 1 Openfga 2 Helm Charts, Openfga 2026-01-15 8.8 High
OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 (corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected under four specific conditions: First, calling Check API or ListObjects with an authorization model that has a relationship directly assignable by both type bound public access and userset; second, there are check or list object queries with contextual tuples for the relationship that can be directly assignable by both type bound public access and userset; third, those contextual tuples’s user field is an userset; and finally, type bound public access tuples are not assigned to the relationship. Users should upgrade to version 1.8.13 to receive a patch. The upgrade is backwards compatible.
CVE-2025-66877 1 Libming 1 Libming 2026-01-15 7.5 High
Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.
CVE-2025-66869 1 Libming 1 Libming 2026-01-15 7.5 High
Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.
CVE-2025-60935 1 Returnfi 1 Blitz 2026-01-15 6.5 Medium
An open redirect vulnerability in the login endpoint of Blitz Panel v1.17.0 allows attackers to redirect users to malicious domains via a crafted URL. This issue affects the next_url parameter in the login endpoint and could lead to phishing or token theft after successful authentication.