Export limit exceeded: 363673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363673 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9546 | 1 Curl | 1 Curl | 2026-07-07 | 7.5 High |
| A vulnerability in libcurl caused the HTTP `Referer:` header to persist even when explicitly cleared. While the documentation states that passing NULL to `CURLOPT_REFERER` suppresses the header, the option failed to clear the internal state. As a result the previous referrer string was erroneously reused and sent in subsequent requests, potentially leaking sensitive information to unintended servers. | ||||
| CVE-2026-49814 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-07 | 7.2 High |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. | ||||
| CVE-2026-14345 | 2 Getwpfunnels, Wordpress | 2 Wpfunnels – Funnel Builder For Woocommerce With Checkout & One Click Upsell, Wordpress | 2026-07-07 | 9.8 Critical |
| The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsanitized write of attacker-controlled postData values into a PHP-includeable .log file combined with the use of include_once to render that file in wpfnl_show_log. This makes it possible for unauthenticated attackers to execute code on the server. Exploitation requires that the Log Settings "Enable Logs" toggle is on and that an administrator subsequently opens the polluted log file via the plugin's Log Settings View UI; however, the nonce required to reach the optin endpoint is publicly emitted on every funnel step page, so the injection step itself is fully unauthenticated. | ||||
| CVE-2026-58384 | 1 Redhat | 1 Enterprise Linux | 2026-07-07 | 7.3 High |
| A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution. | ||||
| CVE-2026-12277 | 2 Frontend File Manager Plugin, Wordpress | 2 Frontend File Manager Plugin, Wordpress | 2026-07-07 | N/A |
| The Frontend File Manager Plugin WordPress plugin through 23.6 does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated users to delete arbitrary files on the server (such as wp-config.php) when guest upload mode is enabled. Deleting wp-config.php forces the site into its setup routine, which can be leveraged toward a full site takeover. | ||||
| CVE-2026-8377 | 2026-07-07 | 8.2 High | ||
| Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Collect Data from Common Resource Locations. This issue affects Access Control System (GKS): before Version 2. | ||||
| CVE-2026-8309 | 2026-07-07 | 5.4 Medium | ||
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Reflected XSS. This issue affects Access Control System (GKS): before Version 2. | ||||
| CVE-2026-8306 | 2026-07-07 | 6.1 Medium | ||
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Stored XSS. This issue affects Access Control System (GKS): before Version 2. | ||||
| CVE-2026-7380 | 2026-07-07 | 6.1 Medium | ||
| Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows XSS Targeting HTML Attributes. This issue affects Access Control System (GKS): before Version 2. | ||||
| CVE-2026-5799 | 2026-07-07 | 7.5 High | ||
| Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026. | ||||
| CVE-2026-5730 | 2026-07-07 | 7.5 High | ||
| Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026. | ||||
| CVE-2026-38973 | 2026-07-07 | N/A | ||
| mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method(). | ||||
| CVE-2026-38976 | 2026-07-07 | N/A | ||
| mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super. | ||||
| CVE-2026-38979 | 1 Ajenti | 1 Ajenti | 2026-07-07 | N/A |
| ajenti through v2.2.13 has a clickjacking weakness in the browser-facing login and administrative UI. In ajenti-core/aj/http.py, the core HTTP response path initializes an empty header list, forwards handler-added headers verbatim, and finalizes responses through WSGI start_response() without adding anti-framing protections such as X-Frame-Options or a Content-Security-Policy frame-ancestors restriction. | ||||
| CVE-2026-21370 | 1 Qualcomm | 1 Snapdragon | 2026-07-07 | 5.3 Medium |
| Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values. | ||||
| CVE-2026-34158 | 1 Coollabsio | 1 Coolify | 2026-07-07 | 8.8 High |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Attackers who can edit application settings can inject a single quote into docker_compose_custom_build_command or docker_compose_custom_start_command to break out of the quoted context and execute arbitrary commands on the managed server host during deployments, escaping the intended Docker container confinement. This issue is fixed in version 4.0.0-beta.469. | ||||
| CVE-2026-42201 | 1 Coollabsio | 1 Coolify | 2026-07-07 | 3.3 Low |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, database credential fields (redis_password, keydb_password, dragonfly_password, clickhouse_admin_user, clickhouse_admin_password, postgres_user, mysql_user) are validated only as 'string' at the API layer, with zero shell-safety checks. These values are then interpolated directly into Docker Compose YAML command: strings without any escaping. This issue is fixed in version 4.0.0-beta.474. | ||||
| CVE-2026-3823 | 2 Atop Technologies, Blackbeartechhive | 6 Ehg2408, Ehg2408-2sfp, Atop Ehg2408 and 3 more | 2026-07-07 | 9.8 Critical |
| EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | ||||
| CVE-2026-50263 | 2 Redhat, X.org | 4 Enterprise Linux, Rhel E4s, X Server and 1 more | 2026-07-07 | 5.5 Medium |
| A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. | ||||
| CVE-2026-50262 | 2 Redhat, X.org | 5 Enterprise Linux, Rhel E4s, X Server and 2 more | 2026-07-07 | 5.5 Medium |
| An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default. | ||||