Export limit exceeded: 22589 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356272 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-36789 | 2026-06-08 | 7.5 High | ||
| Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-44541 | 1 Ethyca | 1 Fides | 2026-06-08 | N/A |
| Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fides_description override. This issue has been patched in version 2.84.5. | ||||
| CVE-2026-52778 | 1 Yeswiki | 1 Yeswiki | 2026-06-08 | 9.8 Critical |
| YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcField.php) of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passing them to the PHP eval() function. This implementation is inherently flawed: it is vulnerable to Regular Expression Denial of Service (ReDoS / Stack Overflow) which can crash the server, and it creates a high-risk architecture where any logic bypass directly results in arbitrary PHP code execution. Version 4.6.6 patches the issue. | ||||
| CVE-2026-40215 | 1 Openvpn | 1 Openvpn | 2026-06-08 | N/A |
| A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion. | ||||
| CVE-2026-35058 | 1 Openvpn | 1 Openvpn | 2026-06-08 | N/A |
| Improper validation of packet length during tls-crypt-v2 key extraction in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows authenticated attackers to trigger a fatal assertion and cause a denial of service via a specially crafted packet. | ||||
| CVE-2026-11554 | 1 Totolink | 2 Cp450, Cp450 Firmware | 2026-06-08 | 4.3 Medium |
| A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege violation. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-36574 | 1 Wassimulator | 1 Cactusviewer | 2026-06-08 | 7.8 High |
| A DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL. | ||||
| CVE-2026-36786 | 2026-06-08 | 7.5 High | ||
| Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-48507 | 1 Grokability | 1 Snipe-it | 2026-06-08 | 7.1 High |
| Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular `users.edit` permission to lock every admin out of the instance by editing the `activated` flag (which determines whether or not a user can login) and the `ldap_import` flag, which determines whether or not the user can request a password reset. Version 8.6.0 contains a patch. | ||||
| CVE-2026-11557 | 1 Tenda | 2 F451, F451 Firmware | 2026-06-08 | 8.8 High |
| A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-10786 | 1 Devolutions | 1 Server | 2026-06-08 | 6.5 Medium |
| Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext credentials for configured ticketing integrations via a crafted API request. This issue affects : * Devolutions Server 2026.2.4.0 * Devolutions Server 2026.1.20.0 and earlier | ||||
| CVE-2026-11393 | 1 Aws | 1 Agentcore Cli | 2026-06-08 | 9 Critical |
| Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of another user in the same AWS account, via a crafted collaborationInstruction stored on a Bedrock Agent collaborator and later processed by that other user during agent import. To remediate this issue, users should upgrade to version 0.14.2. | ||||
| CVE-2026-40519 | 1 Nginxproxymanager | 1 Nginx Proxy Manager | 2026-06-08 | 7.5 High |
| Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS command injection in the setupCertbotPlugins() function in backend/setup.js, allowing attackers with certificates:manage permission to execute arbitrary commands by storing a malicious payload in the dns_provider_credentials field. The user-controlled dns_provider_credentials value is interpolated directly into a shell command executed via child_process.exec() without sanitization or escaping, causing the injected command to execute upon backend restart. | ||||
| CVE-2026-10787 | 1 Devolutions | 1 Server | 2026-06-08 | N/A |
| Missing authorization in the deleted user groups API in Devolutions Server allows an authenticated low-privileged user to enumerate metadata of deleted user groups via a crafted API request. This issue affects : * Devolutions Server 2026.2.4.0 * Devolutions Server 2026.1.20.0 and earlier | ||||
| CVE-2026-10544 | 1 Devolutions | 1 Server | 2026-06-08 | 6.5 Medium |
| Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to a vault to execute arbitrary commands on the systems managed by the affected PAM provider. This issue affects : * Devolutions Server 2026.2.4.0 * Devolutions Server 2026.1.20.0 and earlier | ||||
| CVE-2026-47345 | 1 Typo3 | 1 Html Sanitizer | 2026-06-08 | N/A |
| Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2. | ||||
| CVE-2026-47344 | 1 Typo3 | 1 Html Sanitizer | 2026-06-08 | N/A |
| When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., </style\t>) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2. | ||||
| CVE-2026-46440 | 1 Flowiseai | 1 Flowise | 2026-06-08 | N/A |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, the checkBasicAuth endpoint validates credentials in plaintext without rate limiting and with direct comparison. This issue has been patched in version 3.1.2. | ||||
| CVE-2026-46401 | 1 Haxtheweb | 1 Issues | 2026-06-08 | N/A |
| HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after user logout. This allows attackers who obtain valid tokens to maintain persistent access to authenticated CMS functionality, bypassing the intended session termination mechanism and enabling unauthorized access to CMS metadata and administrative functions. Version 26.0.0 fixes the issue. | ||||
| CVE-2026-41249 | 1 Coreshop | 1 Coreshop | 2026-06-08 | 8.2 High |
| CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dangerously checks out the unverified code from the pull request head (`ref: ${{ github.event.pull_request.head.ref }}`). Subsequently, it executes a script (`bin/console`) from this untrusted checkout. This allows any external attacker to achieve Remote Code Execution (RCE) on the GitHub Actions runner simply by submitting a malicious Pull Request. Also known as a "Pwn Request" vulnerability. As of time of publication, `pull_request_target` is still in the file. | ||||