Export limit exceeded: 358455 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (358455 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-49953 | 1 Discuz | 1 Discuzx | 2026-06-16 | 6.5 Medium |
| Discuz! X5.0 releases 20260320 through 20260610 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat challenge controls by exploiting limited complexity and predictable character sets in generated CAPTCHA images. Attackers can train a custom optical character recognition model against collected CAPTCHA samples to reliably predict challenge text, bypassing protections on login, registration, and other functionality from automated abuse. | ||||
| CVE-2026-50255 | 1 Sony | 1 Optical Disc Archive Software | 2026-06-16 | N/A |
| Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges. | ||||
| CVE-2026-39196 | 2026-06-16 | 9.8 Critical | ||
| Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements. | ||||
| CVE-2026-45996 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration (unless the allocation is device managed). Take another reference before deregistering the controller so that the driver data is not freed until the driver is done with it. | ||||
| CVE-2026-48872 | 2 Wordpress, Wpdeveloper | 2 Wordpress, Embedpress | 2026-06-16 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions. | ||||
| CVE-2026-38329 | 2026-06-16 | 9.8 Critical | ||
| Bludit CMS before version 3.18.4 allows Remote Code Execution (RCE) via the API Plugin. The POST /api/files/{key} endpoint in bl-plugins/api/plugin.php fails to perform authorization checks and lacks file extension validation. An attacker with a valid API token can upload a malicious PHP script and execute arbitrary code on the server. | ||||
| CVE-2026-39583 | 2026-06-16 | 9.8 Critical | ||
| Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery <= 2.6.62 versions. | ||||
| CVE-2026-46058 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: media: amphion: Fix race between m2m job_abort and device_run Fix kernel panic caused by race condition where v4l2_m2m_ctx_release() frees m2m_ctx while v4l2_m2m_try_run() is about to call device_run with the same context. Race sequence: v4l2_m2m_try_run(): v4l2_m2m_ctx_release(): lock/unlock v4l2_m2m_cancel_job() job_abort() v4l2_m2m_job_finish() kfree(m2m_ctx) <- frees ctx device_run() <- use-after-free crash at 0x538 Crash trace: Unable to handle kernel read from unreadable memory at virtual address 0000000000000538 v4l2_m2m_try_run+0x78/0x138 v4l2_m2m_device_run_work+0x14/0x20 The amphion vpu driver does not rely on the m2m framework's device_run callback to perform encode/decode operations. Fix the race by preventing m2m framework job scheduling entirely: - Add job_ready callback returning 0 (no jobs ready for m2m framework) - Remove job_abort callback to avoid the race condition | ||||
| CVE-2026-45997 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails If device_add(&sdkp->disk_dev) fails, put_device() runs scsi_disk_release(), which frees the scsi_disk but leaves the gendisk referenced. The device_add_disk() error path in sd_probe() calls put_disk(gd); call put_disk(gd) here to mirror that cleanup. | ||||
| CVE-2026-41722 | 1 Vmware | 5 Aria Operations, Cloud Foundation, Telco Cloud Platform and 2 more | 2026-06-16 | 8 High |
| VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations. | ||||
| CVE-2026-36670 | 2026-06-16 | 8.8 High | ||
| A Time-Based Blind SQL Injection vulnerability in the alias_management module of OpenSIPS Control Panel (opensips-cp) prior to version 9.3.3 allows authenticated attackers to execute arbitrary SQL commands via the 'table' GET parameter in alias_management.php. | ||||
| CVE-2026-48708 | 1 Olivetin | 1 Olivetin | 2026-06-16 | 7.5 High |
| OliveTin gives access to predefined shell commands from a web interface. In versions 3000.0.0 and prior, the template engine uses a single shared text/template.Template instance (tpl package-level variable in service/internal/tpl/templates.go) across all goroutines. Every action execution calls tpl.Parse(source) followed by t.Execute() on this shared instance with no synchronization. When two or more actions execute concurrently (which is the normal case — each ExecRequest spawns a goroutine), a race condition occurs: one goroutine's Parse overwrites the template tree while another goroutine is calling Execute, causing cross-user command contamination, Go runtime panic, and incorrect command execution. This issue has been resolved in version 3000.13.0. | ||||
| CVE-2026-41723 | 1 Vmware | 5 Aria Operations, Cloud Foundation, Telco Cloud Platform and 2 more | 2026-06-16 | 8 High |
| VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations. | ||||
| CVE-2026-48836 | 2026-06-16 | 10 Critical | ||
| Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions. | ||||
| CVE-2026-42661 | 2 Aguilatechnologies, Wordpress | 2 Wp Customer Area, Wordpress | 2026-06-16 | 8.8 High |
| Custom role Path Traversal in WP Customer Area <= 8.3.4 versions. | ||||
| CVE-2026-40732 | 2 Rainafarai, Wordpress | 2 Notification For Telegram, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Notification for Telegram <= 3.5 versions. | ||||
| CVE-2026-48723 | 2026-06-16 | 7.8 High | ||
| The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6. | ||||
| CVE-2026-42167 | 1 Proftpd | 1 Proftpd | 2026-06-16 | 8.1 High |
| mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM). | ||||
| CVE-2026-42520 | 2 Jenkins, Jenkins Project | 2 Credentials Binding, Jenkins Credentials Binding Plugin | 2026-06-16 | 7.5 High |
| Jenkins Credentials Binding Plugin 719.v80e905ef14eb_ and earlier does not sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution if Jenkins is configured to allow a low-privileged user to configure file or zip file credentials used for a job running on the built-in node. | ||||
| CVE-2026-36356 | 1 Meig | 1 Goahead | 2026-06-16 | 9.1 Critical |
| The GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1) allows unauthenticated OS command injection via the /action/SetRemoteAccessCfg endpoint. | ||||