Export limit exceeded: 361183 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-47145 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted. | ||||
| CVE-2026-47146 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted. | ||||
| CVE-2026-47147 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed OTA requests can drive the OTA server parser into out-of-bounds reads. A limited amount of data from RAM is read back to the requester. The size and location of this data is limited. These requests must come from a device that has already joined the network. Only devices supporting the OTA Server cluster may be impacted. | ||||
| CVE-2026-47148 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Groups cluster may be impacted. | ||||
| CVE-2026-47149 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed or out-of-range Door Lock user identifiers can trigger out-of-bounds table reads and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Door Lock cluster may be impacted. | ||||
| CVE-2026-47150 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed IAS Zone enrollment messages can trigger an out-of-bounds state-table write and terminate the process. The size and location of this write is limited. These messages must come from a device that has already joined the network. Only devices supporting the IAS Zone cluster may be impacted. | ||||
| CVE-2026-47151 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, malformed ClearWeekdaySchedule messages can trigger out-of-bounds writes into Door Lock schedule state. The size and location of this data is limited. These messages must come from a device that has already joined the network. Only devices supporting the Door Lock cluster may be impacted. | ||||
| CVE-2026-47152 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, a malformed Level Control Move command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted. | ||||
| CVE-2026-47153 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, a malformed Level Control Step command can terminate the process through a divide-by-zero fault. This command must come from a device that has already joined the network. Only devices supporting the Level Control cluster may be impacted. | ||||
| CVE-2026-47154 | 1 Silicon Labs | 1 Emberznet | 2026-06-26 | N/A |
| In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed. Only devices supporting the Simple Metering cluster may be impacted. | ||||
| CVE-2026-6432 | 1 Silicon Labs | 1 Sisdk | 2026-06-26 | N/A |
| Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage. | ||||
| CVE-2026-13314 | 1 Pretix | 1 Pretix-digital | 2026-06-26 | N/A |
| Malicious HTML content could be injected into the content rendered by the pretix-digital plugin. | ||||
| CVE-2026-13223 | 1 Pretix | 1 Pretix-computop | 2026-06-26 | N/A |
| Our payment integration with Computop-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment. | ||||
| CVE-2026-13222 | 1 Pretix | 1 Pretix-oppwa | 2026-06-26 | N/A |
| Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment. | ||||
| CVE-2026-57536 | 1 Pretix | 1 Pretix-mollie | 2026-06-26 | N/A |
| Our payment integration with Mollie did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment. | ||||
| CVE-2026-57534 | 1 Pretix | 1 Pretix-pages | 2026-06-26 | N/A |
| Malicious HTML content could be injected into the content of a page in the pretix-pages plugin. | ||||
| CVE-2026-49319 | 1 Alps Electric | 1 Remote Keyless Entry System (rkes) R53r0 | 2026-06-26 | 6.5 Medium |
| Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a legitimate key fob can later replay the same pair of transmissions repeatedly. During testing, replaying the first captured transmission caused the RKES to enter a state in which replaying the second captured transmission resulted in a successful lock or unlock operation of the vehicle. Tested and confirmed on a 2024 Suzuki Swift (SWIFT ISG GLS AC 1.2 5P 4x2 TM). | ||||
| CVE-2026-57236 | 1 Sparklemotion | 1 Nokogiri | 2026-06-26 | 8.2 High |
| Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, calling Document#encoding= with an invalid encoding (e.g., a non-string, or a string containing a null byte) raises an exception, but only after freeing the document's current encoding string without replacing it. The document is left referencing freed memory, so the next call to Document#encoding reads invalid memory, which can cause a segfault or leak freed bytes into a Ruby String. Affects the CRuby (libxml2) implementation only; JRuby is not affected. This vulnerability is fixed in 1.19.4. | ||||
| CVE-2026-57234 | 1 Sparklemotion | 1 Nokogiri | 2026-06-26 | 2.6 Low |
| Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, the NONET parse option, which Nokogiri turns on by default for Nokogiri::XML::Schema (see CVE-2020-26247), was not correctly enforced on the JRuby implementation. As a result, a schema parsed with default options could still cause external resources to be fetched over the network, potentially enabling SSRF or XXE attacks. This vulnerability is fixed in 1.19.4. | ||||
| CVE-2026-57235 | 1 Sparklemotion | 1 Nokogiri | 2026-06-26 | N/A |
| Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::NodeSet#[] (and its alias #slice) checked the requested index against the node set's bounds using a 32-bit-truncated copy of the index. A large negative index could pass the check and then be used at full width, reading outside the node set's storage. On CRuby this is an out-of-bounds read that typically crashes the process; on JRuby it is not memory-unsafe but returns an incorrect node. This vulnerability is fixed in 1.19.4. | ||||