Search

Search Results (364196 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-56669 1 Elysiajs 1 Elysia 2026-07-08 7.5 High
Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to 1.4.29, Elysia uses getAll in form data normalization for multipart/form-data endpoints, causing the amount of work to grow quadratically with the number of unique key-value pairs and allowing CPU exhaustion. This issue is fixed in version 1.4.29.
CVE-2026-13698 1 Openvpn 1 Openvpn 2026-07-08 4.9 Medium
A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service
CVE-2026-8650 1 Progress 1 Moveit Transfer 2026-07-08 4.5 Medium
Relative path traversal vulnerability in Progress MOVEit Transfer (Admin Settings module). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
CVE-2026-8651 1 Progress 1 Moveit Transfer 2026-07-08 3.7 Low
Limited authentication bypass by spoofing vulnerability in Progress MOVEit Transfer (HTTPS module). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
CVE-2026-8801 1 Progress 1 Moveit Transfer 2026-07-08 3.5 Low
Path equivalence: vulnerability in Progress MOVEit Transfer (File Upload modules). This issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4.
CVE-2026-52200 2026-07-08 N/A
An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax web management API endpoint in MifiService.apk
CVE-2026-5922 1 Hp Inc. 3 Poly Ccx, Poly Edge E, Poly Trio C60 2026-07-08 N/A
The IP phone might use malicious input stored in configuration parameters and render it as content for the WebUI’s webpage.
CVE-2026-5923 1 Hp Inc. 3 Poly Ccx, Poly Edge E, Poly Trio C60 2026-07-08 N/A
Malicious use of a stolen cookie might allow modifications to the contents of the IP phone’s webpage.
CVE-2026-55877 2026-07-08 6.1 Medium
Symfony UX is a JavaScript ecosystem for Symfony. From 2.17.0 before 2.36.1 and from 3.0.0 before 3.2.0, the ux_icon() Twig function is marked is_safe=['html'] and Icon::toHtml() inlines SVG source verbatim, allowing unsanitized local SVG files or Iconify on-demand JSON body responses containing nested script elements, on* event handlers, or dangerous URL schemes to execute cross-site scripting. This issue is fixed in versions 2.36.1 and 3.2.0.
CVE-2026-55878 2026-07-08 7.8 High
Symfony UX is a JavaScript ecosystem for Symfony. From 2.32.0 before 2.36.1 and from 3.0.0 before 3.2.0, the ux:install console command installs files from a recipe kit by copying paths listed in a copy-files map, and because Path::isRelative() accepts paths like ../../../etc, a crafted or compromised kit can write attacker-controlled content to arbitrary locations or read local files outside the recipe directory. This issue is fixed in versions 2.36.1 and 3.2.0.
CVE-2026-13753 1 Hp 1 Hp 2800 Printer Series 2026-07-08 7.5 High
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive configuration data such as plaintext Wi‑Fi Direct credentials, unique device identity information, and other administrative security state details. When accessed through the web interface, these setting pages explicitly require administrator credentials before sensitive information is displayed.
CVE-2026-11405 2026-07-08 9.8 Critical
The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key). - After normal authentication fails, it calls GetValue("sys.rzadmin.password") to read a backdoor password from the device configuration. - It performs a direct strcmp() comparison (plaintext, not hashed) between the config value and the user-supplied password. A successful match grants role=2 (admin-level access) and creates a valid session. The rzadmin username is never checked — any username works with the backdoor
CVE-2026-14536 1 Devolutions 1 Server 2026-07-08 N/A
Improper enforcement of a mandatory multi-factor authentication policy in Devolutions Server 2026.2.9.0 allows an attacker with valid user credentials to bypass the MFA Required policy and authenticate without completing multi-factor authentication. The problem occurs when DVLS encounters an invalid default MFA value.
CVE-2026-59821 1 Berriai 1 Litellm 2026-07-08 N/A
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to create or update guardrails to submit custom Python code that executed in the LiteLLM proxy environment and could expose secrets available to the process. This issue is fixed in version 1.82.0-stable.
CVE-2026-14361 1 Hashicorp 1 Tooling 2026-07-08 4.7 Medium
The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability (CVE-2026-14361) is fixed in consul-template 0.42.1.
CVE-2026-0288 1 Palo Alto Networks 3 Cloud Ngfw, Pan-os, Prisma Access 2026-07-08 N/A
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server Agent connectivity is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://docs.paloaltonetworks.com/ngfw/help/10-2/user-identification/device-user-identification-terminal-services-agents#:~:text=To%20minimize%20security%20risk%2C%20restrict%20TS%20Agent%20connectivity%20to%20trusted%20internal%20IP%20addresses%20only. . Panorama is not impacted by this vulnerability.
CVE-2026-58494 1 Bytecodealliance 1 Wasmtime 2026-07-08 6.5 Medium
Wasmtime is a runtime for WebAssembly. Prior to 24.0.11, 36.0.12, 45.0.3, and 46.0.1, wasmtime-wasi hard-link creation and renaming check directory permissions but not matching FilePerms on source and destination preopens, allowing a WASI guest with a read-only source file capability to overwrite host files exposed as FilePerms::READ through wasip1, wasip2, or wasip3 filesystem interfaces. This issue is fixed in versions 24.0.11, 36.0.12, 45.0.3, and 46.0.1.
CVE-2026-55596 1 Udecode 1 Plate 2026-07-08 8.7 High
Plate is a rich-text editor with AI and shadcn/ui. From 53.0.0 until 53.1.4, the media embed renderer trusts serialized provider or sourceUrl metadata in useMediaState and skips parseMediaUrl protocol validation, allowing a crafted Plate document to set a known video provider while keeping url as a javascript: iframe source that the registry MediaEmbedElement renders directly as an iframe src when a victim opens the document. This issue is fixed in version 53.1.4.
CVE-2026-55195 1 Miurahr 1 Py7zr 2026-07-08 6.5 Medium
py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, py7zr's Worker.decompress() extracted archive entries without tracking total decompressed size, allowing a crafted .7z file such as a 15.6 KB archive that expands to 100 MB to exhaust disk or memory before extraction completes. This issue is fixed in version 1.1.3.
CVE-2026-55206 1 Miurahr 1 Py7zr 2026-07-08 6.5 Medium
py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Prior to 1.1.3, PackInfo._read() in archiveinfo.py used an O(n^2) cumulative sum pattern for attacker-controlled numstreams values parsed from archive headers, allowing a crafted .7z archive to cause excessive CPU consumption during SevenZipFile.init() before extraction. This issue is fixed in version 1.1.3.