Export limit exceeded: 345106 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43021 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43021 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42965 | 1 Snowflake | 1 Snowflake Connector | 2026-03-06 | 3.7 Low |
| An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method | ||||
| CVE-2025-67716 | 1 Auth0 | 1 Nextjs-auth0 | 2026-03-06 | 5.7 Medium |
| The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request. Successful exploitation may result in tokens being issued with unintended parameters. This issue is fixed in version 4.13.0. | ||||
| CVE-2022-36125 | 1 Apache | 1 Avro | 2026-03-06 | 7.5 High |
| It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue. | ||||
| CVE-2022-30635 | 2 Golang, Redhat | 15 Go, Acm, Ceph Storage and 12 more | 2026-03-06 | 7.5 High |
| Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures. | ||||
| CVE-2022-30630 | 2 Golang, Redhat | 17 Go, Acm, Application Interconnect and 14 more | 2026-03-06 | 7.5 High |
| Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators. | ||||
| CVE-2025-70218 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component. | ||||
| CVE-2025-70220 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4. | ||||
| CVE-2025-70223 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. | ||||
| CVE-2025-70226 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard. | ||||
| CVE-2025-70219 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot. | ||||
| CVE-2025-70221 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin. | ||||
| CVE-2025-70225 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component | ||||
| CVE-2025-70222 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode. | ||||
| CVE-2025-70229 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule. | ||||
| CVE-2025-70230 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS. | ||||
| CVE-2025-70232 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. | ||||
| CVE-2025-70233 | 1 Dlink | 2 Dir-513, Dir-513 Firmware | 2026-03-06 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. | ||||
| CVE-2025-65085 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2026-03-06 | 9.8 Critical |
| A Heap-based Buffer Overflow vulnerability is present in Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions 12.6.1204.207 and prior that could allow an attacker to disclose information or execute arbitrary code. | ||||
| CVE-2025-12107 | 1 Wso2 | 2 Identity Server, Wso2 Identity Server | 2026-03-06 | 8.4 High |
| Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and execute arbitrary template code on the server, potentially leading to remote code execution, data manipulation, or unauthorized access to sensitive information. | ||||
| CVE-2026-28539 | 1 Huawei | 1 Harmonyos | 2026-03-06 | 6.2 Medium |
| Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||