Export limit exceeded: 34809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 340783 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (340783 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2271 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2026-03-26 | 3.3 Low |
| A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an integer overflow vulnerability in the read_creator_block() function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory allocation without proper validation, leading to a heap overflow and an out-of-bounds write. Successful exploitation could result in an application level denial of service. | ||||
| CVE-2026-2239 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2026-03-26 | 2.8 Low |
| A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string function when processing a specially crafted PSD (Photoshop Document) file. This occurs because the buffer allocated for a Pascal string is not properly null-terminated, leading to an out-of-bounds read when strlen() is subsequently called. Successfully exploiting this vulnerability can cause the application to crash, resulting in an application level Denial of Service. | ||||
| CVE-2026-2100 | 1 Redhat | 2 Enterprise Linux, Openshift | 2026-03-26 | 5.3 Medium |
| A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference or undefined behavior. This issue may cause an application level denial of service or other unpredictable system states. | ||||
| CVE-2026-24971 | 2 Elated-themes, Wordpress | 2 Search And Go Theme, Wordpress | 2026-03-26 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in Elated-Themes Search & Go searchgo allows Privilege Escalation.This issue affects Search & Go: from n/a through <= 2.8. | ||||
| CVE-2026-24964 | 2 Wasiliy Strecker / Contestgallery Developer, Wordpress | 2 Contest Gallery, Wordpress | 2026-03-26 | 6.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.1.2.1. | ||||
| CVE-2026-24372 | 2 Wordpress, Wp Swings | 2 Wordpress, Subscriptions For Woocommerce | 2026-03-26 | 7.5 High |
| Authentication Bypass by Spoofing vulnerability in WP Swings Subscriptions for WooCommerce subscriptions-for-woocommerce allows Input Data Manipulation.This issue affects Subscriptions for WooCommerce: from n/a through <= 1.8.10. | ||||
| CVE-2026-24359 | 2 Dokan, Wordpress | 2 Dokan, Wordpress | 2026-03-26 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Dokan, Inc. Dokan dokan-lite allows Authentication Abuse.This issue affects Dokan: from n/a through <= 4.2.4. | ||||
| CVE-2026-21724 | 2026-03-26 | 5.4 Medium | ||
| A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission. | ||||
| CVE-2026-1961 | 1 Redhat | 4 Satellite, Satellite Capsule, Satellite Maintenance and 1 more | 2026-03-26 | 8 High |
| A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure. | ||||
| CVE-2026-1531 | 1 Redhat | 4 Satellite, Satellite Capsule, Satellite Maintenance and 1 more | 2026-03-26 | 8.1 High |
| A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and OpenShift, to perform a Man-in-the-Middle (MITM) attack. Such an attack could lead to the disclosure or alteration of sensitive information. | ||||
| CVE-2026-1530 | 1 Redhat | 4 Satellite, Satellite Capsule, Satellite Maintenance and 1 more | 2026-03-26 | 8.1 High |
| A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift, resulting in information disclosure and data integrity compromise. | ||||
| CVE-2026-0980 | 3 Logicminds, Red Hat, Redhat | 6 Rubyipmi, Red Hat Satellite 6, Satellite and 3 more | 2026-03-26 | 8.3 High |
| A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system. | ||||
| CVE-2026-0968 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift | 2026-03-26 | N/A |
| A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes. | ||||
| CVE-2026-0967 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift | 2026-03-26 | N/A |
| A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client. | ||||
| CVE-2026-0966 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift | 2026-03-26 | N/A |
| The API function `ssh_get_hexa()` is vulnerable, when 0-lenght input is provided to this function. This function is used internally in `ssh_get_fingerprint_hash()` and `ssh_print_hexa()` (deprecated), which is vulnerable to the same input (length is provided by the calling application). The function is also used internally in the gssapi code for logging the OIDs received by the server during GSSAPI authentication. This could be triggered remotely, when the server allows GSSAPI authentication and logging verbosity is set at least to SSH_LOG_PACKET (3). This could cause self-DoS of the per-connection daemon process. | ||||
| CVE-2026-0965 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift | 2026-03-26 | N/A |
| A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations. | ||||
| CVE-2026-0964 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift | 2026-03-26 | N/A |
| A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111. | ||||
| CVE-2025-12848 | 2 Drupal, Webform Multiple File Upload Project | 3 Drupal, Webform Module, Webform Multiple File Upload | 2026-03-26 | 6.1 Medium |
| Webform Multiple File Upload module for Drupal 7.x contains a cross-site scripting (XSS) vulnerability in the file name renderer. An unauthenticated attacker can exploit this vulnerability by uploading a file with a malicious filename containing JavaScript code (e.g., "<img src=1 onerror=alert(document.domain)>") to a Webform node with a Multifile field where file type validation is disabled. This allows the execution of arbitrary scripts in the context of the victim's browser. The issue is present in a third-party library and has been addressed in a patch available at https://github.com/fyneworks/multifile/pull/44 . Users are advised to apply the provided patch or update to a fixed version of the module. | ||||
| CVE-2026-4346 | 2026-03-26 | N/A | ||
| The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the serial port can recover sensitive information, including the router’s management password and wireless network key. Successful exploitation can lead to full administrative control of the device and unauthorized access to the associated wireless network. | ||||
| CVE-2026-27654 | 1 F5 | 2 Nginx Open Source, Nginx Plus | 2026-03-26 | 8.2 High |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuration file uses DAV module MOVE or COPY methods, prefix location (nonregular expression location configuration), and alias directives. The integrity impact is constrained because the NGINX worker process user has low privileges and does not have access to the entire system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||