Export limit exceeded: 341190 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341190 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26132 | 1 Microsoft | 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more | 2026-03-29 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-23674 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-29 | 7.5 High |
| Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-20993 | 1 Samsung | 1 Samsung Assistant | 2026-03-29 | N/A |
| Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. | ||||
| CVE-2026-20994 | 1 Samsung | 1 Account | 2026-03-29 | N/A |
| URL redirection in Samsung Account prior to version 15.5.01.1 allows remote attackers to potentially get access token. | ||||
| CVE-2026-20995 | 1 Samsung | 1 Smart Switch | 2026-03-29 | N/A |
| Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration. | ||||
| CVE-2026-20996 | 1 Samsung | 1 Smart Switch | 2026-03-29 | N/A |
| Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication. | ||||
| CVE-2026-20997 | 1 Samsung | 1 Smart Switch | 2026-03-29 | N/A |
| Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication. | ||||
| CVE-2026-20999 | 1 Samsung | 1 Smart Switch | 2026-03-29 | N/A |
| Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions. | ||||
| CVE-2025-53521 | 1 F5 | 22 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 19 more | 2026-03-29 | 9.8 Critical |
| When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution (RCE). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2026-2921 | 1 Gstreamer | 1 Gstreamer | 2026-03-29 | 7.8 High |
| GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of palette data in AVI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28854. | ||||
| CVE-2018-25218 | 2 Krylack, Passfab | 2 Rar Password Recovery, Rar Password Recovery | 2026-03-28 | 8.4 High |
| PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into the 'Licensed E-mail and Registration Code' field during registration to trigger code execution. | ||||
| CVE-2018-25212 | 1 Boxoft | 1 Wav To Wma Converter | 2026-03-28 | 8.4 High |
| Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems. | ||||
| CVE-2018-25206 | 1 Sitemakin | 1 Komseo Cart | 2026-03-28 | 8.2 High |
| KomSeo Cart 1.3 contains an SQL injection vulnerability that allows attackers to inject SQL commands through the 'my_item_search' parameter in edit.php. Attackers can submit POST requests with malicious SQL payloads to extract sensitive database information using boolean-based blind or error-based injection techniques. | ||||
| CVE-2026-33285 | 1 Harttle | 1 Liquidjs | 2026-03-28 | 7.5 High |
| LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allowing an attacker to allocate unlimited memory. Combined with a string flattening operation (e.g., `replace` filter), this causes a V8 Fatal error that crashes the Node.js process, resulting in complete denial of service from a single HTTP request. Version 10.25.1 patches the issue. | ||||
| CVE-2026-33942 | 2 Saloon, Saloonphp | 2 Saloon, Saloon | 2026-03-28 | 9.8 Critical |
| Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize() in AccessTokenAuthenticator::unserialize() to restore OAuth token state from cache or storage, with allowed_classes => true. An attacker who can control the serialized string (e.g. by overwriting a cached token file or via another injection) can supply a serialized "gadget" object. When unserialize() runs, PHP instantiates that object and runs its magic methods (__wakeup, __destruct, etc.), leading to object injection. In environments with common dependencies (e.g. Monolog), this can be chained to remote code execution (RCE). The fix in version 4.0.0 removes PHP serialization from the AccessTokenAuthenticator class requiring users to store and resolve the authenticator manually. | ||||
| CVE-2026-34056 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-03-28 | 7.7 High |
| OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eRx error logs without proper authorization checks. This flaw compromises system confidentiality by exposing sensitive information, potentially leading to unauthorized data disclosure and misuse. As of time of publication, no known patches versions are available. | ||||
| CVE-2026-34051 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-03-28 | 5.4 Medium |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 have an improper access control on the Import/Export functionality, allowing unauthorized users to perform import and export actions through direct request manipulation despite UI restrictions. This can lead to unauthorized data access, bulk data extraction, and manipulation of system data. Version 8.0.0.3 contains a fix. | ||||
| CVE-2025-14684 | 1 Ibm | 2 Maximo Application Suite - Monitor Component, Maximo Application Suite Monitor Component | 2026-03-28 | 4 Medium |
| IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files. | ||||
| CVE-2025-14974 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2026-03-28 | 5.7 Medium |
| IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable due to Insecure Direct Object Reference (IDOR). | ||||
| CVE-2026-33246 | 2 Linuxfoundation, Nats | 2 Nats-server, Nats Server | 2026-03-28 | 6.4 Medium |
| NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server offers a `Nats-Request-Info:` message header, providing information about a request. This is supposed to provide enough information to allow for account/user identification, such that NATS clients could make their own decisions on how to trust a message, provided that they trust the nats-server as a broker. A leafnode connecting to a nats-server is not fully trusted unless the system account is bridged too. Thus identity claims should not have propagated unchecked. Prior to versions 2.11.15 and 2.12.6, NATS clients relying upon the Nats-Request-Info: header could be spoofed. This does not directly affect the nats-server itself, but the CVSS Confidentiality and Integrity scores are based upon what a hypothetical client might choose to do with this NATS header. Versions 2.11.15 and 2.12.6 contain a fix. No known workarounds are available. | ||||