Export limit exceeded: 42449 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42449 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-53913 | 1 Rukovoditel | 1 Rukovoditel | 2026-03-05 | 8.8 High |
| Rukovoditel 3.3.1 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into the firstname field. Attackers can craft payloads like =calc|a!z| to trigger code execution when an admin exports customer data as a CSV file. | ||||
| CVE-2023-53905 | 1 Projectsend | 1 Projectsend | 2026-03-05 | 8 High |
| ProjectSend r1605 contains a CSV injection vulnerability that allows authenticated users to inject malicious formulas into user profile names. Attackers can craft payloads like =calc|a!z| in the name field to trigger code execution when administrators export action logs as CSV files. | ||||
| CVE-2023-53886 | 1 Xlightftpd | 1 Xlight Ftp Server | 2026-03-05 | 7.5 High |
| Xlight FTP Server 3.9.3.6 contains a stack buffer overflow vulnerability in the 'Execute Program' configuration that allows attackers to crash the application. Attackers can trigger the vulnerability by inserting 294 characters into the program execution configuration, causing a denial of service condition. | ||||
| CVE-2023-53874 | 1 Gomlab | 1 Gom Player | 2026-03-05 | 9.8 Critical |
| GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalizer preset name input field that allows attackers to crash the application. Attackers can overwrite the preset name with 260 'A' characters to trigger a buffer overflow and cause application instability. | ||||
| CVE-2022-50687 | 1 Cobiansoft | 2 Backup 11, Cobian Backup | 2026-03-05 | 5.5 Medium |
| Cobian Backup 11 Gravity 11.2.0.582 contains a denial of service vulnerability in the FTP password input field that allows attackers to crash the application. Attackers can generate a specially crafted 800-byte buffer and paste it into the password field to trigger an application crash. | ||||
| CVE-2012-10043 | 1 Actfax | 1 Actfax | 2026-03-05 | N/A |
| A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy() during CSV parsing. An attacker can exploit this vulnerability by crafting a malicious .exp file and importing it using the default character set "ECMA-94 / Latin 1 (ISO 8859)". Successful exploitation may result in arbitrary code execution, leading to full system compromise. User interaction is required to trigger the vulnerability. | ||||
| CVE-2026-3386 | 2 Wren, Wren-lang | 2 Wren, Wren | 2026-03-05 | 3.3 Low |
| A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren_compiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-3390 | 2 Fascinatedbox, Lily-lang | 2 Lily, Lily | 2026-03-05 | 3.3 Low |
| A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-3394 | 2 Jarikomppa, Solhsa | 2 Soloud, Soloud | 2026-03-05 | 3.3 Low |
| A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud_wav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local position. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-27512 | 1 Tenda | 2 F3, F3 Firmware | 2026-03-05 | 6.1 Medium |
| Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a content-type confusion vulnerability in the administrative interface. Responses omit the X-Content-Type-Options: nosniff header and include attacker-influenced content that can be reflected into the response body. Under affected browser behaviors, MIME sniffing may cause the response to be interpreted as active HTML, enabling script execution in the context of the administrative interface. | ||||
| CVE-2026-27511 | 1 Tenda | 2 F3, F3 Firmware | 2026-03-05 | 4.3 Medium |
| Shenzhen Tenda F3 Wireless Router firmware V12.01.01.55_multi contains a clickjacking vulnerability in the web-based administrative interface. The interface does not set the X-Frame-Options header, allowing attacker-controlled sites to embed administrative pages in an iframe and trick an authenticated administrator into unintended interactions that may result in unauthorized configuration changes. | ||||
| CVE-2026-26341 | 2 Iptime, Tattile | 25 Smart Firmware, Anpr Mobile, Anpr Mobile Firmware and 22 more | 2026-03-05 | 9.8 Critical |
| Tattile Smart+, Vega, and Basic device families firmware versions 1.181.5 and prior ship with default credentials that are not forced to be changed during installation or commissioning. An attacker who can reach the management interface can authenticate using the default credentials and gain administrative access, enabling unauthorized access to device configuration and data. | ||||
| CVE-2026-25068 | 1 Alsa-project | 1 Alsa-lib | 2026-03-05 | 4.3 Medium |
| alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash. | ||||
| CVE-2026-24439 | 1 Tenda | 2 W30e, W30e Firmware | 2026-03-05 | 6.5 Medium |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) fail to include the X-Content-Type-Options: nosniff response header on web management interfaces. As a result, browsers that perform MIME sniffing may incorrectly interpret attacker-influenced responses as executable script. | ||||
| CVE-2026-24429 | 1 Tenda | 2 W30e, W30e Firmware | 2026-03-05 | 9.8 Critical |
| Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.19(5037) ship with a predefined default password for a built-in authentication account that is not required to be changed during initial configuration. An attacker can leverage these default credentials to gain authenticated access to the management interface. | ||||
| CVE-2026-22190 | 2 Cmu, Panda3d | 2 Panda3d, Panda3d | 2026-03-05 | 7.5 High |
| Panda3D versions up to and including 1.10.16 egg-mkfont contains an uncontrolled format string vulnerability. The -gp (glyph pattern) command-line option is used directly as the format string for sprintf() with only a single argument supplied. If an attacker provides additional format specifiers, egg-mkfont may read unintended stack values and write the formatted output into generated .egg and .png files, resulting in disclosure of stack-resident memory and pointer values. | ||||
| CVE-2026-22189 | 2 Cmu, Panda3d | 2 Panda3d, Panda3d | 2026-03-05 | 9.8 Critical |
| Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern (-gp) into a fixed-size stack buffer without length validation. Supplying an excessively long glyph pattern string can overflow the stack buffer, resulting in memory corruption and a deterministic crash. Depending on build configuration and execution environment, the overflow may also be exploitable for arbitrary code execution. | ||||
| CVE-2026-22185 | 1 Openldap | 1 Openldap | 2026-03-05 | 6.8 Medium |
| OpenLDAP Lightning Memory-Mapped Database (LMDB) versions up to and including 0.9.14, prior to commit 8e1fda8, contain a heap buffer underflow in the readline() function of mdb_load. When processing malformed input containing an embedded NUL byte, an unsigned offset calculation can underflow and cause an out-of-bounds read of one byte before the allocated heap buffer. This can cause mdb_load to crash, leading to a limited denial-of-service condition. | ||||
| CVE-2026-0621 | 2 Anthropic, Lfprojects | 2 Mcp Typescript Sdk, Mcp Typescript Sdk | 2026-03-05 | 7.5 High |
| Anthropic's MCP TypeScript SDK versions up to and including 1.25.1 contain a regular expression denial of service (ReDoS) vulnerability in the UriTemplate class when processing RFC 6570 exploded array patterns. The dynamically generated regular expression used during URI matching contains nested quantifiers that can trigger catastrophic backtracking on specially crafted inputs, resulting in excessive CPU consumption. An attacker can exploit this by supplying a malicious URI that causes the Node.js process to become unresponsive, leading to a denial of service. | ||||
| CVE-2024-58340 | 2 Langchain, Langchain-ai | 3 Langchain, Langchain Core, Langchain | 2026-03-05 | 7.5 High |
| LangChain versions up to and including 0.3.1 contain a regular expression denial-of-service (ReDoS) vulnerability in the MRKLOutputParser.parse() method (libs/langchain/langchain/agents/mrkl/output_parser.py). The parser applies a backtracking-prone regular expression when extracting tool actions from model output. An attacker who can supply or influence the parsed text (for example via prompt injection in downstream applications that pass LLM output directly into MRKLOutputParser.parse()) can trigger excessive CPU consumption by providing a crafted payload, causing significant parsing delays and a denial-of-service condition. | ||||