Export limit exceeded: 343539 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343539 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343539 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5468 | 1 Casbin | 1 Casdoor | 2026-04-09 | 3.5 Low |
| A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-5469 | 1 Casbin | 1 Casdoor | 2026-04-09 | 4.7 Medium |
| A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-25044 | 1 Budibase | 1 Budibase | 2026-04-09 | 8.8 High |
| Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User input is processed through processStringSync which allows template interpolation, potentially allowing arbitrary command execution. This issue has been patched in version 3.33.4. | ||||
| CVE-2026-31818 | 1 Budibase | 1 Budibase | 2026-04-09 | 9.6 Critical |
| Budibase is an open-source low-code platform. Prior to version 3.33.4, a server-side request forgery (SSRF) vulnerability exists in Budibase's REST datasource connector. The platform's SSRF protection mechanism (IP blacklist) is rendered completely ineffective because the BLACKLIST_IPS environment variable is not set by default in any of the official deployment configurations. When this variable is empty, the blacklist function unconditionally returns false, allowing all requests through without restriction. This issue has been patched in version 3.33.4. | ||||
| CVE-2026-35214 | 1 Budibase | 1 Budibase | 2026-04-09 | 8.7 High |
| Budibase is an open-source low-code platform. Prior to version 3.33.4, the plugin file upload endpoint (POST /api/plugin/upload) passes the user-supplied filename directly to createTempFolder() without sanitizing path traversal sequences. An attacker with Global Builder privileges can craft a multipart upload with a filename containing ../ to delete arbitrary directories via rmSync and write arbitrary files via tarball extraction to any filesystem path the Node.js process can access. This issue has been patched in version 3.33.4. | ||||
| CVE-2026-35216 | 1 Budibase | 1 Budibase | 2026-04-09 | 9.1 Critical |
| Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Execution (RCE) on the Budibase server by triggering an automation that contains a Bash step via the public webhook endpoint. No authentication is required to trigger the exploit. The process executes as root inside the container. This issue has been patched in version 3.33.4. | ||||
| CVE-2026-35218 | 1 Budibase | 1 Budibase | 2026-04-09 | 8.7 High |
| Budibase is an open-source low-code platform. Prior to version 3.32.5, Budibase's Builder Command Palette renders entity names (tables, views, queries, automations) using Svelte's {@html} directive without any sanitization. An authenticated user with Builder access can create a table, automation, view, or query whose name contains an HTML payload (e.g. <img src=x onerror=alert(document.domain)>). When any Builder-role user in the same workspace opens the Command Palette (Ctrl+K), the payload executes in their browser, stealing their session cookie and enabling full account takeover. This issue has been patched in version 3.32.5. | ||||
| CVE-2026-31059 | 1 Utt | 3 520w, 520w Firmware, Hiper 520w | 2026-04-09 | 9.8 Critical |
| A remote command execution (RCE) vulnerability in the /goform/formDia component of UTT Aggressive HiPER 520W v3v1.7.7-180627 allows attackers to execute arbitrary commands via a crafted string. | ||||
| CVE-2026-31151 | 1 Kaleris | 1 Yms | 2026-04-09 | 9.8 Critical |
| An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resources. | ||||
| CVE-2026-30613 | 1 Aziot | 1 Node Smart Switch | 2026-04-09 | 4.6 Medium |
| An information disclosure vulnerability exists in AZIOT 1 Node Smart Switch (16amp)- WiFi/Bluetooth Enabled Software Version: 1.1.9 due to improper access control on the UART debug interface. An attacker with physical access can connect to the UART interface and obtain sensitive information from the serial console without authentication. | ||||
| CVE-2025-54601 | 1 Samsung | 23 Exynos, Exynos 1080, Exynos 1080 Firmware and 20 more | 2026-04-09 | 7 High |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Improper synchronization on a global variable leads to a double free. An attacker can trigger a race condition by invoking an ioctl function concurrently from multiple threads. | ||||
| CVE-2025-57835 | 1 Samsung | 41 Exynos, Exynos 1080, Exynos 1080 Firmware and 38 more | 2026-04-09 | 7.5 High |
| An issue was discovered in RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper memory initialization results in an illegal memory access, causing a system crash via a malformed RRCReconfiguration message. | ||||
| CVE-2025-58349 | 1 Samsung | 41 Exynos, Exynos 1080, Exynos 1080 Firmware and 38 more | 2026-04-09 | 9.1 Critical |
| An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Incorrect handling of LTE MAC packets containing many MAC Control Elements (CEs) leads to baseband crashes. | ||||
| CVE-2025-59440 | 1 Samsung | 41 Exynos, Exynos 1080, Exynos 1080 Firmware and 38 more | 2026-04-09 | 7.5 High |
| An issue was discovered in USIM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Improper handling of SIM card proactive commands leads to a Denial of Service. | ||||
| CVE-2025-47374 | 1 Qualcomm | 61 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 58 more | 2026-04-09 | 6.5 Medium |
| Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling. | ||||
| CVE-2025-47389 | 1 Qualcomm | 363 Ar8035, Ar8035 Firmware, Cologne and 360 more | 2026-04-09 | 7.8 High |
| Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. | ||||
| CVE-2025-47390 | 1 Qualcomm | 59 Cologne, Cologne Firmware, Fastconnect 6700 and 56 more | 2026-04-09 | 7.8 High |
| Memory corruption while preprocessing IOCTL request in JPEG driver. | ||||
| CVE-2025-47391 | 1 Qualcomm | 203 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 200 more | 2026-04-09 | 7.8 High |
| Memory corruption while processing a frame request from user. | ||||
| CVE-2025-47392 | 1 Qualcomm | 309 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Ar8035 and 306 more | 2026-04-09 | 8.8 High |
| Memory corruption when decoding corrupted satellite data files with invalid signature offsets. | ||||
| CVE-2025-47400 | 1 Qualcomm | 23 Pandeiro, Pandeiro Firmware, Snapdragon and 20 more | 2026-04-09 | 7.1 High |
| Cryptographic issue while copying data to a destination buffer without validating its size. | ||||