Export limit exceeded: 345211 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345211 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20204 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2026-04-17 | 7.1 High |
| In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the `admin` or `power` Splunk roles could potentially perform a Remote Code Execution (RCE) by uploading a malicious file to the `$SPLUNK_HOME/var/run/splunk/apptemp` directory due to improper handling and insufficient isolation of temporary files within the `apptemp` directory. | ||||
| CVE-2026-2567 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-04-17 | 7.2 High |
| A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub_401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-2439 | 1 Bva | 2 Concierge::sessions, Concierge\ | 2026-04-17 | 9.8 Critical |
| Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The generate_session_id function in Concierge::Sessions::Base defaults to using the uuidgen command to generate a UUID, with a fallback to using Perl's built-in rand function. Neither of these methods are secure, and attackers are able to guess session_ids that can grant them access to systems. Specifically, * There is no warning when uuidgen fails. The software can be quietly using the fallback rand() function with no warnings if the command fails for any reason. * The uuidgen command will generate a time-based UUID if the system does not have a high-quality random number source, because the call does not explicitly specify the --random option. Note that the system time is shared in HTTP responses. * UUIDs are identifiers whose mere possession grants access, as per RFC 9562. * The output of the built-in rand() function is predictable and unsuitable for security applications. | ||||
| CVE-2026-26736 | 1 Totolink | 2 A3002ru-v3, A3002ru Firmware | 2026-04-17 | 8.8 High |
| TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the static_ipv6 parameter in the formIpv6Setup function. | ||||
| CVE-2026-26220 | 1 Modeltc | 1 Lightllm | 2026-04-17 | N/A |
| LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in PD (prefill-decode) disaggregation mode. The PD master node exposes WebSocket endpoints that receive binary frames and pass the data directly to pickle.loads() without authentication or validation. A remote attacker who can reach the PD master can send a crafted payload to achieve arbitrary code execution. | ||||
| CVE-2026-25903 | 1 Apache | 1 Nifi | 2026-04-17 | 6.6 Medium |
| Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required to add the annotated component to the flow configuration, but framework authorization did not check restricted status when updating a component previously added. The missing authorization requires a more privileged user to add a restricted component to the flow configuration, but permits a less privileged user to make property configuration changes. Apache NiFi installations that do not implement different levels of authorization for Restricted components are not subject to this vulnerability because the framework enforces write permissions as the security boundary. Upgrading to Apache NiFi 2.8.0 is the recommended mitigation. | ||||
| CVE-2026-2247 | 1 Clickedu | 1 Saas Platform | 2026-04-17 | N/A |
| SQL injection vulnerability (SQLi) in Clicldeu SaaS, specifically in the generation of reports, which occurs when a previously authenticated remote attacker executes a malicious payload in the URL generated after downloading the student's report card in the ‘Day-to-day’ section from the mobile application. In the URL of the generated PDF, the session token used does not expire, so it remains valid for days after its generation, and unusual characters can be entered after the ‘id_alu’ parameter, resulting in two types of SQLi: boolean-based blind and time-based blind. Exploiting this vulnerability could allow an attacker to access confidential information in the database. | ||||
| CVE-2026-2615 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-04-17 | 7.2 High |
| A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument del_flag can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-25087 | 1 Apache | 1 Arrow | 2026-04-17 | 7 High |
| Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an IPC stream) with pre-buffering enabled, if the IPC file contains data with variadic buffers (such as Binary View and String View data). Depending on the number of variadic buffers in a record batch column and on the temporal sequence of multi-threaded IO, a write to a dangling pointer could occur. The value (a `std::shared_ptr<Buffer>` object) that is written to the dangling pointer is not under direct control of the attacker. Pre-buffering is disabled by default but can be enabled using a specific C++ API call (`RecordBatchFileReader::PreBufferMetadata`). The functionality is not exposed in language bindings (Python, Ruby, C GLib), so these bindings are not vulnerable. The most likely consequence of this issue would be random crashes or memory corruption when reading specific kinds of IPC files. If the application allows ingesting IPC files from untrusted sources, this could plausibly be exploited for denial of service. Inducing more targeted kinds of misbehavior (such as confidential data extraction from the running process) depends on memory allocation and multi-threaded IO temporal patterns that are unlikely to be easily controlled by an attacker. Advice for users of Arrow C++: 1. check whether you enable pre-buffering on the IPC file reader (using `RecordBatchFileReader::PreBufferMetadata`) 2. if so, either disable pre-buffering (which may have adverse performance consequences), or switch to Arrow 23.0.1 which is not vulnerable | ||||
| CVE-2026-23861 | 1 Dell | 1 Unisphere For Powermax | 2026-04-17 | 5.4 Medium |
| Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery. | ||||
| CVE-2026-2616 | 1 Beetel | 2 777vr1, 777vr1 Firmware | 2026-04-17 | 8.8 High |
| A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials. The attack needs to be initiated within the local network. The exploit has been disclosed to the public and may be used. It is advisable to modify the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-23648 | 1 Glory Global Solutions | 1 Rbg-100 | 2026-04-17 | 7.8 High |
| Glory RBG-100 recycler systems using the ISPK-08 software component contain multiple system binaries with overly permissive file permissions. Several binaries executed by the root user are writable and executable by unprivileged local users. An attacker with local access can replace or modify these binaries to execute arbitrary commands with root privileges, enabling local privilege escalation. | ||||
| CVE-2026-2618 | 1 Beetel | 2 777vr1, 777vr1 Firmware | 2026-04-17 | 3.7 Low |
| A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The exploitability is said to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-22769 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2026-04-17 | 10 Critical |
| Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | ||||
| CVE-2026-22284 | 1 Dell | 2 Smartfabric Os10, Smartfabric Os10 Software | 2026-04-17 | 6.6 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2026-22762 | 1 Dell | 3 Avamar Server, Avamar Virtual Edition, Powerprotect Dp Series Appliance (idpa) | 2026-04-17 | 6.5 Medium |
| Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete. | ||||
| CVE-2026-2621 | 1 Sciyon | 1 Koyuan Thermoelectricity Heat Network Management System | 2026-04-17 | 7.3 High |
| A security vulnerability has been detected in Sciyon Koyuan Thermoelectricity Heat Network Management System 3.0. This affects an unknown part of the file /SISReport/WebReport20/Proxy/AsyncTreeProxy.aspx. The manipulation of the argument PGUID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-2622 | 2 Blossom, Wangyunf | 2 Blossom, Blossom | 2026-04-17 | 3.5 Low |
| A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-23595 | 1 Hpe | 1 Aruba Networking Private 5g Core | 2026-04-17 | 8.8 High |
| An authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation could allow an attacker to gain administrative access, modify system configurations, and access or manipulate sensitive data. | ||||
| CVE-2026-23596 | 1 Hpe | 1 Aruba Networking Private 5g Core | 2026-04-17 | 6.5 Medium |
| A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability. | ||||