Export limit exceeded: 353474 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (353474 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-48898 | 1 Joomla | 2 Joomla!, Joomla\! | 2026-05-27 | 9.8 Critical |
| An improper access check allows privilege escalation through the com_users batch task. | ||||
| CVE-2026-48904 | 1 Joomla | 2 Joomla!, Joomla\! | 2026-05-27 | 9.8 Critical |
| An improper access check allows privelege escalation through the com_users group editing webservice endpoint. | ||||
| CVE-2026-35223 | 1 Joomla | 1 Joomla! | 2026-05-27 | N/A |
| An improper access check allows unauthorized access to com_config webservice endpoints. | ||||
| CVE-2026-48902 | 1 Joomla | 1 Joomla! | 2026-05-27 | N/A |
| The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set. | ||||
| CVE-2026-48900 | 1 Joomla | 2 Joomla!, Joomla\! | 2026-05-27 | 4.3 Medium |
| An improper access check allowed low privileged users to edit the task types of existing scheduler tasks. | ||||
| CVE-2026-48899 | 1 Joomla | 2 Joomla!, Joomla\! | 2026-05-27 | 9.8 Critical |
| An improper access check allows privilege escalation through the com_users batch task. | ||||
| CVE-2026-48126 | 1 Xyproto | 1 Algernon | 2026-05-27 | 8.2 High |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain (or --letsencrypt, which silently turns on --domain at engine/flags.go:372), the request handler resolves the served directory by joining the configured --dir with the value of the client-supplied Host header. The join is performed by filepath.Join with no validation, so a Host: .. header walks one level above the document root. Subsequent file resolution then exposes everything in that parent directory — arbitrary file read, full directory listing, and, if any .lua file is present, server-side Lua execution. This vulnerability is fixed in 1.17.8. | ||||
| CVE-2026-48897 | 1 Joomla | 1 Joomla! | 2026-05-27 | N/A |
| Insufficient state checks lead to a vector that allows to bypass 2FA checks. | ||||
| CVE-2026-48905 | 1 Joomla | 2 Joomla! Framework Filter Package, Joomla\! | 2026-05-27 | 6.1 Medium |
| Lack of input filtering leads to an XSS vector in the HTML filter code. | ||||
| CVE-2026-40384 | 1 Joomla | 1 Joomla! | 2026-05-27 | N/A |
| An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. | ||||
| CVE-2018-25372 | 1 Meddream | 1 Pacs Premium | 2026-05-27 | 8.2 High |
| MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email parameter. Attackers can submit crafted POST requests to the userSignup.php endpoint with SQL payloads in the email field to extract sensitive database information from the backend MySQL database. | ||||
| CVE-2018-25377 | 1 Socusoft | 1 Flash Slideshow Maker | 2026-05-27 | 8.4 High |
| Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog to trigger a reverse shell with system privileges. | ||||
| CVE-2026-24937 | 2 Videowhisper, Wordpress | 2 Broadcast Live Video, Wordpress | 2026-05-27 | 7.2 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3. | ||||
| CVE-2026-42776 | 2 Sunshinephotocart, Wordpress | 2 Sunshine Photo Cart, Wordpress | 2026-05-27 | 6.3 Medium |
| Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sunshine Photo Cart: from n/a through 3.6.7. | ||||
| CVE-2026-9520 | 2 Blitz-js, Blitzjs | 2 Blitz, Blitz | 2026-05-27 | 4.3 Medium |
| A weakness has been identified in blitz-js blitz up to 3.0.2 on GitHub. This impacts an unknown function of the file packages/generator/templates/app/src/app/auth/components/LoginForm.tsx of the component Sign-in. This manipulation of the argument Next causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4795 | 1 Zyxel | 4 Gs1200-5 Firmware, Gs1200-5hp Firmware, Gs1200-8 Firmware and 1 more | 2026-05-27 | 6.5 Medium |
| A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00(ACPS.2)C0, GS1200-8v3 firmware versions through 1.00(ACPT.2)C0, GS1200-5HPv3 firmware versions through 1.00(ACPU.2)C0, GS1200-8HPv3 firmware versions through 1.00(ACPV.2)C0, and GS1200-10v3 firmware versions through 1.00(ACPW.2)C0 could allow a LAN-based, unauthenticated attacker to read the system configuration from a log file via a crafted HTTP request. | ||||
| CVE-2026-25713 | 1 Mediaarea | 1 Mediainfo | 2026-05-27 | 7.8 High |
| MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability | ||||
| CVE-2026-25104 | 1 Mediaarea | 1 Mediainfo | 2026-05-27 | 7.8 High |
| MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability | ||||
| CVE-2026-8479 | 1 Hitachienergy | 1 Rtu500 Firmware | 2026-05-27 | N/A |
| IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode (BCI) is configured. | ||||
| CVE-2026-7374 | 1 Redhat | 2 Container Native Virtualization, Openshift Virtualization | 2026-05-27 | 9.9 Critical |
| A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connection. This enables the attacker to access any Unix socket on the host, potentially leading to full control of the node and the entire cluster. | ||||