Export limit exceeded: 352931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 352931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 81460 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81460 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-6476 | 1 Postgresql | 1 Postgresql | 2026-05-18 | 7.2 High |
| SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when pg_createsubscriber next runs. Within major versions 17 and 18, minor versions before PostgreSQL 18.4 and 17.10 are affected. Versions before PostgreSQL 17 are unaffected. | ||||
| CVE-2026-6475 | 1 Postgresql | 1 Postgresql | 2026-05-18 | 8.8 High |
| Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the origin superuser, due to features like shared_preload_libraries. Hence, the attack has practical implications only if one takes relevant action between these commands and server start, like moving the files to a different VM or snapshotting the VM. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected. | ||||
| CVE-2026-46474 | 1 Teodesian | 1 Trog::totp | 2026-05-18 | 7.5 High |
| Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage. | ||||
| CVE-2026-6473 | 1 Postgresql | 1 Postgresql | 2026-05-18 | 8.8 High |
| Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user inputs to the relevant database functions, the application input provider may achieve a segmentation fault. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected. | ||||
| CVE-2026-42339 | 2 Newapi, Quantumnous | 2 New Api, New-api | 2026-05-18 | 7.1 High |
| New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-59146) and hardened in v0.9.6 (CVE-2025-62155) does not block the unspecified address 0.0.0.0. A regular (non-admin) user holding any valid API token can send a multimodal request to /v1/chat/completions, /v1/responses, or /v1/messages with 0.0.0.0 as the image/file URL host, bypassing the private-IP filter and causing the server to issue HTTP requests to localhost. This constitutes at minimum a blind SSRF; when the request is routed through an AWS/Bedrock Claude adaptor, the fetched content is inlined into the model response, upgrading it to a full-read SSRF. At time of publication, there are no publicly available patches. | ||||
| CVE-2018-25329 | 2 Wordpress, Wp-with-spritz | 2 Wordpress, Wp With Spritz | 2026-05-18 | 7.5 High |
| WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file paths into the url parameter. Attackers can send GET requests to wp.spritz.content.filter.php with malicious url values to access sensitive files like system configuration and credentials. | ||||
| CVE-2022-45090 | 1 Gruparge | 1 Smartpower Web | 2026-05-18 | 8.8 High |
| Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01. | ||||
| CVE-2022-45089 | 1 Gruparge | 1 Smartpower Web | 2026-05-18 | 8.8 High |
| Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01. | ||||
| CVE-2026-8757 | 1 Adenhq | 1 Hive | 2026-05-18 | 7.3 High |
| A vulnerability was found in adenhq hive up to 0.11.0. This affects the function _read_events_tail of the file core/framework/server/routes_sessions.py of the component Delete Request Handler. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-42556 | 2 Gitroom, Gitroomhq | 2 Postiz, Postiz-app | 2026-05-18 | 8.9 High |
| Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their own save request and send the public preview link /p/<postId>?share=true to another user. The preview page renders that stored HTML with dangerouslySetInnerHTML on the main application origin. This issue has been patched in version 2.21.7. | ||||
| CVE-2018-25323 | 1 Alloksoft | 2 Allok Avi Divx Mpeg To Dvd Converter, Wmv To Avi Mpeg Dvd Wmv Convertor | 2026-05-18 | 8.4 High |
| Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH chain overwrite values, then paste the contents into the License Name field to trigger code execution. | ||||
| CVE-2026-42186 | 1 Openbao | 1 Openbao | 2026-05-18 | 7.5 High |
| OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving unrelated storage entries around. This vulnerability is fixed in 2.5.3. | ||||
| CVE-2025-23368 | 1 Redhat | 10 Build Keycloak, Data Grid, Integration and 7 more | 2026-05-18 | 8.1 High |
| A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. | ||||
| CVE-2026-42577 | 1 Netty | 1 Netty | 2026-05-18 | 7.5 High |
| Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100% CPU busy-loop in the event loop thread. This vulnerability is fixed in 4.2.13.Final. | ||||
| CVE-2026-43330 | 1 Linux | 1 Linux Kernel | 2026-05-18 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix overflow on long hmac keys When a key longer than block size is supplied, it is copied and then hashed into the real key. The memory allocated for the copy needs to be rounded to DMA cache alignment, as otherwise the hashed key may corrupt neighbouring memory. The copying is performed using kmemdup, however this leads to an overflow: reading more bytes (aligned_len - keylen) from the keylen source buffer. Fix this by replacing kmemdup with kmalloc, followed by memcpy. | ||||
| CVE-2021-47974 | 2 Vxsearch, Webberzone | 2 Vx Search, Better Search | 2026-05-18 | 7.8 High |
| VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart. | ||||
| CVE-2021-47980 | 2 Getfuelcms, Thedaylightstudio | 2 Fuel Cms, Fuel Cms | 2026-05-18 | 7.1 High |
| Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log interface. Attackers can send requests to the logs endpoint with malicious SQL payloads in the 'col' parameter to extract database information based on response time delays. | ||||
| CVE-2026-3220 | 4 Autoptimize, Clearfy Cache, Speed Optimizer and 1 more | 4 Autoptimize, Clearfy Cache, Speed Optimizer and 1 more | 2026-05-18 | 8.8 High |
| The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting (XSS) due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the final HTML output by anticipating the placeholder format. | ||||
| CVE-2026-8657 | 1 Benjamine | 1 Jsondiffpatch | 2026-05-18 | 8.2 High |
| Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform prototype pollution by supplying crafted delta or JSON Patch documents, as attacker-controlled property names and path segments are used to traverse and modify objects without restricting access to special properties like __proto__ or constructor.prototype, allowing modification of Object.prototype. | ||||
| CVE-2026-6379 | 2 Wordpress, Wp Photo Album Plus Project | 2 Wordpress, Wp Photo Album Plus | 2026-05-18 | 8.6 High |
| The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks. | ||||