Export limit exceeded: 335648 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335648 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20033 | 1 Cisco | 1 Cisco Nx-os System Software In Aci Mode | 2026-02-27 | 7.4 High |
| A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected. | ||||
| CVE-2026-1696 | 1 Arcinfo | 1 Pcvue | 2026-02-27 | N/A |
| Some HTTP security headers are not properly set by the web server when sending responses to the client application. | ||||
| CVE-2026-1693 | 1 Arcinfo | 1 Pcvue | 2026-02-27 | N/A |
| The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials. | ||||
| CVE-2026-1694 | 1 Arcinfo | 1 Pcvue | 2026-02-27 | N/A |
| HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information about the server configuration. | ||||
| CVE-2026-1698 | 1 Arcinfo | 1 Pcvue | 2026-02-27 | N/A |
| A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that manipulate server-side behavior. This vulnerability only affects the endpoints /Authentication/ExternalLogin, /Authentication/AuthorizationCodeCallback and /Authentication/Logout of the WebClient and WebScheduler web apps. | ||||
| CVE-2026-1779 | 2 Wordpress, Wpeverest | 2 Wordpress, User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder | 2026-02-27 | 8.1 High |
| The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member' function. This makes it possible for unauthenticated attackers to log in a newly registered user on the site who has the 'urm_user_just_created' user meta set. | ||||
| CVE-2026-20129 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-02-27 | 9.8 Critical |
| A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. | ||||
| CVE-2026-2029 | 2 Livemesh, Wordpress | 2 Livemesh Addons For Beaver Builder, Wordpress | 2026-02-27 | 6.4 Medium |
| The Livemesh Addons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `[labb_pricing_item]` shortcode's `title` and `value` attributes in all versions up to, and including, 3.9.2 due to insufficient input sanitization and output escaping. Specifically, the plugin uses `htmlspecialchars_decode()` after `wp_kses_post()`, which decodes HTML entities back into executable code after sanitization has occurred. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-23703 | 1 Digital Arts | 2 Finalcode Ver.5 Series, Finalcode Ver.6 Series | 2026-02-27 | N/A |
| The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege. | ||||
| CVE-2026-27945 | 1 Zitadel | 1 Zitadel | 2026-02-27 | N/A |
| ZITADEL is an open source identity management platform. Zitadel Action V2 (introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0) is a webhook based approach to allow developers act on API request to Zitadel and customize flows such the issue of a token. Zitadel's Action target URLs can point to local hosts, potentially allowing adversaries to gather internal network information and connect to internal services. When the URL points to a local host / IP address, an adversary might gather information about the internal network structure, the services exposed on internal hosts etc. This is sometimes called a Server-Side Request Forgery (SSRF). Zitadel Actions expect responses according to specific schemas, which reduces the threat vector. The patch in version 4.11.1 resolves the issue by checking the target URL against a denylist. By default localhost, resp. loopback IPs are denied. Note that this fix was only released on v4.x. Due to the stage (preview / beta) in which the functionality was in v2.x and v3.x, the changes that have been applied to it since then and the severity, respectively the actual thread vector, a backport to the corresponding versions was not feasible. Please check the workaround section for alternative solutions if an upgrade to v4.x is not possible. If an upgrade is not possible, prevent actions from using unintended endpoints by setting network policies or firewall rules in one's own infrastructure. Note that this is outside of the functionality provided by Zitadel. | ||||
| CVE-2026-28132 | 2 Villatheme, Wordpress | 2 Woocommerce Photo Reviews, Wordpress | 2026-02-27 | 5.3 Medium |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4. | ||||
| CVE-2026-22728 | 1 Bitnami | 1 Sealed-secrets | 2026-02-27 | 4.9 Medium |
| Bitnami Sealed Secrets is vulnerable to a scope-widening attack during the secret rotation (/v1/rotate) flow. The rotation handler derives the sealing scope for the newly encrypted output from untrusted spec.template.metadata.annotations present in the input SealedSecret. By submitting a victim SealedSecret to the rotate endpoint with the annotation sealedsecrets.bitnami.com/cluster-wide=true injected into the template metadata, a remote attacker can obtain a rotated version of the secret that is cluster-wide. This bypasses original "strict" or "namespace-wide" constraints, allowing the attacker to retarget and unseal the secret in any namespace or under any name to recover the plaintext credentials. | ||||
| CVE-2026-27946 | 1 Zitadel | 1 Zitadel | 2026-02-27 | N/A |
| ZITADEL is an open source identity management platform. Prior to versions 4.11.1 and 3.4.7, a vulnerability in Zitadel's self-management capability allowed users to mark their email and phone as verified without going through an actual verification process. The patch in versions 4.11.1 and 3.4.7 resolves the issue by requiring the correct permission in case the verification flag is provided and only allows self-management of the email address and/or phone number itself. If an upgrade is not possible, an action (v2) could be used to prevent setting the verification flag on the own user. | ||||
| CVE-2025-1242 | 1 Gardyn | 3 Home Kit, Home Kit Cloud Api, Home Kit Mobile Application | 2026-02-27 | 9.1 Critical |
| The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicious control. | ||||
| CVE-2026-20010 | 1 Cisco | 3 Nx-os Software, Nx-os System Software In Aci Mode, Unified Computing System Manager | 2026-02-27 | 7.4 High |
| A vulnerability in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol). | ||||
| CVE-2026-20036 | 1 Cisco | 1 Unified Computing System Manager | 2026-02-27 | 6.5 Medium |
| A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation of command arguments that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device with root-level privileges. | ||||
| CVE-2026-20048 | 1 Cisco | 1 Cisco Nx-os System Software In Aci Mode | 2026-02-27 | 7.7 High |
| A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper processing when parsing SNMP requests. An attacker could exploit this vulnerability by continuously sending SNMP queries to a specific MIB of an affected device. A successful exploit could allow the attacker to cause a kernel panic on the device, resulting in a reload and a DoS condition. Note: This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv1 or SNMPv2c, the attacker must have a valid read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system. | ||||
| CVE-2026-20091 | 1 Cisco | 3 Cisco:adaptive Security Appliance Software, Firepower Extensible Operating System, Unified Computing System Manager | 2026-02-27 | 4.8 Medium |
| A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid credentials for a user account with the role of Administrator or AAA Administrator. | ||||
| CVE-2026-20099 | 1 Cisco | 3 Cisco:adaptive Security Appliance Software, Firepower Extensible Operating System, Unified Computing System Manager | 2026-02-27 | 6.7 Medium |
| A vulnerability in the web-based management interface of Cisco FXOS Software and Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges. | ||||
| CVE-2026-22721 | 1 Vmware | 4 Aria Operations, Cloud Foundation, Telco Cloud Infrastructure and 1 more | 2026-02-27 | 6.2 Medium |
| VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 . | ||||