Export limit exceeded: 335517 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335517 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28268 | 1 Go-vikunja | 1 Vikunja | 2026-03-02 | 9.8 Critical |
| Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upon use and a critical logic bug in the token cleanup cron job, reset tokens remain valid forever. This allows an attacker who intercepts a single reset token (via logs, browser history, or phishing) to perform a complete, persistent account takeover at any point in the future, bypassing standard authentication controls. Version 2.1.0 contains a patch for the issue. | ||||
| CVE-2026-28270 | 1 Kiteworks | 1 Security-advisories | 2026-03-02 | 4.9 Medium |
| Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch for the issue. | ||||
| CVE-2026-28354 | 1 Macwarrior | 1 Clipbucket-v5 | 2026-03-02 | N/A |
| ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 #59, collection item operations are vulnerable to authorization flaws, allowing a normal authenticated user to modify another user’s collection items. This affects both add item (/actions/add_to_collection.php) due to missing authorization checks and delete item (/manage_collections.php?mode=manage_items...) due to a broken ownership check in removeItemFromCollection(). As a result, attackers can insert and remove items from collections they do not own. Version 5.5.3 #59 fixes the issue. | ||||
| CVE-2026-28271 | 1 Kiteworks | 1 Security-advisories | 2026-03-02 | 6.5 Medium |
| Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration functionality allows bypassing of SSRF protections through DNS rebinding attacks. Malicious administrators could exploit this to access internal services that should be restricted. Version 9.2.0 contains a patch for the issue. | ||||
| CVE-2026-28272 | 1 Kiteworks | 1 Security-advisories | 2026-03-02 | 8.1 High |
| Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface. Version 9.2.0 contains a patch for the issue. | ||||
| CVE-2026-28288 | 1 Langgenius | 1 Dify | 2026-03-02 | N/A |
| Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify API to existing and non-existent accounts differ, allowing an attacker to enumerate email addresses registered with Dify. Version 1.9.0 fixes the issue. | ||||
| CVE-2026-28355 | 1 Thinkst | 1 Canarytokens | 2026-03-02 | N/A |
| Canarytokens help track activity and actions on a network. Versions prior to `sha-7ff0e12` have a Self Cross-Site Scripting vulnerability in the "PWA" Canarytoken, whereby the Canarytoken's creator can attack themselves or someone they share the link with. The creator of a PWA Canarytoken can insert Javascript into the title field of their PWA token. When the creator later browses the installation page for their own Canarytoken, the Javascript executes. This is a self-XSS. An attacker could create a Canarytoken with this self-XSS, and send the install link to a victim. When they click on it, the Javascript would execute. However, no sensitive information (ex. session information) will be disclosed to the malicious actor. This issue is now patched on Canarytokens.org. Users of self-hosted Canarytokens installations can update by pulling the latest Docker image, or any Docker image after sha-7ff0e12. | ||||
| CVE-2026-2844 | 1 Microchip | 1 Timepictra | 2026-03-02 | N/A |
| Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Manipulation.This issue affects TimePictra: from 11.0 through 11.3 SP2. | ||||
| CVE-2026-28555 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 4.3 Medium |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to close or reopen any forum topic via the wpforo_close_ajax handler. Attackers submit a valid nonce with an arbitrary topic ID to bypass the moderator permission requirement and disrupt forum discussions. | ||||
| CVE-2026-28556 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 5.4 Medium |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to move, merge, or split any forum topic via the topic_move, topic_merge, and topic_split form action handlers. Attackers with a valid form nonce can reorganize arbitrary forum content without moderator permissions, including relocating topics to private forums. | ||||
| CVE-2026-28557 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 6.5 Medium |
| wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers access the usergroups admin page, accessible to any authenticated user, to obtain a nonce, then remap all wpForo usergroups to arbitrary WordPress roles. | ||||
| CVE-2026-28558 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 6.4 Medium |
| wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload SVG files as profile avatars through the avatar upload functionality. Attackers upload a crafted SVG containing CSS injection or JavaScript event handlers that execute in the browsers of any user who views the attacker's profile page. | ||||
| CVE-2026-28559 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 5.3 Medium |
| wpForo Forum 2.4.14 contains an information disclosure vulnerability that allows unauthenticated users to retrieve private and unapproved forum topics via the global RSS feed endpoint. Attackers request the RSS feed without a forum ID parameter, bypassing the privacy and status WHERE clauses that are only applied when a specific forum ID is present in the query. | ||||
| CVE-2026-28560 | 2 Gvectors, Wordpress | 2 Wpforo Forum, Wordpress | 2026-03-02 | 5.5 Medium |
| wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows script injection via forum URL data output into an inline script block using json_encode without the JSON_HEX_TAG flag. Attackers set a forum slug containing a closing script tag or unescaped single quote to break out of the JavaScript string context and execute arbitrary script in all visitors' browsers. | ||||
| CVE-2026-2880 | 1 Fastify | 1 Middie | 2026-03-02 | N/A |
| A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-scoped middleware (for example, app.use('/secret', auth)). When Fastify router normalization options are enabled (such as ignoreDuplicateSlashes, useSemicolonDelimiter, and related trailing-slash behavior), crafted request paths may bypass middleware checks while still being routed to protected handlers. | ||||
| CVE-2026-3010 | 1 Microchip | 1 Timepictra | 2026-03-02 | N/A |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2. | ||||
| CVE-2026-3223 | 1 Google | 1 Web Designer | 2026-03-02 | N/A |
| Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google Web Designer. | ||||
| CVE-2026-3255 | 1 Tokuhirom | 1 Http::session2 | 2026-03-02 | N/A |
| HTTP::Session2 versions before 1.12 for Perl for Perl may generate weak session ids using the rand() function. The HTTP::Session2 session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand() function is unsuitable for cryptographic usage. HTTP::Session2 after version 1.02 will attempt to use the /dev/urandom device to generate a session id, but if the device is unavailable (for example, under Windows), then it will revert to the insecure method described above. | ||||
| CVE-2026-3376 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-02 | 8.8 High |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-3383 | 1 Chaiscript | 1 Chaiscript | 2026-03-02 | 3.3 Low |
| A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. Executing a manipulation can lead to divide by zero. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||