Export limit exceeded: 335554 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335554 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28398 | 2026-03-02 | N/A | ||
| NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, user-controlled content in comments and rich text cells was rendered via v-html without sanitization, enabling stored XSS. This issue has been patched in version 0.301.3. | ||||
| CVE-2026-28361 | 2026-03-02 | N/A | ||
| NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the MCP token service did not validate token ownership, allowing a Creator within the same base to read, regenerate, or delete another user's MCP tokens if the token ID was known. This issue has been patched in version 0.301.3. | ||||
| CVE-2026-0654 | 2026-03-02 | N/A | ||
| Improper input handling in the administration web interface on TP-Link Deco BE25 v1.0 allows crafted input to be executed as part of an OS command. An authenticated adjacent attacker may execute arbitrary commands via crafted configuration file, impacting confidentiality, integrity and availability of the device. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822. | ||||
| CVE-2026-0655 | 2026-03-02 | N/A | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows authenticated adjacent attacker to read arbitrary files or cause denial of service. This issue affects Deco BE25 v1.0: through 1.1.1 Build 20250822. | ||||
| CVE-2026-0689 | 2026-03-02 | N/A | ||
| In ExtremeCloud IQ – Site Engine (XIQ‑SE) before 26.2.10, a vulnerability in the NAC administration interface allows an authenticated NAC administrator to retrieve masked sensitive parameters from HTTP responses. Although credentials appear redacted in the user interface, the application returns the underlying credential values in the HTTP response, enabling an authorized administrator to recover stored secrets that may exceed their intended access. We would like to thank the Lockheed Martin Red Team for responsibly reporting this issue and working with us through coordinated disclosure. | ||||
| CVE-2026-0995 | 2026-03-02 | 3.6 Low | ||
| An issue has been identified in Arm C1-Pro before r1p2-50eac0, where, under certain conditions, a TLBI+DSB might fail to ensure the completion of memory accesses related to SME. | ||||
| CVE-2026-21853 | 2026-03-02 | 8.8 High | ||
| AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in two common scenarios: 1/ A victim visits a malicious website controlled by the attacker and the website redirect to the URL automatically, or 2/ A victim clicks on a crafted link embedded on a legitimate website (e.g., in user-generated content). In both cases, the browser invokes AFFiNE custom URL handler, which launches the AFFiNE app and processes the crafted URL. This results in arbitrary code execution on the victim’s machine, without further interaction. This issue has been patched in version 0.25.4. | ||||
| CVE-2026-23865 | 2026-03-02 | 5.3 Medium | ||
| An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. | ||||
| CVE-2026-24101 | 2026-03-02 | 9.8 Critical | ||
| An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability. | ||||
| CVE-2026-24110 | 2026-03-02 | 9.8 Critical | ||
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsIP, dhcpsMac);`, the lack of size validation for the rules could lead to buffer overflows in `dhcpsIndex`, `dhcpsIP`, and `dhcpsMac`. | ||||
| CVE-2026-24111 | 2026-03-02 | N/A | ||
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addAuthUser` function and processed by `sscanf` without size validation, it could lead to buffer overflow. | ||||
| CVE-2026-24114 | 2026-03-02 | N/A | ||
| An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate `pPortMapIndex` may lead to buffer overflows when using `strcpy`. | ||||
| CVE-2026-25884 | 2026-03-02 | N/A | ||
| Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8. | ||||
| CVE-2026-26698 | 2026-03-02 | 4.9 Medium | ||
| code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/modal_edit.php. | ||||
| CVE-2026-26701 | 2026-03-02 | N/A | ||
| sourcecodester Personnel Property Equipment System v1.0 is vulnerable to SQL Injection in /ppes/admin/edit_tecnical_user.php. | ||||
| CVE-2026-26720 | 2026-03-02 | 9.8 Critical | ||
| An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module. | ||||
| CVE-2026-26709 | 2026-03-02 | N/A | ||
| code-projects Simple Gym Management System v1.0 is vulnerable to SQL Injection in /gym/trainer_search.php. | ||||
| CVE-2026-27596 | 2026-03-02 | N/A | ||
| Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra command line argument, like -pp. The out-of-bounds read is at a 4GB offset, which usually causes Exiv2 to crash. This issue has been patched in version 0.28.8. | ||||
| CVE-2026-28286 | 2026-03-02 | 8.6 High | ||
| ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. However, when interacting directly with the API, the restrictions are bypass-able. By sending a crafted request targeting paths like /etc, /usr, or other sensitive system directories, the API successfully creates files or directories in locations where normal users should have no write access. This indicates that the API does not properly validate the target path, allowing unauthorized operations on critical system directories. No known patch is publicly available. | ||||
| CVE-2026-28357 | 2026-03-02 | N/A | ||
| NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, a stored XSS vulnerability exists in the Formula virtual cell. Formula results containing URI::() patterns are rendered via v-html without sanitization, allowing injected HTML to execute. This issue has been patched in version 0.301.3. | ||||