Export limit exceeded: 336355 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336355 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0869 | 1 Brocade | 1 Ascg | 2026-03-04 | N/A |
| Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support Link(BSL) and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric. | ||||
| CVE-2026-1775 | 1 Labkotec | 2 Lid-3300ip, Lid-3300ip Type 2 | 2026-03-04 | N/A |
| The Labkotec LID-3300IP has an existing vulnerability in the ice detector software that enables an unauthenticated attacker to alter device parameters and run operational commands when specially crafted packets are sent to the device. | ||||
| CVE-2026-20129 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-03-04 | 9.8 Critical |
| A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. | ||||
| CVE-2025-70241 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5. | ||||
| CVE-2025-70239 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. | ||||
| CVE-2025-70237 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetPortTr. | ||||
| CVE-2025-70236 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 5.3 Medium |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDomainFilter. | ||||
| CVE-2025-70234 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-04 | 9.8 Critical |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. | ||||
| CVE-2025-13616 | 1 Ibm | 1 Datastage On Cloud Pak For Data | 2026-03-04 | 6.5 Medium |
| IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used in further attacks against the system. | ||||
| CVE-2025-13734 | 1 Ibm | 1 Engineering Requirements Management Doors Next | 2026-03-04 | 5.4 Medium |
| IBM Engineering Requirements Management DOORS Next 7.1, and 7.2 could allow an authenticated user to view and edit data beyond their authorized access permissions. | ||||
| CVE-2026-20128 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-03-04 | 7.5 High |
| A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker to gain DCA user privileges on an affected system. To exploit this vulnerability, the attacker must have valid vmanage credentials on the affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by accessing the filesystem as a low-privileged user and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. | ||||
| CVE-2025-14923 | 1 Ibm | 2 Websphere Application Server, Websphere Application Server Liberty | 2026-03-04 | 4.7 Medium |
| IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application Server Liberty could provide weaker than expected security when using the Security Utility when administering security settings. | ||||
| CVE-2026-27818 | 2 Terria, Terriajs | 2 Terriajs-server, Terriajs-server | 2026-03-04 | 7.5 High |
| TerriaJS-Server is a NodeJS Express server for TerriaJS, a library for building web-based geospatial data explorers. A validation bug in versions prior to 4.0.3 allows an attacker to proxy domains not explicitly allowed in the `proxyableDomains` configuration. Version 4.0.3 fixes the issue. | ||||
| CVE-2025-36364 | 1 Ibm | 1 Devops Plan | 2026-03-04 | 6.2 Medium |
| IBM DevOps Plan 3.0.0 through 3.0.5 allows web page cache to be stored locally which can be read by another user on the system. | ||||
| CVE-2026-1265 | 1 Ibm | 1 Infosphere Information Server | 2026-03-04 | 4.3 Medium |
| IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file. | ||||
| CVE-2025-36363 | 1 Ibm | 1 Devops Plan | 2026-03-04 | 5.9 Medium |
| IBM DevOps Plan 3.0.0 through 3.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | ||||
| CVE-2026-3196 | 1 Qemu | 1 Qemu | 2026-03-04 | 5.5 Medium |
| An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition. | ||||
| CVE-2026-2376 | 1 Mirror-registry | 1 Quay | 2026-03-04 | 4.9 Medium |
| No description is available for this CVE. | ||||
| CVE-2026-20435 | 6 Google, Linuxfoundation, Mediatek and 3 more | 40 Android, Yocto, Mt2737 and 37 more | 2026-03-04 | 4.6 Medium |
| In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS10607099; Issue ID: MSV-6118. | ||||
| CVE-2026-20444 | 2 Google, Mediatek | 47 Android, Mt6739, Mt6761 and 44 more | 2026-03-04 | 6.7 Medium |
| In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10436995; Issue ID: MSV-5721. | ||||