Export limit exceeded: 327086 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (327086 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23238 | 1 Linux | 1 Linux Kernel | 2026-03-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: romfs: check sb_set_blocksize() return value romfs_fill_super() ignores the return value of sb_set_blocksize(), which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setting a loop device's block size larger than PAGE_SIZE using ioctl(LOOP_SET_BLOCK_SIZE, 32768), then mounting a romfs filesystem on that device. When sb_set_blocksize(sb, ROMBSIZE) is called with ROMBSIZE=4096 but the device has logical_block_size=32768, bdev_validate_blocksize() fails because the requested size is smaller than the device's logical block size. sb_set_blocksize() returns 0 (failure), but romfs ignores this and continues mounting. The superblock's block size remains at the device's logical block size (32768). Later, when sb_bread() attempts I/O with this oversized block size, it triggers a kernel BUG in folio_set_bh(): kernel BUG at fs/buffer.c:1582! BUG_ON(size > PAGE_SIZE); Fix by checking the return value of sb_set_blocksize() and failing the mount with -EINVAL if it returns 0. | ||||
| CVE-2026-20082 | 2026-03-04 | 8.6 High | ||
| A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to improper handling of new, incoming TCP connections that are destined to management or data interfaces when the device is under a TCP SYN flood attack. An attacker could exploit this vulnerability by sending a crafted stream of traffic to an affected device. A successful exploit could allow the attacker to prevent all incoming TCP connections to the device from being established, including remote management access, Remote Access VPN (RAVPN) connections, and all network protocols that are TCP-based. This results in a denial of service (DoS) condition for affected features. | ||||
| CVE-2026-20149 | 2026-03-04 | 6.1 Medium | ||
| A vulnerability in Cisco Webex could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability, and no customer action is needed. This vulnerability was due to improper filtering of user-supplied input. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to conduct an XSS attack against the targeted user. | ||||
| CVE-2026-20006 | 2026-03-04 | 5.8 Medium | ||
| A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper implementation of the TLS protocol. An attacker could exploit this vulnerability by sending a crafted TLS packet to an affected system. A successful exploit could allow the attacker to cause a device that is running Cisco Secure FTD Software to drop network traffic, resulting in a DoS condition. Note: TLS 1.3 is not affected by this vulnerability. | ||||
| CVE-2026-20007 | 2026-03-04 | 5.8 Medium | ||
| A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a logic error in the integration of the Snort Engine rules with Cisco Secure FTD Software that could allow different Snort rules to be hit when deep inspection of the packet is performed for the inner and outer connections. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device that would hit configured Snort rules. A successful exploit could allow the attacker to send traffic to a network where it should have been denied. | ||||
| CVE-2026-20018 | 2026-03-04 | 5.9 Medium | ||
| A vulnerability in the sftunnel functionality of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrative privileges to write arbitrary files as root on the underlying operating system. This vulnerability is due to insufficient validation of the directory path during file synchronization. An attacker could exploit this vulnerability by crafting a directory path outside of the expected file location. A successful exploit could allow the attacker to create or replace any file on the underlying operating system. | ||||
| CVE-2026-20065 | 2026-03-04 | 5.8 Medium | ||
| Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the binder module initialization logic of the Snort Detection Engine. An attacker could exploit this vulnerability by sending certain packets through an established connection that is parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine restarts unexpectedly. | ||||
| CVE-2026-21422 | 1 Dell | 1 Powerscale Onefs | 2026-03-04 | 3.4 Low |
| Dell PowerScale OneFS, versions 9.10.0.0 through 9.10.1.5 and versions 9.11.0.0 through 9.12.0.1, contains an external control of system or configuration setting vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to protection mechanism bypass. | ||||
| CVE-2026-28421 | 1 Vim | 1 Vim | 2026-03-04 | 5.3 Medium |
| Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue. | ||||
| CVE-2026-28420 | 1 Vim | 1 Vim | 2026-03-04 | 4.4 Medium |
| Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue. | ||||
| CVE-2026-20050 | 2026-03-04 | 6.8 Medium | ||
| A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management during the inspection of TLS 1.2 encrypted traffic. An attacker could exploit this vulnerability by sending crafted TLS 1.2 encrypted traffic through an affected device. A successful exploit could allow the attacker to cause a reload of an affected device. Note: This vulnerability only affects traffic that is encrypted by TLS 1.2. Other versions of TLS are not affected. | ||||
| CVE-2026-20052 | 2026-03-04 | 5.8 Medium | ||
| A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management when a device is performing Snort 3 SSL packet inspection. An attacker could exploit this vulnerability by sending crafted SSL packets through an established connection to be parsed by the Snort 3 Detection Engine. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when the Snort 3 Detection Engine unexpectedly restarts. | ||||
| CVE-2026-20066 | 2026-03-04 | 5.8 Medium | ||
| Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the JSTokenizer normalization logic when the HTTP inspection normalizes JavaScript. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection that is parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine restarts unexpectedly. JSTokenizer is not enabled by default. | ||||
| CVE-2026-20067 | 2026-03-04 | 5.8 Medium | ||
| Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing the Multicast DNS fields of the HTTP header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts. | ||||
| CVE-2026-25907 | 1 Dell | 1 Powerscale Onefs | 2026-03-04 | 5.3 Medium |
| Dell PowerScale OneFS, version 9.13.0.0, contains an overly restrictive account lockout mechanism vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2025-70219 | 2026-03-04 | N/A | ||
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot. | ||||
| CVE-2024-55024 | 1 Weintek | 3 Cmt-3072xh2, Cmt-3072xh2 Firmware, Easyweb | 2026-03-04 | 8.8 High |
| An authentication bypass vulnerability in the authorization mechanism of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to perform Administrative actions using service accounts. | ||||
| CVE-2024-55025 | 1 Weintek | 3 Cmt-3072xh2, Cmt-3072xh2 Firmware, Easyweb | 2026-03-04 | 6.5 Medium |
| Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system. | ||||
| CVE-2024-55026 | 1 Weintek | 3 Cmt-3072xh2, Cmt-3072xh2 Firmware, Easyweb | 2026-03-04 | 8.8 High |
| An issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrary commands via supplying a crafted GET request. | ||||
| CVE-2026-28270 | 2 Accellion, Kiteworks | 2 Kiteworks, Security-advisories | 2026-03-04 | 4.9 Medium |
| Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks configuration allows uploading of arbitrary files without proper validation. Malicious administrators could exploit this to upload unauthorized file types to the system. Version 9.2.0 contains a patch for the issue. | ||||