Export limit exceeded: 336634 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336634 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30711 | 1 Devome | 1 Grr | 2026-03-25 | 8.8 High |
| Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent. | ||||
| CVE-2025-69720 | 1 Gnu | 1 Ncurses | 2026-03-25 | 9.8 Critical |
| ncurses v6.5 and v6.4 are vulnerable to Buffer Overflow in progs/infocmp.c, function analyze_string(). | ||||
| CVE-2026-30402 | 1 Tianshiyeben | 1 Wgcloud | 2026-03-25 | 9.8 Critical |
| An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbitrary code via the test connection function | ||||
| CVE-2026-30403 | 1 Tianshiyeben | 1 Wgcloud | 2026-03-25 | 7.5 High |
| There is an arbitrary file read vulnerability in the test connection function of backend database management in wgcloud v3.6.3 and before, which can be used to read any file on the victim's server. | ||||
| CVE-2026-30404 | 1 Tianshiyeben | 1 Wgcloud | 2026-03-25 | 7.5 High |
| The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery (SSRF) vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations. | ||||
| CVE-2025-67112 | 1 Freedomfi | 1 Sercomm Sce4255w | 2026-03-25 | 9.8 Critical |
| Use of a hard-coded AES-256-CBC key in the configuration backup/restore implementation of Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to decrypt, modify, and re-encrypt device configurations, enabling credential manipulation and privilege escalation via the GUI import/export functions. | ||||
| CVE-2025-67113 | 1 Freedomfi | 1 Sercomm Sce4255w | 2026-03-25 | 9.8 Critical |
| OS command injection in the CWMP client (/ftl/bin/cwmp) of Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers controlling the ACS endpoint to execute arbitrary commands as root via a crafted TR-069 Download URL that is passed unescaped into the firmware upgrade pipeline. | ||||
| CVE-2025-67114 | 1 Freedomfi | 1 Sercomm Sce4255w | 2026-03-25 | 9.8 Critical |
| Use of a deterministic credential generation algorithm in /ftl/bin/calc_f2 in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote attackers to derive valid administrative/root credentials from the device's MAC address, enabling authentication bypass and full device access. | ||||
| CVE-2025-67115 | 1 Freedomfi | 1 Sercomm Sce4255w | 2026-03-25 | 6.5 Medium |
| A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the log_type parameter to /logsave.htm. | ||||
| CVE-2026-25667 | 1 Microsoft | 1 Aspnetcore | 2026-03-25 | 7.5 High |
| ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing. | ||||
| CVE-2026-22176 | 1 Openclaw | 1 Openclaw | 2026-03-25 | 6.1 Medium |
| OpenClaw versions prior to 2026.2.19 contain a command injection vulnerability in Windows Scheduled Task script generation where environment variables are written to gateway.cmd using unquoted set KEY=VALUE assignments, allowing shell metacharacters to break out of assignment context. Attackers can inject arbitrary commands through environment variable values containing metacharacters like &, |, ^, %, or ! to achieve command execution when the scheduled task script is generated and executed. | ||||
| CVE-2026-27566 | 1 Openclaw | 1 Openclaw | 2026-03-25 | 7.1 High |
| OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in system.run exec analysis that fails to unwrap env and shell-dispatch wrapper chains. Attackers can route execution through wrapper binaries like env bash to smuggle payloads that satisfy allowlist entries while executing non-allowlisted commands. | ||||
| CVE-2026-27670 | 1 Openclaw | 1 Openclaw | 2026-03-25 | 5.3 Medium |
| OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding parent directory symlinks to redirect writes outside the extraction root. | ||||
| CVE-2026-28461 | 1 Openclaw | 1 Openclaw | 2026-03-25 | 7.5 High |
| OpenClaw versions prior to 2026.3.1 contain an unbounded memory growth vulnerability in the Zalo webhook endpoint that allows unauthenticated attackers to trigger in-memory key accumulation by varying query strings. Remote attackers can exploit this by sending repeated requests with different query parameters to cause memory pressure, process instability, or out-of-memory conditions that degrade service availability. | ||||
| CVE-2026-23669 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-25 | 8.8 High |
| Use after free in RPC Runtime allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-26128 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-25 | 7.8 High |
| Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-26132 | 1 Microsoft | 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more | 2026-03-25 | 7.8 High |
| Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-20165 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2026-03-25 | 6.3 Medium |
| In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspecting the job's search log due to improper access control in the MongoClient logging channel. | ||||
| CVE-2026-20164 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2026-03-25 | 6.5 Medium |
| In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the "admin" or "power" Splunk roles could access the `/splunkd/__raw/servicesNS/-/-/configs/conf-passwords` REST API endpoint, which exposes the hashed or plaintext password values that are stored in the passwords.conf configuration file due to improper access control. This vulnerability could allow for the unauthorized disclosure of sensitive credentials. | ||||
| CVE-2026-20166 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2026-03-25 | 5.4 Medium |
| In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, and 10.0.2503.12, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve the Observability Cloud API access token through the Discover Splunk Observability Cloud app due to improper access control. This vulnerability does not affect Splunk Enterprise versions below 9.4.9 and 9.3.10 because the Discover Splunk Observability Cloud app does not come with Splunk Enterprise. | ||||