Export limit exceeded: 336977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 336977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336977 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-23268 | 1 Linux | 1 Linux Kernel | 2026-03-26 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: apparmor: fix unprivileged local user can do privileged policy management An unprivileged local user can load, replace, and remove profiles by opening the apparmorfs interfaces, via a confused deputy attack, by passing the opened fd to a privileged process, and getting the privileged process to write to the interface. This does require a privileged target that can be manipulated to do the write for the unprivileged process, but once such access is achieved full policy management is possible and all the possible implications that implies: removing confinement, DoS of system or target applications by denying all execution, by-passing the unprivileged user namespace restriction, to exploiting kernel bugs for a local privilege escalation. The policy management interface can not have its permissions simply changed from 0666 to 0600 because non-root processes need to be able to load policy to different policy namespaces. Instead ensure the task writing the interface has privileges that are a subset of the task that opened the interface. This is already done via policy for confined processes, but unconfined can delegate access to the opened fd, by-passing the usual policy check. | ||||
| CVE-2026-30694 | 1 Dedecms | 1 Dedecms | 2026-03-26 | 9.8 Critical |
| An issue in DedeCMS v.5.7.118 and before allows a remote attacker to execute arbitrary code via the array_filter component | ||||
| CVE-2026-27934 | 1 Discourse | 1 Discourse | 2026-03-26 | 7.5 High |
| Discourse is an open-source discussion platform. Versions prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 have a lack of visibility checks with a user action API endpoint that results in disclosure of the title and post excerpt to unauthorized users, leading to information disclosure. Versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain a patch. No known workarounds are available. | ||||
| CVE-2026-32989 | 1 Precurio | 1 Precurio Intranet Portal | 2026-03-26 | 8.8 High |
| Precurio Intranet Portal 4.4 contains a cross-site request forgery vulnerability that allows attackers to induce authenticated users to submit crafted requests to a profile update endpoint handling file uploads. Attackers can exploit this to upload executable files to web-accessible locations, leading to arbitrary code execution in the context of the web server. | ||||
| CVE-2026-22902 | 2 Qnap, Qnap Systems | 2 Qunetswitch, Qunetswitch | 2026-03-26 | 6.7 Medium |
| A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later | ||||
| CVE-2026-22901 | 2 Qnap, Qnap Systems | 2 Qunetswitch, Qunetswitch | 2026-03-26 | 9.8 Critical |
| A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later | ||||
| CVE-2026-22900 | 2 Qnap, Qnap Systems | 2 Qunetswitch, Qunetswitch | 2026-03-26 | 9.8 Critical |
| A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later | ||||
| CVE-2026-22897 | 2 Qnap, Qnap Systems | 2 Qunetswitch, Qunetswitch | 2026-03-26 | 9.8 Critical |
| A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.4.0415 and later | ||||
| CVE-2026-32309 | 1 Cryptomator | 1 Cryptomator | 2026-03-26 | 7.5 High |
| Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, the Hub-based unlock flow explicitly supports hub+http and consumes Hub endpoints from vault metadata without enforcing HTTPS. As a result, a vault configuration can drive OAuth and key-loading traffic over plaintext HTTP or other insecure endpoint combinations. An active network attacker can tamper with or observe this traffic. Even when the vault key is encrypted for the device, bearer tokens and endpoint-level trust decisions are still exposed to downgrade and interception. This issue has been patched in version 1.19.1. | ||||
| CVE-2026-32310 | 2 Cryptomator, Microsoft | 2 Cryptomator, Windows | 2026-03-26 | 4.1 Medium |
| Cryptomator encrypts data being stored on cloud infrastructure. From version 1.6.0 to before version 1.19.1, vault configuration is parsed before its integrity is verified, and the masterkeyfile loader uses the unverified keyId as a filesystem path. The loader resolves keyId.getSchemeSpecificPart() directly against the vault path and immediately calls Files.exists(...). This allows a malicious vault config to supply parent-directory escapes, absolute local paths, or UNC paths (e.g., masterkeyfile://attacker/share/masterkey.cryptomator). On Windows, the UNC variant is especially dangerous because Path.resolve("//attacker/share/...") becomes \\attacker\share\..., so the existence check can trigger outbound SMB access before the user even enters a passphrase. This issue has been patched in version 1.19.1. | ||||
| CVE-2019-25587 | 1 Bpftpserver | 1 Bulletproof Ftp Server | 2026-03-26 | 6.2 Medium |
| BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of 500 bytes or more to trigger an application crash when saving the configuration. | ||||
| CVE-2019-25588 | 1 Bpftpserver | 1 Bulletproof Ftp Server | 2026-03-26 | 6.2 Medium |
| BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked. | ||||
| CVE-2026-4368 | 1 Netscaler | 2 Adc, Gateway | 2026-03-26 | N/A |
| Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup | ||||
| CVE-2025-60947 | 2 Census, Csprousers | 2 Csweb, Csweb | 2026-03-26 | 8.8 High |
| Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha. | ||||
| CVE-2025-60948 | 2 Census, Csprousers | 2 Csweb, Csweb | 2026-03-26 | 4.6 Medium |
| Census CSWeb 8.0.1 allows stored cross-site scripting in user supplied fields. A remote, authenticated attacker could store malicious javascript that executes in a victim's browser. Fixed in 8.1.0 alpha. | ||||
| CVE-2025-60949 | 2 Census, Csprousers | 2 Csweb, Csweb | 2026-03-26 | 9.1 Critical |
| Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote, unauthenticated attacker could send requests to configuration files and obtain leaked secrets. Fixed in 8.1.0 alpha. | ||||
| CVE-2026-30661 | 2 Icms, Idreamsoft | 2 Icms, Icms | 2026-03-26 | 6.1 Medium |
| iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component, specifically within the index.html file. This allows remote attackers to execute arbitrary web script or HTML via the regip or loginip parameters. | ||||
| CVE-2026-30655 | 1 Esiclivre | 1 Esiclivre | 2026-03-26 | 6.5 Medium |
| SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php | ||||
| CVE-2026-29839 | 1 Dedecms | 1 Dedecms | 2026-03-26 | 8.8 High |
| DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php. | ||||
| CVE-2026-29840 | 1 Jizhicms | 1 Jizhicms | 2026-03-26 | 5.4 Medium |
| JiZhiCMS v2.5.6 and before contains a Stored Cross-Site Scripting (XSS) vulnerability in the release function within app/home/c/UserController.php. The application attempts to sanitize input by filtering <script> tags but fails to recursively remove dangerous event handlers in other HTML tags (such as onerror in <img> tags). This allows an authenticated remote attacker to inject arbitrary web script or HTML via the body parameter in a POST request to /user/release.html. | ||||