Export limit exceeded: 330486 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (330486 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-70050 | 1 Lesspass | 1 Lesspass | 2026-03-10 | N/A |
| An issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackers to obtain sensitive information. | ||||
| CVE-2025-70047 | 1 Nexusoft | 1 Nexusinterface | 2026-03-10 | 7.5 High |
| An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2. | ||||
| CVE-2025-70048 | 1 Nexusoft | 1 Nexusinterface | 2026-03-10 | N/A |
| An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2. | ||||
| CVE-2025-70059 | 1 Ymfe | 1 Yapi | 2026-03-10 | N/A |
| An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in YMFE yapi v1.12.0 and allows attackers to cause a denial of service. | ||||
| CVE-2025-70238 | 1 Dlink | 1 Dir-513 | 2026-03-10 | 7.5 High |
| Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard52. | ||||
| CVE-2025-70028 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70030 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70031 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2025-70032 | 1 Sunbird-ed | 1 Sunbirded-portal | 2026-03-10 | N/A |
| An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | ||||
| CVE-2026-30140 | 1 Tenda | 1 W15e | 2026-03-10 | N/A |
| An incorrect access control vulnerability exists in Tenda W15E V02.03.01.26_cn. An unauthenticated attacker can access the /cgi-bin/DownloadCfg/RouterCfm.jpg endpoint to download the configuration file containing plaintext administrator credentials, leading to sensitive information disclosure and potential remote administrative access. | ||||
| CVE-2026-3630 | 1 Deltaww | 1 Commgr2 | 2026-03-10 | 9.8 Critical |
| Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability. | ||||
| CVE-2026-3631 | 1 Deltaww | 1 Commgr2 | 2026-03-10 | 7.5 High |
| Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability. | ||||
| CVE-2026-30896 | 1 Qsee | 1 Qsee Client | 2026-03-10 | N/A |
| The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege. | ||||
| CVE-2026-3823 | 1 Atop Technologies | 2 Ehg2408, Ehg2408-2sfp | 2026-03-10 | 8.8 High |
| EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | ||||
| CVE-2025-41754 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 6.5 Medium |
| A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to read arbitrary files on the system. | ||||
| CVE-2025-41755 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 6.5 Medium |
| A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open (e.g., /tmp/weblog{some_number}), but this parameter is not properly validated, allowing an attacker to modify it to reference any file and retrieve its contents. | ||||
| CVE-2025-41756 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 8.1 High |
| A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system. | ||||
| CVE-2025-41757 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 8.8 High |
| A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system. | ||||
| CVE-2025-41758 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 8.8 High |
| A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise. | ||||
| CVE-2025-41759 | 1 Mbs | 3 Ubr-01 Mk Ii, Ubr-02, Ubr-lon | 2026-03-10 | 4.9 Medium |
| An administrator may attempt to block all networks by specifying "\*" or "all" as the network identifier. However, these values are not supported and do not trigger any validation error. Instead, they are silently interpreted as network 0 which results in no networks being blocked at all. | ||||