Export limit exceeded: 334175 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334175 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334175 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32297 | 1 Angeet | 1 Es3 Kvm | 2026-03-18 | 7.5 High |
| The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including configuration files or system binaries. Modified configuration files or system binaries could allow an attacker to take complete control of a vulnerable system. | ||||
| CVE-2026-32565 | 2 Webberzone, Wordpress | 2 Contextual Related Posts, Wordpress | 2026-03-18 | 5.3 Medium |
| Missing Authorization vulnerability in WebberZone Contextual Related Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contextual Related Posts: from n/a before 4.2.2. | ||||
| CVE-2026-32836 | 1 Mackron | 1 Dr Libs | 2026-03-18 | N/A |
| dr_libs version 0.13.3 and earlier contain an uncontrolled memory allocation vulnerability in drflac__read_and_decode_metadata() that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can exploit attacker-controlled mimeLength and descriptionLength fields to cause denial of service through memory exhaustion when processing FLAC streams with metadata callbacks. | ||||
| CVE-2026-32837 | 1 Mackron | 1 Miniaudio | 2026-03-18 | 5.5 Medium |
| miniaudio version 0.11.25 and earlier contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination handling in the coding history field to cause out-of-bounds reads past the allocated metadata pool, resulting in application crashes or denial of service. | ||||
| CVE-2026-32981 | 1 Ray Project | 1 Ray | 2026-03-18 | 7.5 High |
| A path traversal vulnerability was identified in Ray Dashboard (default port 8265) in Ray versions prior to 2.8.1. Due to improper validation and sanitization of user-supplied paths in the static file handling mechanism, an attacker can use traversal sequences (e.g., ../) to access files outside the intended static directory, resulting in local file disclosure. | ||||
| CVE-2026-4064 | 1 Devolutions | 1 Powershell Universal | 2026-03-18 | 8.3 High |
| Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user with any valid token to bypass role-based access controls and perform privileged operations — including reading sensitive data, creating or deleting resources, and disrupting service operations — via crafted gRPC requests. | ||||
| CVE-2026-4268 | 2 Wordpress, Wpgmaps | 2 Wordpress, Wp Go Maps (formerly Wp Google Maps) | 2026-03-18 | 6.4 Medium |
| The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpgmza_custom_js’ parameter in all versions up to, and including, 10.0.05 due to insufficient input sanitization and output escaping and missing capability check in the 'admin_post_wpgmza_save_settings' hook anonymous function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-4295 | 1 Aws | 1 Kiro Ide | 2026-03-18 | 7.8 High |
| Improper trust boundary enforcement in Kiro IDE before version 0.8.0 on all supported platforms might allow a remote unauthenticated threat actor to execute arbitrary code via maliciously crafted project directory files that bypass workspace trust protections when a local user opens the directory. To remediate this issue, users should upgrade to version 0.8.0 or higher. | ||||
| CVE-2026-4318 | 1 Utt | 1 Hiper 810g | 2026-03-18 | 8.8 High |
| A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-4319 | 1 Code-projects | 1 Simple Food Order System | 2026-03-18 | 7.3 High |
| A vulnerability was identified in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file /routers/add-item.php. Such manipulation of the argument price leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-4349 | 1 Duende | 1 Identityserver | 2026-03-18 | 5.6 Medium |
| A vulnerability was determined in Duende IdentityServer 4. The affected element is an unknown function of the file /connect/authorize of the component Token Renewal Endpoint. This manipulation of the argument id_token_hint causes improper authentication. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4358 | 1 Mongodb | 1 Mongodb Server | 2026-03-18 | 6.4 Medium |
| A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution (SBE) engine when an in-memory hash table is spilled to disk. | ||||
| CVE-2026-4359 | 1 Mongodb | 1 C Driver | 2026-03-18 | 2 Low |
| A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver. | ||||
| CVE-2026-1217 | 2 Wordpress, Yoast | 2 Wordpress, Yoast Duplicate Post | 2026-03-18 | 5.4 Medium |
| The Yoast Duplicate Post plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clone_bulk_action_handler() and republish_request() functions in all versions up to, and including, 4.5. This makes it possible for authenticated attackers, with Contributor-level access and above, to duplicate any post on the site including private, draft, and trashed posts they shouldn't have access to. Additionally, attackers with Author-level access and above can use the Rewrite & Republish feature to overwrite any published post with their own content. | ||||
| CVE-2026-1780 | 2 Silentwind, Wordpress | 2 [cr]paid Link Manager, Wordpress | 2026-03-18 | 6.1 Medium |
| The [CR]Paid Link Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2026-1926 | 2 Wordpress, Wpswings | 2 Wordpress, Subscriptions For Woocommerce | 2026-03-18 | 5.3 Medium |
| The Subscriptions for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `wps_sfw_admin_cancel_susbcription()` function in all versions up to, and including, 1.9.2. This is due to the function being hooked to the `init` action without any authentication or authorization checks, and only performing a non-empty check on the nonce parameter without actually validating it via `wp_verify_nonce()`. This makes it possible for unauthenticated attackers to cancel any active WooCommerce subscription by sending a crafted GET request with an arbitrary nonce value via the `wps_subscription_id` parameter. | ||||
| CVE-2026-2092 | 1 Redhat | 1 Build Keycloak | 2026-03-18 | 7.7 High |
| A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure. | ||||
| CVE-2026-4147 | 1 Mongodb | 1 Mongodb Server | 2026-03-18 | 6.5 Medium |
| An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command. | ||||
| CVE-2026-4148 | 1 Mongodb | 1 Mongodb Server | 2026-03-18 | 8.8 High |
| A use-after-free vulnerability can be triggered in sharded clusters by an authenticated user with the read role who issues a specially crafted $lookup or $graphLookup aggregation pipeline. | ||||
| CVE-2026-4356 | 1 Itsourcecode | 1 University Management System | 2026-03-18 | 2.4 Low |
| A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. | ||||