Export limit exceeded: 324386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (324386 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25499 | 1 Bpg | 2 Terraform-provider-proxmox, Terraform Provider | 2026-02-11 | 7.5 High |
| Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been patched in version 0.93.1. | ||||
| CVE-2026-25511 | 2 Group-office, Intermesh | 2 Group Office, Group-office | 2026-02-11 | 4.9 Medium |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, an authenticated user within the System Administrator group can trigger a full SSRF via the WOPI service discovery URL, including access to internal hosts/ports. The SSRF response body can be exfiltrated via the built‑in debug system, turning it into a visible SSRF. This also allows full server-side file read. This issue has been patched in versions 6.8.150, 25.0.82, and 26.0.5. | ||||
| CVE-2026-25512 | 2 Group-office, Intermesh | 2 Group Office, Group-office | 2026-02-11 | 8.8 High |
| Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.150, 25.0.82, and 26.0.5, there is a remote code execution (RCE) vulnerability in Group-Office. The endpoint email/message/tnefAttachmentFromTempFile directly concatenates the user-controlled parameter tmp_file into an exec() call. By injecting shell metacharacters into tmp_file, an authenticated attacker can execute arbitrary system commands on the server. This issue has been patched in versions 6.8.150, 25.0.82, and 26.0.5. | ||||
| CVE-2026-25538 | 1 Devtron | 1 Devtron | 2026-02-11 | 8.8 High |
| Devtron is an open source tool integration platform for Kubernetes. In version 2.0.0 and prior, a vulnerability exists in Devtron's Attributes API interface, allowing any authenticated user (including low-privileged CI/CD Developers) to obtain the global API Token signing key by accessing the /orchestrator/attributes?key=apiTokenSecret endpoint. After obtaining the key, attackers can forge JWT tokens for arbitrary user identities offline, thereby gaining complete control over the Devtron platform and laterally moving to the underlying Kubernetes cluster. This issue has been patched via commit d2b0d26. | ||||
| CVE-2026-25539 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-02-11 | 9.1 Critical |
| SiYuan is a personal knowledge management system. Prior to version 3.5.5, the /api/file/copyFile endpoint does not validate the dest parameter, allowing authenticated users to write files to arbitrary locations on the filesystem. This can lead to Remote Code Execution (RCE) by writing to sensitive locations such as cron jobs, SSH authorized_keys, or shell configuration files. This issue has been patched in version 3.5.5. | ||||
| CVE-2025-69619 | 1 Zipperapp | 2 My Teditor, My Text Editor | 2026-02-11 | 5 Medium |
| A path traversal in My Text Editor v1.6.2 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage. | ||||
| CVE-2025-69620 | 2 Moo Chan Song, Ntoolslab | 2 Moo Chan Song, Office Reader | 2026-02-11 | 5 Medium |
| A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service (DoS) via writing files to the internal storage. | ||||
| CVE-2025-69662 | 1 Geopandas | 1 Geopandas | 2026-02-11 | 8.6 High |
| SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database. | ||||
| CVE-2023-35394 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.6 Medium |
| Azure HDInsight Jupyter Notebook Spoofing Vulnerability | ||||
| CVE-2023-36881 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Ambari Spoofing Vulnerability | ||||
| CVE-2023-36877 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Oozie Spoofing Vulnerability | ||||
| CVE-2023-35393 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Hive Spoofing Vulnerability | ||||
| CVE-2023-38188 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Hadoop Spoofing Vulnerability | ||||
| CVE-2023-23408 | 1 Microsoft | 2 Azure Hdinsight, Azure Hdinsights | 2026-02-11 | 4.5 Medium |
| Azure Apache Ambari Spoofing Vulnerability | ||||
| CVE-2025-70758 | 1 Chetans9 | 1 Core-php-admin-panel | 2026-02-11 | 7.5 High |
| chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. This allows remote unauthenticated attackers to access protected pages.customer database. | ||||
| CVE-2025-69981 | 1 Frangoteam | 1 Fuxa | 2026-02-11 | 7.5 High |
| FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the `/api/upload` API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files (such as the SQLite user database) to gain administrative access, or to upload malicious scripts to execute arbitrary code. | ||||
| CVE-2025-69429 | 1 Orico | 2 Cd3510, Cd3510 Firmware | 2026-02-11 | 6.1 Medium |
| The ORICO NAS CD3510 (version V1.9.12 and below) contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, then access the USB drive's symlink directory mounted on the NAS to obtain all files within the NAS system and tamper with those files. | ||||
| CVE-2025-69430 | 1 Yottamaster | 6 Dm2, Dm200, Dm200 Firmware and 3 more | 2026-02-11 | 6.1 Medium |
| An Incorrect Symlink Follow vulnerability exists in multiple Yottamaster NAS devices, including DM2 (version equal to or prior to V1.9.12), DM3 (version equal to or prior to V1.9.12), and DM200 (version equal to or prior to V1.2.23) that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, then access the USB drive's symlink directory mounted on the NAS to obtain all files within the NAS system and tamper with those files. | ||||
| CVE-2025-69431 | 1 Zspace | 3 Q2c, Q2c Firmware, Q2c Nas | 2026-02-11 | 6.1 Medium |
| The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Samba protocol. This allows them to obtain all files within the NAS system and tamper with those files. | ||||
| CVE-2026-0672 | 1 Python | 1 Cpython | 2026-02-11 | 4.8 Medium |
| When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters. | ||||