Export limit exceeded: 336986 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (336986 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-33162 | 1 Craftcms | 2 Craft Cms, Craftcms | 2026-03-26 | 6.5 Medium |
| Craft CMS is a content management system (CMS). From version 5.3.0 to before version 5.9.14, an authenticated control panel user with only accessCp can move entries across sections via POST /actions/entries/move-to-section, even when they do not have saveEntries:{sectionUid} permission for either source or destination section. This issue has been patched in version 5.9.14. | ||||
| CVE-2026-33343 | 1 Etcd | 1 Etcd | 2026-03-26 | 0 Low |
| etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, an authenticated user with RBAC restricted permissions on key ranges can use nested transactions to bypass all key-level authorization. This allows any authenticated user with direct access to etcd to effectively ignore all key range restrictions, accessing the entire etcd data store. Kubernetes does not rely on etcd’s built-in authentication and authorization. Instead, the API server handles authentication and authorization itself, so typical Kubernetes deployments are not affected. Versions 3.4.42, 3.5.28, and 3.6.9 contain a patch. If upgrading is not immediately possible, reduce exposure by treating the affected RPCs as unauthenticated in practice. Restrict network access to etcd server ports so only trusted components can connect and require strong client identity at the transport layer, such as mTLS with tightly scoped client certificate distribution. | ||||
| CVE-2026-33396 | 1 Hackerbay | 1 Oneuptime | 2026-03-26 | 10 Critical |
| OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user (ProjectMember) can achieve remote command execution on the Probe container/host by abusing Synthetic Monitor Playwright script execution. Synthetic monitor code is executed in VMRunner.runCodeInNodeVM with a live Playwright page object in context. The sandbox relies on a denylist of blocked properties/methods, but it is incomplete. Specifically, _browserType and launchServer are not blocked, so attacker code can traverse `page.context().browser()._browserType.launchServer(...)` and spawn arbitrary processes. Version 10.0.35 contains a patch. | ||||
| CVE-2026-33399 | 2 Ellite, Wallosapp | 2 Wallos, Wallos | 2026-03-26 | 7.7 High |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, the SSRF fix applied in version 4.6.2 for CVE-2026-30839 and CVE-2026-30840 is incomplete. The validate_webhook_url_for_ssrf() protection was added to the test* notification endpoints but not to the corresponding save* endpoints. An authenticated user can save an internal/private IP address as a notification URL, and when the cron job sendnotifications.php executes, the request is sent to the internal IP without any SSRF validation. This issue has been patched in version 4.7.0. | ||||
| CVE-2026-33413 | 1 Etcd | 1 Etcd | 2026-03-26 | 8.8 High |
| etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted clients. In unpatched etcd clusters with etcd auth enabled, unauthorized users are able to call MemberList and learn cluster topology, including member IDs and advertised endpoints; call Alarm, which can be abused for operational disruption or denial of service; use Lease APIs, interfering with TTL-based keys and lease ownership; and/or trigger compaction, permanently removing historical revisions and disrupting watch, audit, and recovery workflows. Kubernetes does not rely on etcd’s built-in authentication and authorization. Instead, the API server handles authentication and authorization itself, so typical Kubernetes deployments are not affected. Versions 3.4.42, 3.5.28, and 3.6.9 contain a patch. If upgrading is not immediately possible, reduce exposure by treating the affected RPCs as unauthenticated in practice. Restrict network access to etcd server ports so only trusted components can connect and/or require strong client identity at the transport layer, such as mTLS with tightly scoped client certificate distribution. | ||||
| CVE-2026-33400 | 2 Ellite, Wallosapp | 2 Wallos, Wallos | 2026-03-26 | 5.4 Medium |
| Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, a stored cross-site scripting (XSS) vulnerability in the payment method rename endpoint allows any authenticated user to inject arbitrary JavaScript that executes when any user visits the Settings, Subscriptions, or Statistics pages. Combined with the wallos_login authentication cookie lacking the HttpOnly flag, this enables full session hijacking. This issue has been patched in version 4.7.0. | ||||
| CVE-2025-32991 | 2 N2w, N2ws | 2 Backup\& Recovery, Backup And Recovery | 2026-03-26 | 9 Critical |
| In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution. | ||||
| CVE-2025-59707 | 2 N2w, N2ws | 2 N2w, N2w | 2026-03-26 | 9.8 Critical |
| In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account credentials theft because of a spoofing vulnerability. | ||||
| CVE-2025-55266 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 5.9 Medium |
| HCL Aftermarket DPC is affected by Session Fixation which allows attacker to takeover the user's session and use it carry out unauthorized transaction behalf of the user. | ||||
| CVE-2025-59706 | 2 N2w, N2ws | 2 N2w, N2w | 2026-03-26 | 9.8 Critical |
| In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution. | ||||
| CVE-2025-55267 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 5.7 Medium |
| HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server. | ||||
| CVE-2025-55268 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 4.3 Medium |
| HCL Aftermarket DPC is affected by Spamming Vulnerability which can allow the actor to excessive spamming can consume server bandwidth and processing resources which may lead to Denial of Service. | ||||
| CVE-2025-55269 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 4.2 Medium |
| HCL Aftermarket DPC is affected by Weak Password Policy vulnerability, which makes it easier for attackers to guess weak passwords or use brute-force techniques to gain unauthorized access to user accounts. | ||||
| CVE-2025-55270 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 3.5 Low |
| HCL Aftermarket DPC is affected by Improper Input Validation which allows an attacker to inject executable code and can carry out attacks such as XSS, SQL Injection, Command Injection etc. | ||||
| CVE-2025-55271 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 3.1 Low |
| HCL Aftermarket DPC is affected by HTTP Response Splitting vulnerability where in depending on how the web application handles the split response, an attacker may be able to execute arbitrary commands or inject harmful content into the response.. | ||||
| CVE-2025-55273 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 4.3 Medium |
| HCL Aftermarket DPC is affected by Cross Domain Script Include vulnerability where an attacker using external scripts can tamper with the DOM, altering the content or behavior of the application. Malicious scripts can steal cookies or session tokens, leading to session hijacking. | ||||
| CVE-2026-33511 | 2 Pyload, Pyload-ng Project | 2 Pyload, Pyload-ng | 2026-03-26 | 9.8 Critical |
| pyLoad is a free and open-source download manager written in Python. From version 0.4.20 to before version 0.5.0b3.dev97, the local_check decorator in pyLoad's ClickNLoad feature can be bypassed by any remote attacker through HTTP Host header spoofing. This allows unauthenticated remote users to access localhost-restricted endpoints, enabling them to inject arbitrary downloads, write files to the storage directory, and execute JavaScript code. This issue has been patched in version 0.5.0b3.dev97. | ||||
| CVE-2026-32948 | 3 Microsoft, Sbt, Scala.epfl | 3 Windows, Sbt, Sbt | 2026-03-26 | 7.8 High |
| sbt is a build tool for Scala, Java, and others. From version 0.9.5 to before version 1.12.7, on Windows, sbt uses Process("cmd", "/c", ...) to run VCS commands (git, hg, svn). The URI fragment (branch, tag, revision) is user-controlled via the build definition and passed to these commands without validation. Because cmd /c interprets &, |, and ; as command separators, a malicious fragment can execute arbitrary commands. This issue has been patched in version 1.12.7. | ||||
| CVE-2025-55275 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 3.7 Low |
| HCL Aftermarket DPC is affected by Admin Session Concurrency vulnerability using which an attacker can exploit concurrent sessions to hijack or impersonate an admin user. | ||||
| CVE-2025-55277 | 1 Hcltech | 1 Aftermarket Cloud | 2026-03-26 | 2.6 Low |
| HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application. | ||||