Export limit exceeded: 365299 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365299 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 365299 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365299 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-12270 | 2026-07-14 | 6.5 Medium | ||
| The Everest Forms WordPress plugin before 3.5.0 does not correctly restrict access to several REST API endpoints belonging to its onboarding assistant: the capability check is only applied when an attacker-controllable request header holds a specific value, so it can be bypassed by omitting or changing that header. This makes it possible for unauthenticated attackers to read onboarding status information, modify the related Everest Forms WordPress plugin before 3.5.0 options, and trigger an email from the site to an arbitrary address. | ||||
| CVE-2026-47828 | 1 Cloudfoundry | 1 Bosh Cli | 2026-07-14 | N/A |
| During bosh create-env and bosh delete-env, the CLI uploads compiled CPI packages and rendered job templates to the new VM's DAV blobstore over HTTPS without verifying the server certificate, even though a CA certificate for that endpoint is available in the installation manifest. A network attacker can terminate the TLS connection, harvest the Basic-auth credentials, and read the rendered-templates archive containing every bootstrap secret for the new BOSH Director, then replay the credentials against the real VM's agent for root code execution. Affected versions: bosh-cli versions prior to v7.10.4. | ||||
| CVE-2026-58307 | 1 Samsung Open Source | 1 Escargot | 2026-07-14 | 6.1 Medium |
| Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c. | ||||
| CVE-2026-12116 | 1 Xerte | 1 Xerte Online Tools | 2026-07-14 | 9.8 Critical |
| A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed. | ||||
| CVE-2026-54798 | 1 Siemens | 2 Cpci85 Central Processing\/communication, Sicore Base System | 2026-07-14 | 6.5 Medium |
| A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt the system by crashing the web process causing denial of service conditions. | ||||
| CVE-2026-54800 | 1 Siemens | 2 Cpci85 Central Processing\/communication, Sicore Base System | 2026-07-14 | 4.8 Medium |
| A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application ships with a default configuration that disables all OPC UA security mechanisms. This could allow an attacker to gain unauthorized access and control over critical system functions. | ||||
| CVE-2026-15668 | 1 Louisho5 | 1 Picobot | 2026-07-14 | 6.3 Medium |
| A vulnerability has been found in louisho5 picobot up to 0.2.0. This vulnerability affects the function WebTool.Execute of the file internal/agent/tools/web.go of the component web Tool. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-15629 | 1 Louisho5 | 1 Picobot | 2026-07-14 | 6.3 Medium |
| A weakness has been identified in louisho5 picobot up to 0.2.0. Impacted is the function CreateSkill/GetSkill of the file internal/agent/tools/filesystem.go of the component Workspace Handler. Executing a manipulation can lead to link following. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-7640 | 2 Aguilatechnologies, Wordpress | 2 Wp Customer Area, Wordpress | 2026-07-14 | 6.4 Medium |
| The WP Customer Area plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'type' attribute of the `customer-area-protected-content` shortcode in all versions up to, and including, 8.3.5. This is due to insufficient input sanitization and output escaping on the shortcode attribute. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | ||||
| CVE-2026-15628 | 1 Zhayujie | 1 Chatgpt-on-wechat Cowagent | 2026-07-14 | 6.3 Medium |
| A security flaw has been discovered in zhayujie chatgpt-on-wechat CowAgent up to 2.1.1. This issue affects the function Vision._download_to_data_url of the file agent/tools/vision/vision.py of the component Vision Tool. Performing a manipulation of the argument image results in server-side request forgery. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 2.1.2 is capable of addressing this issue. The patch is named e85290cddcbb5ffc9c235927f4c92e5b4c3ec264. The affected component should be upgraded. | ||||
| CVE-2026-51119 | 2026-07-14 | 9.1 Critical | ||
| An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components | ||||
| CVE-2026-39244 | 2026-07-14 | 7.5 High | ||
| adm-zip before 0.5.18 is vulnerable to denial of service via a crafted ZIP file with a manipulated uncompressed size header field. In zipEntry.js line 103, Buffer.alloc(_centralHeader.size) allocates memory based on the declared uncompressed size from the ZIP central directory header without validating it against the actual compressed data size or imposing any upper bound. The size value is read directly from the binary header at entryHeader.js line 266 with no bounds check. An attacker can craft a ~120-byte ZIP file that declares ~4GB uncompressed size, causing a memory allocation amplification ratio of over 33 million to 1. The allocation occurs before CRC validation, so the malicious payload cannot be rejected early. All extraction and read methods are affected: readFile(), readAsText(), extractEntryTo(), extractAllTo(), extractAllToAsync(), test(), and entry.getData(). Any application accepting untrusted ZIP files via adm-zip is vulnerable to immediate process crash. | ||||
| CVE-2026-21040 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-14 | N/A |
| Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs. | ||||
| CVE-2026-21041 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-14 | N/A |
| Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2026-21042 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-14 | N/A |
| Out-of-bounds write in libsavsac.so prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code. | ||||
| CVE-2026-21045 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-14 | N/A |
| Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory. | ||||
| CVE-2026-21050 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-07-14 | N/A |
| Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information. | ||||
| CVE-2026-21057 | 1 Samsung Mobile | 1 Samsung Pass | 2026-07-14 | N/A |
| Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2026-56690 | 1 Dell | 1 Powerflex Manager | 2026-07-14 | 8.5 High |
| Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure, Information exposure, and Unauthorized access. | ||||
| CVE-2026-56688 | 1 Dell | 1 Powerflex Manager | 2026-07-14 | 9.1 Critical |
| Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achieve arbitrary command execution as root, potentially leading to full appliance compromise and lateral movement into managed infrastructure. | ||||