Export limit exceeded: 76324 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76324 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-53544 | 1 Linux | 1 Linux Kernel | 2026-03-21 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver(). If one of the cpufreq callbacks is called just before cpufreq_unregister_driver() is run, the freed clks might be used. | ||||
| CVE-2026-33002 | 2 Jenkins, Jenkins Project | 2 Jenkins, Jenkins | 2026-03-21 | 7.5 High |
| Jenkins 2.442 through 2.554 (both inclusive), LTS 2.426.3 through LTS 2.541.2 (both inclusive) performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable to DNS rebinding attacks that allow bypassing origin validation. | ||||
| CVE-2026-32610 | 1 Nicolargo | 1 Glances | 2026-03-21 | 8.1 High |
| Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, the Glances REST API web server ships with a default CORS configuration that sets `allow_origins=["*"]` combined with `allow_credentials=True`. When both of these options are enabled together, Starlette's `CORSMiddleware` reflects the requesting `Origin` header value in the `Access-Control-Allow-Origin` response header instead of returning the literal `*` wildcard. This effectively grants any website the ability to make credentialed cross-origin API requests to the Glances server, enabling cross-site data theft of system monitoring information, configuration secrets, and command line arguments from any user who has an active browser session with a Glances instance. Version 4.5.2 fixes the issue. | ||||
| CVE-2026-26740 | 2 Giflib, Giflib Project | 2 Giflib, Giflib | 2026-03-21 | 8.2 High |
| Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size. | ||||
| CVE-2026-27135 | 1 Nghttp2 | 1 Nghttp2 | 2026-03-20 | 7.5 High |
| nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API `nghttp2_session_terminate_session` or `nghttp2_session_terminate_session2` is called by the application. They might be called internally by the library when it detects the situation that is subject to connection error. Due to the missing internal state validation, the library keeps reading the rest of the data after one of those APIs is called. Then receiving a malformed frame that causes FRAME_SIZE_ERROR causes assertion failure. nghttp2 v1.68.1 adds missing state validation to avoid assertion failure. No known workarounds are available. | ||||
| CVE-2026-20128 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-03-20 | 7.5 High |
| A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This vulnerability is due to the presence of a credential file for the DCA user on an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request and reading the file that contains the DCA password from that affected system. A successful exploit could allow the attacker to access another affected system and gain DCA user privileges. Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. | ||||
| CVE-2026-20126 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-03-20 | 8.8 High |
| A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system. | ||||
| CVE-2025-5987 | 2 Libssh, Redhat | 6 Libssh, Enterprise Linux, Enterprise Linux Eus and 3 more | 2026-03-20 | 8.1 High |
| A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes. | ||||
| CVE-2026-33302 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-03-20 | 8.1 High |
| OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the module ACL function `AclMain::zhAclCheck()` only checks for the presence of any "allow" (user or group). It never checks for explicit "deny" (allowed=0). As a result, administrators cannot revoke access by setting a user or group to "deny"; if the user is in a group that has "allow," access is granted regardless of explicit denies. Version 8.0.0.2 fixes the issue. | ||||
| CVE-2026-32749 | 1 Siyuan | 1 Siyuan | 2026-03-20 | 7.6 High |
| SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outside the temp directory - including system paths that enable RCE. This can lead to aata destruction by overwriting workspace or application files, and for Docker containers running as root (common default), this grants full container compromise. This issue has been fixed in version 3.6.1. | ||||
| CVE-2026-32014 | 1 Openclaw | 1 Openclaw | 2026-03-20 | 8 High |
| OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect metadata to bypass platform-based node command policies and gain access to restricted commands. | ||||
| CVE-2026-32032 | 1 Openclaw | 1 Openclaw | 2026-03-20 | 7 High |
| OpenClaw versions prior to 2026.2.22 contain an arbitrary shell execution vulnerability in shell environment fallback that trusts the unvalidated SHELL path from the host environment. An attacker with local environment access can inject a malicious SHELL variable to execute arbitrary commands with the privileges of the OpenClaw process. | ||||
| CVE-2026-32933 | 1 Luckypennysoftware | 1 Automapper | 2026-03-20 | 7.5 High |
| AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service (DoS) attack. When mapping deeply nested object graphs, the library uses recursive method calls without enforcing a default maximum depth limit. This allows an attacker to provide a specially crafted object graph that exhausts the thread's stack memory, triggering a `StackOverflowException` and causing the entire application process to terminate. Versions 15.1.1 and 16.1.1 fix the issue. | ||||
| CVE-2026-33125 | 2 Blakeblackshear, Frigate | 2 Frigate, Frigate | 2026-03-20 | 7.1 High |
| Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version 0.16.3. | ||||
| CVE-2026-33128 | 2 H3, H3js | 2 H3, H3 | 2026-03-20 | 7.5 High |
| H3 is a minimal H(TTP) framework. In versions prior to 1.15.6 and between 2.0.0 through 2.0.1-rc.14, createEventStream is vulnerable to Server-Sent Events (SSE) injection due to missing newline sanitization in formatEventStreamMessage() and formatEventStreamComment(). An attacker who controls any part of an SSE message field (id, event, data, or comment) can inject arbitrary SSE events to connected clients. This issue is fixed in versions 1.15.6 and 2.0.1-rc.15. | ||||
| CVE-2026-33131 | 2 H3, H3js | 2 H3, H3 | 2026-03-20 | 7.4 High |
| H3 is a minimal H(TTP) framework. Versions 2.0.0-0 through 2.0.1-rc.14 contain a Host header spoofing vulnerability in the NodeRequestUrl (which extends FastURL) which allows middleware bypass. When event.url, event.url.hostname, or event.url._url is accessed, such as in a logging middleware, the _url getter constructs a URL from untrusted data, including the user-controlled Host header. Because H3's router resolves the route handler before middleware runs, an attacker can supply a crafted Host header (e.g., Host: localhost:3000/abchehe?) to make the middleware path check fail while the route handler still matches, effectively bypassing authentication or authorization middleware. This affects any application built on H3 (including Nitro/Nuxt) that accesses event.url properties in middleware guarding sensitive routes. The issue requires an immediate fix to prevent FastURL.href from being constructed with unsanitized, attacker-controlled input. Version 2.0.1-rc.15 contains a patch for this issue. | ||||
| CVE-2026-22766 | 1 Dell | 1 Wyse Management Suite | 2026-03-20 | 7.2 High |
| Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | ||||
| CVE-2026-22765 | 1 Dell | 1 Wyse Management Suite | 2026-03-20 | 8.8 High |
| Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2026-33053 | 1 Langflow | 1 Langflow | 2026-03-20 | 8.8 High |
| Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an api_key_id path parameter and deletes it with only a generic authentication check (get_current_active_user dependency). However, the delete_api_key() CRUD function does NOT verify that the API key belongs to the current user before deletion. | ||||
| CVE-2026-33133 | 2 Labredescefetrj, Wegia | 2 Wegia, Wegia | 2026-03-20 | 7.2 High |
| WeGIA is a web manager for charitable institutions. In versions 3.6.5 and 3.6.6, the loadBackupDB() function imports SQL files from uploaded backup archives without any content validation. An attacker can craft a backup archive containing arbitrary SQL statements that create rogue administrator accounts, modify existing passwords, or execute any database operation. This was introduced in commit 370104c. This issue was patched in version 3.6.7. | ||||