Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-68402 | 1 Freshrss | 1 Freshrss | 2026-03-11 | N/A |
| FreshRSS is a free, self-hostable RSS aggregator. From 57e1a37 - 00f2f04, the lengths of the nonce was changed from 40 chars to 64. password_verify() is currently being called with a constructed string (SHA-256 nonce + part of a bcrypt hash) instead of the raw user password. Due to bcrypt’s 72-byte input truncation, this causes password verification to succeed even when the user enters an incorrect password. This vulnerability is fixed in 1.27.2-dev (476e57b). The issue was only present in the edge branch and never in a stable release. | ||||
| CVE-2025-11158 | 1 Hitachi | 1 Vantara Pentaho Data Integration And Analytics | 2026-03-11 | 9.1 Critical |
| Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x and 8.3.x, do not restrict Groovy scripts in new PRPT reports published by users, allowing insertion of arbitrary scripts and leading to a RCE. | ||||
| CVE-2026-22614 | 1 Eaton | 1 Easysoft | 2026-03-11 | 6.1 Medium |
| The encryption mechanism used in Eaton's EasySoft project file was insecure and susceptible to brute force attacks, an attacker with access to this file and the local host machine could potentially read the sensitive information stored and tamper with the project file. This security issue has been fixed in the latest version of Eaton EasySoft which is available on the Eaton download centre. | ||||
| CVE-2026-2364 | 1 Codesys | 1 Codesys Installer | 2026-03-11 | 7.3 High |
| If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer. | ||||
| CVE-2026-27685 | 1 Sap Se | 1 Sap Netweaver Enterprise Portal Administration | 2026-03-11 | 9.1 Critical |
| SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system. | ||||
| CVE-2026-3089 | 1 Actual | 1 Actual Sync Server | 2026-03-11 | N/A |
| Actual Sync Server allows authenticated users to upload files through POST /sync/upload-user-file. In versions prior to 26.3.0, improper validation of the user-controlled x-actual-file-id header means that traversal segments (../) can escape the intended directory and write files outside userFiles.This issue affects prior versions of Actual Sync Server 26.3.0. | ||||
| CVE-2026-30913 | 1 Flarum | 1 Nicknames | 2026-03-11 | 4.6 Medium |
| Flarum is open-source forum software. When the flarum/nicknames extension is enabled, a registered user can set their nickname to a string that email clients interpret as a hyperlink. The nickname is inserted verbatim into plain-text notification emails, and recipients may be misled into visiting attacker-controlled domains. | ||||
| CVE-2026-30917 | 1 Weirdgloop | 1 Mediawiki-extensions-bucket | 2026-03-11 | N/A |
| Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to 2.1.1, a stored XSS can be inserted into any Bucket table field that has a PAGE type, which will execute whenever a user views that table's corresponding Bucket namespace page. This vulnerability is fixed in 2.1.1. | ||||
| CVE-2026-0489 | 1 Sap Se | 1 Sap Business One (job Service) | 2026-03-11 | 6.1 Medium |
| Due to insufficient validation of user-controlled input in the URLs query parameter. SAP Business One Job Service could allow an unauthenticated attacker to inject specially crafted input which upon user interaction could result in a DOM-based Cross-Site Scripting (XSS) vulnerability. This issue had a low impact on the confidentiality and integrity of the application with no impact on availability. | ||||
| CVE-2026-24310 | 1 Sap | 1 Netweaver Application Server For Abap | 2026-03-11 | 3.5 Low |
| Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database catalog of the ABAP system. This vulnerability has low impact on the application's confidentiality with no effect on the integrity and availability. | ||||
| CVE-2026-1286 | 1 Schneider-electric | 1 Foxboro Dcs | 2026-03-11 | N/A |
| CWE-502: Deserialization of untrusted data vulnerability exists that could lead to loss of confidentiality, integrity and potential remote code execution on workstation when an admin authenticated user opens a malicious project file. | ||||
| CVE-2025-69615 | 1 Deutsche Telekom | 1 Account Management Portal | 2026-03-11 | 9.1 Critical |
| Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-24, fixed 2025-11-03. | ||||
| CVE-2026-24313 | 1 Sap Se | 1 Sap Solution Tools Plug-in (st-pi) | 2026-03-11 | 5 Medium |
| SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability. | ||||
| CVE-2026-0953 | 2 Themeum, Wordpress | 2 Tutor Lms, Wordpress | 2026-03-11 | 9.8 Critical |
| The Tutor LMS Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.9.5 via the Social Login addon. This is due to the plugin failing to verify that the email provided in the authentication request matches the email from the validated OAuth token. This makes it possible for unauthenticated attackers to log in as any existing user, including administrators, by supplying a valid OAuth token from their own account along with the victim's email address. | ||||
| CVE-2025-54659 | 1 Fortinet | 1 Fortisoaragentcommunicationbridge | 2026-03-11 | 5.5 Medium |
| An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all versions may allow an unauthenticated attacker to read files accessible to the fortisoar user on a system where the agent is deployed, via sending a crafted request to the agent port. | ||||
| CVE-2025-13957 | 1 Schneider-electric | 1 Struxureware Data Center Expert | 2026-03-11 | N/A |
| CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default. | ||||
| CVE-2025-13902 | 1 Schneider-electric | 2 Modicon Controllers M241/m251, Modicon Controllers M258/lmc058 | 2026-03-11 | N/A |
| CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause condition where authenticated attackers can have a victim’s browser run arbitrary JavaScript when the victim hovers over a maliciously crafted element on a web server containing the injected payload. | ||||
| CVE-2025-13901 | 1 Schneider-electric | 2 Modicon M241/m251, Modicon M262 | 2026-03-11 | N/A |
| CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels. | ||||
| CVE-2026-3719 | 1 Tsinghua Unigroup | 1 Electronic Archives System | 2026-03-11 | 5.3 Medium |
| A vulnerability was identified in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This issue affects some unknown processing of the file /System/Cms/downLoad. The manipulation of the argument path leads to path traversal. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-27825 | 1 Sooperset | 1 Mcp-atlassian | 2026-03-11 | 9.1 Critical |
| MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, the `confluence_download_attachment` MCP tool accepts a `download_path` parameter that is written to without any directory boundary enforcement. An attacker who can call this tool and supply or access a Confluence attachment with malicious content can write arbitrary content to any path the server process has write access to. Because the attacker controls both the write destination and the written content (via an uploaded Confluence attachment), this constitutes for arbitrary code execution (for example, writing a valid cron entry to `/etc/cron.d/` achieves code execution within one scheduler cycle with no server restart required). Version 0.17.0 fixes the issue. | ||||