Export limit exceeded: 20397 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20397 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25262 | 1 Angryip | 2 Angry Ip Scanner, Angry Ip Scanner For Linux | 2026-04-27 | 6.2 Medium |
| Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences Ports tab to trigger an application crash. | ||||
| CVE-2018-25271 | 2 Helios, Textpad | 2 Textpad, Textpad | 2026-04-27 | 6.2 Medium |
| Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools > Run to trigger a buffer overflow that crashes the application. | ||||
| CVE-2026-41988 | 1 Uuidjs | 1 Uuid | 2026-04-27 | 3.2 Low |
| uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue. | ||||
| CVE-2018-25274 | 1 Infrarecorder | 1 Infrarecorder | 2026-04-27 | 6.2 Medium |
| InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an application crash. | ||||
| CVE-2018-25279 | 1 Convertimagetotext | 1 Jina Ocr Image To Text | 2026-04-27 | 6.2 Medium |
| jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the file to PDF. | ||||
| CVE-2026-7061 | 1 Toowiredd | 1 Chatgpt-mcp-server | 2026-04-27 | 7.3 High |
| A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-7064 | 1 Agentdeskai | 1 Browser-tools-mcp | 2026-04-27 | 7.3 High |
| A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-7066 | 1 Choieastsea | 1 Simple-openstack-mcp | 2026-04-27 | 7.3 High |
| A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-41312 | 2 Py-pdf, Pypdf Project | 2 Pypdf, Pypdf | 2026-04-27 | 6.5 Medium |
| pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually. | ||||
| CVE-2026-41314 | 2 Py-pdf, Pypdf Project | 2 Pypdf, Pypdf | 2026-04-27 | 6.5 Medium |
| pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the patch manually. | ||||
| CVE-2026-7037 | 1 Totolink | 2 A8000ru, A8000ru Firmware | 2026-04-27 | 9.8 Critical |
| A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument pptpPassThru results in os command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-41179 | 1 Rclone | 1 Rclone | 2026-04-27 | 9.8 Critical |
| Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint `operations/fsinfo` is exposed without `AuthRequired: true` and accepts attacker-controlled `fs` input. Because `rc.GetFs(...)` supports inline backend definitions, an unauthenticated attacker can instantiate an attacker-controlled backend on demand. For the WebDAV backend, `bearer_token_command` is executed during backend initialization, making single-request unauthenticated local command execution possible on reachable RC deployments without global HTTP authentication. Version 1.73.5 patches the issue. | ||||
| CVE-2026-5503 | 1 Wolfssl | 1 Wolfssl | 2026-04-27 | 9.1 Critical |
| In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach the attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI was configured. TLSX_EchRestoreSNI then failed to clean it up because its removal was gated on serverNameX != NULL. The inner ClientHello was sized before the pollution but written after it, causing TLSX_SNI_Write to memcpy 255 bytes past the allocation boundary. | ||||
| CVE-2026-5495 | 2 Labcenter, Labcenter Electronics | 2 Proteus, Proteus | 2026-04-27 | N/A |
| Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDSPRJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25720. | ||||
| CVE-2026-5494 | 2 Labcenter, Labcenter Electronics | 2 Proteus, Proteus | 2026-04-27 | N/A |
| Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDSPRJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25719. | ||||
| CVE-2026-5493 | 2 Labcenter, Labcenter Electronics | 2 Proteus, Proteus | 2026-04-27 | N/A |
| Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDSPRJ files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25718. | ||||
| CVE-2024-42479 | 2 Ggerganov, Ggml | 2 Llama.cpp, Llama.cpp | 2026-04-27 | 10 Critical |
| llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561. | ||||
| CVE-2024-23605 | 1 Ggml | 1 Llama.cpp | 2026-04-27 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-21836 | 1 Ggml | 1 Llama.cpp | 2026-04-27 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-21802 | 1 Ggml | 1 Llama.cpp | 2026-04-27 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||