Export limit exceeded: 363118 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 85444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85444 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9050 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2026-06-25 | 7.8 High |
| A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. | ||||
| CVE-2025-10990 | 1 Redhat | 4 Rhel Satellite Client, Satellite, Satellite Capsule and 1 more | 2026-06-25 | 7.5 High |
| A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761. | ||||
| CVE-2026-56005 | 2 Melapress, Wordpress | 2 Wp Activity Log, Wordpress | 2026-06-25 | 7.1 High |
| Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions. | ||||
| CVE-2026-54842 | 2 Royal Plugins, Wordpress | 2 Royal Mcp, Wordpress | 2026-06-25 | 8.1 High |
| Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25. | ||||
| CVE-2026-46733 | 1 Dell | 1 Display And Peripheral Manager | 2026-06-25 | 7.8 High |
| Dell Display and Peripheral Manager (DDPM Windows), versions prior to 2.3, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. | ||||
| CVE-2026-56014 | 2 Averta, Wordpress | 2 Master Slider, Wordpress | 2026-06-25 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions. | ||||
| CVE-2026-54829 | 2 Jacob N. Breetvelt, Wordpress | 2 Wp Photo Album Plus, Wordpress | 2026-06-25 | 7.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows Blind SQL Injection. This issue affects WP Photo Album Plus: from n/a through 9.1.13.005. | ||||
| CVE-2026-55759 | 1 Rocketchat | 1 Rocket.chat | 2026-06-25 | 7.4 High |
| Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, Rocket.Chat's Apple Sign-In handler verifies JWT signatures but skips claims validation. Any Apple-signed JWT with a non-empty iss is accepted regardless of aud, exp, nbf, or nonce. An attacker who obtains a target user's Apple identity token (from server logs, an intercepted sign-in flow, or another application sharing the same Apple developer team) can replay it to authenticate as that user, with no expiration on the replay window. This vulnerability is fixed in 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13. | ||||
| CVE-2026-52805 | 1 Gogs | 1 Gogs | 2026-06-25 | 8.7 High |
| Gogs is an open source self-hosted Git service. Prior to 0.14.3, a Server-Side Request Forgery (SSRF) vulnerability exists in the repository migration functionality. The application validates only the initially submitted URL hostname, but git clone --mirror follows HTTP redirects. An authenticated user can submit a public URL that redirects to a blocked internal endpoint (e.g., 127.0.0.1), importing the internal repository's contents into an attacker-controlled repository. This vulnerability is fixed in 0.14.3. | ||||
| CVE-2026-56042 | 2 Algolplus, Wordpress | 2 Advanced Order Export For Woocommerce, Wordpress | 2026-06-25 | 7.1 High |
| Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions. | ||||
| CVE-2026-56049 | 2 Postsnippets, Wordpress | 2 Post Snippets, Wordpress | 2026-06-25 | 8.5 High |
| Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions. | ||||
| CVE-2026-56054 | 2 Ahmad, Wordpress | 2 Js Help Desk, Wordpress | 2026-06-25 | 7.7 High |
| Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions. | ||||
| CVE-2026-46734 | 1 Dell | 1 Display And Peripheral Manager | 2026-06-25 | 7.3 High |
| Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Protection mechanism bypass. | ||||
| CVE-2026-46735 | 1 Dell | 1 Display And Peripheral Manager | 2026-06-25 | 7.8 High |
| Dell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-2586 | 1 Redhat | 1 Openshift Lightspeed | 2026-06-25 | 7.5 High |
| A flaw was found in the OpenShift Lightspeed Service, which is vulnerable to unauthenticated API request flooding. Repeated queries to non-existent endpoints inflate metrics storage and processing, consuming excessive resources. This issue can lead to monitoring system degradation, increased disk usage, and potential service unavailability. Since the issue does not require authentication, an external attacker can exhaust CPU, RAM, and disk space, impacting both application and cluster stability. | ||||
| CVE-2026-12992 | 1 Redhat | 1 Apicurio Registry | 2026-06-25 | 7.4 High |
| A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role access can upload a WSDL document containing attacker-controlled import locations, causing the registry to issue HTTP requests to arbitrary internal URLs (server-side request forgery). | ||||
| CVE-2026-53218 | 1 Linux | 1 Linux Kernel | 2026-06-25 | 7.0 High |
| In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_exthdr: fix register tracking for F_PRESENT flag nft_exthdr_init() passes user-controlled priv->len to nft_parse_register_store(), which marks that many bytes in the register bitmap as initialized. However, when NFT_EXTHDR_F_PRESENT is set, the eval paths write only 1 byte (nft_reg_store8) or 4 bytes (*dest = 0 on TCP/DCCP error path). When len > 4, registers beyond the first are never written, retaining uninitialized stack data from nft_regs. Bail out if userspace requests too much data when F_PRESENT is set. | ||||
| CVE-2026-54841 | 2 Appsbd, Wordpress | 2 Vitepos, Wordpress | 2026-06-25 | 7.5 High |
| Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions. | ||||
| CVE-2026-55477 | 1 Mhsanaei | 1 3x-ui | 2026-06-25 | 7.2 High |
| 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by modifying Xray configuration values stored in the database. This can be leveraged to obtain code execution and persistent access as the user running Xray (including root when Xray is running as root). This vulnerability is fixed in 3.3.1. | ||||
| CVE-2025-64309 | 1 Brightpick Ai | 1 Mission Control | 2026-06-25 | 7.4 High |
| The affected product discloses device telemetry, configuration, and sensitive information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques. | ||||