Export limit exceeded: 44127 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44127 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41264 | 1 Flowiseai | 1 Flowise | 2026-04-24 | 9.8 Critical |
| Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the specific flaw exists within the run method of the CSV_Agents class. The issue results from the lack of proper sandboxing when evaluating an LLM generated python script. An attacker can leverage this vulnerability to execute code in the context of the user running the server. Using prompt injection techniques, an unauthenticated attacker with the ability to send prompts to a chatflow using the CSV Agent node may convince an LLM to respond with a malicious python script that executes attacker controlled commands on the Flowise server. This vulnerability is fixed in 3.1.0. | ||||
| CVE-2026-41989 | 1 Gnupg | 1 Libgcrypt | 2026-04-24 | 6.7 Medium |
| Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt. | ||||
| CVE-2025-9300 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 5.3 Medium |
| A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is identified as 316c086e79d66b62c0c4bc66229ee894e4fdb7d1. Applying a patch is advised to resolve this issue. | ||||
| CVE-2020-21049 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 6.5 Medium |
| An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file. | ||||
| CVE-2026-40264 | 1 Openbao | 1 Openbao | 2026-04-24 | 2.7 Low |
| OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token accessors can have their token revoked or renewed by a privileged administrator in another tenant. This is addressed in v2.5.3. | ||||
| CVE-2019-20205 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 8.8 High |
| libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. | ||||
| CVE-2019-3574 | 1 Saitoha | 1 Libsixel | 2026-04-24 | N/A |
| In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. | ||||
| CVE-2020-36120 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 7.5 High |
| Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2018-19761 | 1 Saitoha | 1 Libsixel | 2026-04-24 | N/A |
| There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service. | ||||
| CVE-2018-19756 | 1 Saitoha | 1 Libsixel | 2026-04-24 | N/A |
| There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service. | ||||
| CVE-2018-19763 | 1 Saitoha | 1 Libsixel | 2026-04-24 | N/A |
| There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service. | ||||
| CVE-2018-19759 | 1 Saitoha | 1 Libsixel | 2026-04-24 | N/A |
| There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service. | ||||
| CVE-2019-19636 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 9.8 Critical |
| An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c. | ||||
| CVE-2020-19668 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 6.5 Medium |
| Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. | ||||
| CVE-2019-19637 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 9.8 Critical |
| An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c. | ||||
| CVE-2019-19638 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 9.8 Critical |
| An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow. | ||||
| CVE-2019-19778 | 1 Saitoha | 1 Libsixel | 2026-04-24 | 8.8 High |
| An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c. | ||||
| CVE-2019-19777 | 2 Nothings, Saitoha | 2 Stb Image.h, Libsixel | 2026-04-24 | 8.8 High |
| stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main. | ||||
| CVE-2026-32149 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-04-24 | 7.3 High |
| Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||
| CVE-2026-32076 | 1 Microsoft | 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more | 2026-04-24 | 7.8 High |
| Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally. | ||||