Export limit exceeded: 342201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342201 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21631 | 1 Joomla | 1 Joomla! | 2026-04-03 | N/A |
| Lack of output escaping leads to a XSS vector in the multilingual associations component. | ||||
| CVE-2026-23899 | 1 Joomla | 1 Joomla! | 2026-04-03 | N/A |
| An improper access check allows unauthorized access to webservice endpoints. | ||||
| CVE-2026-21629 | 1 Joomla | 1 Joomla! | 2026-04-03 | N/A |
| The ajax component was excluded from the default logged-in-user check in the administrative area. This behavior was potentially unexpected by 3rd party developers. | ||||
| CVE-2026-23898 | 1 Joomla | 1 Joomla! | 2026-04-03 | N/A |
| Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. | ||||
| CVE-2026-21630 | 1 Joomla | 1 Joomla! | 2026-04-03 | N/A |
| Improperly built order clauses lead to a SQL injection vulnerability in the articles webservice endpoint. | ||||
| CVE-2026-35091 | 2 Corosync, Redhat | 4 Corosync, Enterprise Linux, Openshift and 1 more | 2026-04-03 | 8.2 High |
| A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol (UDP) packet. This can lead to an out-of-bounds read, causing a denial of service (DoS) and potentially disclosing limited memory contents. This vulnerability affects Corosync when running in totemudp/totemudpu mode, which is the default configuration. | ||||
| CVE-2026-24068 | 1 Vienna Symphonic Library | 1 Vienna Assistant | 2026-04-03 | 8.8 High |
| The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can connect to this service using the configured protocol. A malicious process is able to call all the functions defined in the corresponding HelperToolProtocol. No validation is performed in the functions "writeReceiptFile" and “runUninstaller” of the HelperToolProtocol. This allows an attacker to write files to any location with any data as well as execute any file with any arguments. Any process can call these functions because of the missing XPC client validation described before. The abuse of the missing endpoint validation leads to privilege escalation. | ||||
| CVE-2023-5106 | 1 Gitlab | 1 Gitlab | 2026-04-03 | 8.2 High |
| An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports. | ||||
| CVE-2026-33976 | 1 Streetwriters | 4 Notesnook Desktop, Notesnook Ios/android, Notesnook Mobile and 1 more | 2026-04-03 | 9.7 Critical |
| Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the desktop app. The root cause is that the clipper preserves attacker-controlled attributes from the source page’s root element and stores them inside web-clip HTML. When the clip is later opened, Notesnook renders that HTML into a same-origin, unsandboxed iframe using `contentDocument.write(...)`. Event-handler attributes such as `onload`, `onclick`, or `onmouseover` execute in the Notesnook origin. In the desktop app, this becomes RCE because Electron is configured with `nodeIntegration: true` and `contextIsolation: false`. Version 3.3.11 Web/Desktop and 3.3.17 on Android/iOS patch the issue. | ||||
| CVE-2025-0133 | 1 Palo Alto Networks | 3 Cloud Ngfw, Pan-os, Prisma Access | 2026-04-03 | N/A |
| A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click on a specially crafted link. The primary risk is phishing attacks that can lead to credential theft—particularly if you enabled Clientless VPN. There is no availability impact to GlobalProtect features or GlobalProtect users. Attackers cannot use this vulnerability to tamper with or modify contents or configurations of the GlobalProtect portal or gateways. The integrity impact of this vulnerability is limited to enabling an attacker to create phishing and credential-stealing links that appear to be hosted on the GlobalProtect portal. For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 https://security.paloaltonetworks.com/PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN. | ||||
| CVE-2012-0059 | 1 Redhat | 4 Enterprise Linux, Network Proxy, Network Satellite and 1 more | 2026-04-03 | 4.9 Medium |
| A flaw was found in Spacewalk-backend. This information disclosure vulnerability occurs when a system registration XML-RPC call fails, causing cleartext user passwords to be included in error messages. Remote administrators can exploit this by reading server logs and emails, leading to the unauthorized disclosure of user passwords. | ||||
| CVE-2011-3344 | 1 Redhat | 3 Enterprise Linux, Network Satellite, Spacewalk | 2026-04-03 | 5.4 Medium |
| A flaw was found in Spacewalk. A remote attacker can exploit a cross-site scripting (XSS) vulnerability in the Lookup Login/Password form by injecting arbitrary web script or HTML via the URI. This can lead to information disclosure or unauthorized actions within the user's browser session. | ||||
| CVE-2011-2927 | 1 Redhat | 3 Enterprise Linux, Network Satellite, Spacewalk | 2026-04-03 | 5.4 Medium |
| A flaw was found in Spacewalk and Red Hat Network Satellite. This vulnerability, known as cross-site scripting (XSS), allows remote attackers to inject malicious web scripts or HTML into web pages viewed by other users. The flaw is triggered through vectors related to Search forms, enabling attackers to potentially steal sensitive information or perform actions on behalf of the victim. | ||||
| CVE-2025-31675 | 1 Drupal | 1 Drupal | 2026-04-02 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS).This issue affects Drupal core: from 8.0.0 before 10.3.14, from 10.4.0 before 10.4.5, from 11.0.0 before 11.0.13, from 11.1.0 before 11.1.5. It also affects the Drupal 7 module from versions 7.x-1.0 through 7.x-1.12. | ||||
| CVE-2025-9566 | 1 Redhat | 8 Enterprise Linux, Openshift, Openshift Devspaces and 5 more | 2026-04-02 | 8.1 High |
| There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | ||||
| CVE-2011-2920 | 1 Redhat | 3 Enterprise Linux, Network Satellite, Spacewalk | 2026-04-02 | 5.5 Medium |
| A flaw was found in Spacewalk and Red Hat Network Satellite. This cross-site scripting (XSS) vulnerability allows a remote attacker to inject arbitrary web script or HTML into web pages through various input fields, such as the "Filter by Synopsis" field. This could lead to the execution of malicious code in a user's web browser, potentially compromising user sessions or disclosing sensitive information. | ||||
| CVE-2011-1594 | 1 Redhat | 3 Enterprise Linux, Network Satellite, Spacewalk | 2026-04-02 | 6.5 Medium |
| A flaw was found in Spacewalk, as used in Red Hat Network Satellite. This open redirect vulnerability allows remote attackers to redirect users to arbitrary web sites by manipulating a URL in the url_bounce parameter. This can enable attackers to conduct phishing attacks, potentially leading to unauthorized information disclosure or credential theft. | ||||
| CVE-2019-25613 | 1 Echatserver | 1 Easy Chat Server | 2026-04-02 | 7.5 High |
| Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the application by sending oversized data in the message parameter. Attackers can establish a session via the chat.ghp endpoint and then send a POST request to body2.ghp with an excessively large message parameter value to cause the service to crash. | ||||
| CVE-2026-0945 | 2 Drupal, Role Delegation Project | 2 Role Delegation, Role Delegation | 2026-04-02 | 5.4 Medium |
| Privilege Defined With Unsafe Actions vulnerability in Drupal Role Delegation allows Privilege Escalation.This issue affects Role Delegation: from 1.3.0 before 1.5.0. | ||||
| CVE-2026-0648 | 1 Eclipse | 1 Threadx | 2026-04-02 | 7.8 High |
| The vulnerability stems from an incorrect error-checking logic in the CreateCounter() function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_osek.c) when handling the return value of osek_get_counter(). Specifically, the current code checks if cntr_id equals 0u to determine failure, but @osek_get_counter() actually returns E_OS_SYS_STACK (defined as 12U) when it fails. This mismatch causes the error branch to never execute even when the counter pool is exhausted. As a result, when the counter pool is depleted, the code proceeds to cast the error code (12U) to a pointer (OSEK_COUNTER *), creating a wild pointer. Subsequent writes to members of this pointer lead to writes to illegal memory addresses (e.g., 0x0000000C), which can trigger immediate HardFaults or silent memory corruption. This vulnerability poses significant risks, including potential denial-of-service attacks (via repeated calls to exhaust the counter pool) and unauthorized memory access. | ||||