Export limit exceeded: 342201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (342201 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-7343 | 1 Belden | 1 Hirschmann Industrial Hivision | 2026-04-03 | 7.8 High |
| HiSecOS web server versions 05.0.00 to 08.3.01 prior to 08.3.02 contains a privilege escalation vulnerability that allows authenticated users with operator or auditor roles to escalate privileges to the administrator role by sending specially crafted packets to the web server. Attackers can exploit this flaw to gain full administrative access to the affected device. | ||||
| CVE-2024-40849 | 1 Apple | 1 Macos | 2026-04-03 | 7.5 High |
| A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox. | ||||
| CVE-2025-59709 | 2026-04-03 | N/A | ||
| An issue was discovered in Biztalk360 through 11.5. because of mishandling of user-provided input in a path to be read by the server, a Super User attacker is able to read files on the system and/or coerce an authentication from the service, aka Directory Traversal. | ||||
| CVE-2025-43202 | 1 Apple | 2 Ios And Ipados, Macos | 2026-04-03 | 8.8 High |
| This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption. | ||||
| CVE-2025-43219 | 1 Apple | 1 Macos | 2026-04-03 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory. | ||||
| CVE-2025-43236 | 1 Apple | 1 Macos | 2026-04-03 | 3.3 Low |
| A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination. | ||||
| CVE-2025-43264 | 1 Apple | 1 Macos | 2026-04-03 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory. | ||||
| CVE-2025-58136 | 1 Apache | 1 Traffic Server | 2026-04-03 | 7.5 High |
| A bug in POST request handling causes a crash under a certain condition. This issue affects Apache Traffic Server: from 10.0.0 through 10.1.1, from 9.0.0 through 9.2.12. Users are recommended to upgrade to version 10.1.2 or 9.2.13, which fix the issue. A workaround for older versions is to set proxy.config.http.request_buffer_enabled to 0 (the default value is 0). | ||||
| CVE-2025-65114 | 1 Apache | 1 Traffic Server | 2026-04-03 | 7.5 High |
| Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.12, from 10.0.0 through 10.1.1. Users are recommended to upgrade to version 9.2.13 or 10.1.2, which fix the issue. | ||||
| CVE-2026-23419 | 1 Linux | 1 Linux Kernel | 2026-04-03 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: net/rds: Fix circular locking dependency in rds_tcp_tune syzbot reported a circular locking dependency in rds_tcp_tune() where sk_net_refcnt_upgrade() is called while holding the socket lock: ====================================================== WARNING: possible circular locking dependency detected ====================================================== kworker/u10:8/15040 is trying to acquire lock: ffffffff8e9aaf80 (fs_reclaim){+.+.}-{0:0}, at: __kmalloc_cache_noprof+0x4b/0x6f0 but task is already holding lock: ffff88805a3c1ce0 (k-sk_lock-AF_INET6){+.+.}-{0:0}, at: rds_tcp_tune+0xd7/0x930 The issue occurs because sk_net_refcnt_upgrade() performs memory allocation (via get_net_track() -> ref_tracker_alloc()) while the socket lock is held, creating a circular dependency with fs_reclaim. Fix this by moving sk_net_refcnt_upgrade() outside the socket lock critical section. This is safe because the fields modified by the sk_net_refcnt_upgrade() call (sk_net_refcnt, ns_tracker) are not accessed by any concurrent code path at this point. v2: - Corrected fixes tag - check patch line wrap nits - ai commentary nits | ||||
| CVE-2026-27655 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-04-03 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report. | ||||
| CVE-2026-28736 | 2026-04-03 | 4.3 Medium | ||
| ** UNSUPPORTED WHEN ASSIGNED ** Focalboard version 8.0 fails to validate file ownership when serving uploaded files. This allows an authenticated attacker who knows a victim's fileID to read the content of the file. NOTE: Focalboard as a standalone product is not maintained and no fix will be issued. | ||||
| CVE-2026-28756 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-04-03 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report. | ||||
| CVE-2026-28815 | 1 Apple | 1 Macos | 2026-04-03 | 7.5 High |
| A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1. | ||||
| CVE-2026-30251 | 1 Interzen Consulting | 1 Zenshare Suite | 2026-04-03 | 6.1 Medium |
| A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter. | ||||
| CVE-2026-30252 | 1 Interzen Consulting | 1 Zenshare Suite | 2026-04-03 | 6.1 Medium |
| Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters. | ||||
| CVE-2026-30603 | 1 Qianniao | 1 Qn-l23pa0904 | 2026-04-03 | 6.8 Medium |
| An issue in the firmware update mechanism of Qianniao QN-L23PA0904 v20250721.1640 allows attackers to gain root access, install backdoors, and exfiltrate data via supplying a crafted iu.sh script contained in an SD card. | ||||
| CVE-2026-34452 | 1 Anthropics | 1 Anthropic-sdk-python | 2026-04-03 | N/A |
| The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the async local filesystem memory tool in the Anthropic Python SDK validated that model-supplied paths resolved inside the sandboxed memory directory, but then returned the unresolved path for subsequent file operations. A local attacker able to write to the memory directory could retarget a symlink between validation and use, causing reads or writes to escape the sandbox. The synchronous memory tool implementation was not affected. This issue has been patched in version 0.87.0. | ||||
| CVE-2026-34605 | 2 B3log, Siyuan | 2 Siyuan, Siyuan | 2026-04-03 | 6.1 Medium |
| SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes it through. The SVG is served with Content-Type: image/svg+xml and no Content Security Policy; when a browser opens the response directly, its XML parser resolves the prefix to the SVG namespace and executes the embedded script. This issue has been patched in version 3.6.2. | ||||
| CVE-2026-30304 | 1 Tianguaduizhang | 1 Ai Code | 2026-04-03 | 9.6 Critical |
| In its design for automatic terminal command execution, AI Code offers two options: Execute safe commands and execute all commands. The description for the former states that commands determined by the model to be safe will be automatically executed, whereas if the model judges a command to be potentially destructive, it still requires user approval. However, this design is highly susceptible to prompt injection attacks. An attacker can employ a generic template to wrap any malicious command and mislead the model into misclassifying it as a 'safe' command, thereby bypassing the user approval requirement and resulting in arbitrary command execution. | ||||