Export limit exceeded: 42500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42500 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28857 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-03-31 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28859 | 1 Apple | 8 Ios And Ipados, Ipados, Iphone Os and 5 more | 2026-03-31 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox. | ||||
| CVE-2026-20664 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-03-31 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-33515 | 1 Squid-cache | 1 Squid | 2026-03-31 | 6.5 Medium |
| Squid is a caching proxy for the Web. Prior to version 7.5, due to improper input validation, Squid is vulnerable to out of bounds read when handling ICP traffic. This problem allows a remote attacker to receive small amounts of memory potentially containing sensitive information when responding with errors to invalid ICP requests. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non-zero `icp_port`). This problem cannot be mitigated by denying ICP queries using `icp_access` rules. Version 7.5 contains a patch. | ||||
| CVE-2026-22593 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-03-31 | 8.4 High |
| EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MAX_FILE_NAME_LENGTH` (100). A crafted filename in the certificate directory can overflow `file_names[idx]`, corrupting stack state and enabling potential code execution. Version 2026.02.0 contains a patch. | ||||
| CVE-2026-22790 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-03-31 | 8.8 High |
| EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugMessage::setup_payload` trusts `len` after an `assert`; in release builds the check is removed, so oversized SLAC payloads are `memcpy`'d into a ~1497-byte stack buffer, corrupting the stack and enabling remote code execution from network-provided frames. Version 2026.02.0 contains a patch. | ||||
| CVE-2026-23995 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-03-31 | 8.4 High |
| EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adjacent stack data and enabling potential code execution. A malicious or misconfigured interface name can trigger this before any privilege checks. Version 2026.02.0 contains a patch. | ||||
| CVE-2026-26008 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-03-31 | 7.5 High |
| EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch. | ||||
| CVE-2026-26073 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-03-31 | 5.9 Medium |
| EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible `std::queue`/`std::deque` corruption. The trigger is powermeter public key update and EV session/error events (while OCPP not started). This results in a TSAN data race report and an ASAN/UBSAN misaligned address runtime error being observed. Version 2026.02.0 contains a patch. | ||||
| CVE-2026-3108 | 1 Mattermost | 2 Mattermost, Mattermost Server | 2026-03-31 | 8 High |
| Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599 | ||||
| CVE-2026-4902 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2026-03-31 | 8.8 High |
| A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-33743 | 2 Linuxcontainers, Lxc | 2 Incus, Incus | 2026-03-31 | 6.5 Medium |
| Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a denial of service of the control plane API. This does not impact any running workload, existing containers and virtual machines will keep operating. Version 6.23.0 fixes the issue. | ||||
| CVE-2026-32984 | 1 Wazuh | 1 Wazuh | 2026-03-31 | 3.5 Low |
| Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the authentication daemon. | ||||
| CVE-2023-7340 | 1 Wazuh | 1 Wazuh | 2026-03-31 | 3.1 Low |
| Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the authentication daemon. | ||||
| CVE-2026-4961 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-03-31 | 8.8 High |
| A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-32187 | 1 Microsoft | 2 Edge, Edge Chromium | 2026-03-31 | 4.2 Medium |
| Microsoft Edge (Chromium-based) Defense in Depth Vulnerability | ||||
| CVE-2026-33916 | 1 Handlebarsjs | 1 Handlebars | 2026-03-31 | 4.7 Medium |
| Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, `resolvePartial()` in the Handlebars runtime resolves partial names via a plain property lookup on `options.partials` without guarding against prototype-chain traversal. When `Object.prototype` has been polluted with a string value whose key matches a partial reference in a template, the polluted string is used as the partial body and rendered without HTML escaping, resulting in reflected or stored XSS. Version 4.7.9 fixes the issue. Some workarounds are available. Apply `Object.freeze(Object.prototype)` early in application startup to prevent prototype pollution. Note: this may break other libraries, and/or use the Handlebars runtime-only build (`handlebars/runtime`), which does not compile templates and reduces the attack surface. | ||||
| CVE-2026-5024 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2026-03-31 | 8.8 High |
| A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-5043 | 1 Belkin | 2 F9k1122, F9k1122 Firmware | 2026-03-31 | 8.8 High |
| A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4176 | 1 Shay | 1 Perl | 2026-03-31 | 9.8 Critical |
| Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib. Compress::Raw::Zlib is included in the Perl package as a dual-life core module, and is vulnerable to CVE-2026-3381 due to a vendored version of zlib which has several vulnerabilities, including CVE-2026-27171. The bundled Compress::Raw::Zlib was updated to version 2.221 in Perl blead commit c75ae9cc164205e1b6d6dbd57bd2c65c8593fe94. | ||||