Export limit exceeded: 345223 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (31 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41254 | 1 Littlecms | 1 Little Cms Color Engine | 2026-04-18 | 4 Medium |
| Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. | ||||
| CVE-2026-35627 | 1 Openclaw | 1 Openclaw | 2026-04-16 | 6.5 Medium |
| OpenClaw before 2026.3.22 performs cryptographic and dispatch operations on inbound Nostr direct messages before enforcing sender and pairing policy validation. Attackers can trigger unauthorized pre-authentication computation by sending crafted DM messages, enabling denial of service through resource exhaustion. | ||||
| CVE-2026-35636 | 1 Openclaw | 1 Openclaw | 2026-04-16 | 6.5 Medium |
| OpenClaw versions 2026.3.11 through 2026.3.24 contain a session isolation bypass vulnerability where session_status resolves sessionId to canonical session keys before enforcing visibility checks. Sandboxed child sessions can exploit this to access parent or sibling sessions that should be blocked by explicit sessionKey restrictions. | ||||
| CVE-2026-35640 | 1 Openclaw | 1 Openclaw | 2026-04-15 | 5.3 Medium |
| OpenClaw before 2026.3.25 parses JSON request bodies before validating webhook signatures, allowing unauthenticated attackers to force resource-intensive parsing operations. Remote attackers can send malicious webhook requests to trigger denial of service by exhausting server resources through forced JSON parsing before signature rejection. | ||||
| CVE-2026-35637 | 1 Openclaw | 1 Openclaw | 2026-04-15 | 7.3 High |
| OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content handling prior to final auth decisions. Attackers can exploit this timing vulnerability to access or manipulate content before proper authorization validation occurs. | ||||
| CVE-2026-40223 | 1 Systemd | 1 Systemd | 2026-04-15 | 4.7 Medium |
| In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running. | ||||
| CVE-2025-31485 | 1 Api-platform | 1 Core | 2026-04-15 | 7.5 High |
| API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Prior to 4.0.22 and 3.4.17, a GraphQL grant on a property might be cached with different objects. The ApiPlatform\GraphQl\Serializer\ItemNormalizer::isCacheKeySafe() method is meant to prevent the caching but the parent::normalize method that is called afterwards still creates the cache key and causes the issue. This vulnerability is fixed in 4.0.22 and 3.4.17. | ||||
| CVE-2025-9904 | 1 Canon | 5 Generic Plus Lips4 Printer Driver, Generic Plus Lipslx Printer Driver, Generic Plus Pcl6 Printer Driver and 2 more | 2026-04-15 | 5.3 Medium |
| Unallocated memory access vulnerability in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver / Generic FAX Driver / LIPS4 Printer Driver / LIPSLX Printer Driver / UFR II Printer Driver / PS Printer Driver / PCL6 Printer Driver | ||||
| CVE-2023-52968 | 1 Mariadb | 1 Mariadb | 2026-04-15 | 4.9 Medium |
| MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash. | ||||
| CVE-2025-55114 | 1 Bmc | 1 Control-m/agent | 2026-04-15 | 5.3 Medium |
| The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions (e.g. CVE-2025-55117 or CVE-2025-55118) or potentially to resource exhaustion. | ||||
| CVE-2021-47688 | 2026-04-15 | 5.7 Medium | ||
| In WhiteBeam 0.2.0 through 0.2.1 before 0.2.2, a user with local access to a server can bypass the allow-list functionality because a file can be truncated in the OpenFileDescriptor action before the VerifyCanWrite action is performed. | ||||
| CVE-2025-20012 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2026-04-15 | 4.9 Medium |
| Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2024-24853 | 1 Intel | 1 Processor | 2026-04-15 | 7.2 High |
| Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-35229 | 1 Matter-labs | 1 Era-compiler-solidity | 2026-04-15 | 5.3 Medium |
| ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern `f(a(),b()); check_if_a_executed_last()` in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version 1.3.10. As a workaround, update and redeploy affected contracts. | ||||
| CVE-2026-35652 | 1 Openclaw | 1 Openclaw | 2026-04-14 | 6.5 Medium |
| OpenClaw before 2026.3.22 contains an authorization bypass vulnerability in interactive callback dispatch that allows non-allowlisted senders to execute action handlers. Attackers can bypass sender authorization checks by dispatching callbacks before normal security validation completes, enabling unauthorized actions. | ||||
| CVE-2026-35386 | 1 Openbsd | 1 Openssh | 2026-04-07 | 3.6 Low |
| In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config. | ||||
| CVE-2026-33305 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-03-25 | 5.4 Medium |
| OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the optional FaxSMS module (`oe-module-faxsms`) allows any authenticated OpenEMR user to invoke controller methods — including `getNotificationLog()`, which returns patient appointment data (PHI) — regardless of whether they hold the required ACL permissions. The `AppDispatch` constructor dispatches user-controlled actions and exits the process before any calling code can enforce ACL checks. Version 8.0.0.2 fixes the issue. | ||||
| CVE-2023-6394 | 2 Quarkus, Redhat | 3 Quarkus, Build Of Quarkus, Quarkus | 2026-03-24 | 7.4 High |
| A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentication despite the endpoint being secured. This can allow an attacker to access information and functionality outside of normal granted API permissions. | ||||
| CVE-2023-29483 | 5 Dnspython, Eventlet, Fedoraproject and 2 more | 9 Dnspython, Eventlet, Fedora and 6 more | 2025-11-04 | 7 High |
| eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. | ||||
| CVE-2025-48965 | 2 Arm, Mbed | 2 Mbed Tls, Mbedtls | 2025-11-03 | 4 Medium |
| Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtls_asn1_store_named_data can trigger conflicting data with val.p of NULL but val.len greater than zero. | ||||