Export limit exceeded: 345229 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345229 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-63647 | 1 Owntone | 2 Owntone-server, Owntone Server | 2026-02-13 | 7.5 High |
| A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of owntone-server commit 334beb allows attackers to cause a Denial of Service (DoS) via sending a crafted DAAP request to the server. | ||||
| CVE-2025-24054 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-13 | 6.5 Medium |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2023-4911 | 6 Canonical, Debian, Fedoraproject and 3 more | 43 Ubuntu Linux, Debian Linux, Fedora and 40 more | 2026-02-13 | 7.8 High |
| A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges. | ||||
| CVE-2024-47067 | 2 Alist Project, Alistgo | 2 Alist, Alist | 2026-02-13 | 6.1 Medium |
| AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:link_name takes in a user-provided value and reflects it back in the response. The endpoint returns an application/xml response, opening it up to HTML tags via XHTML and thus leading to a XSS vulnerability. This vulnerability is fixed in 3.29.0. | ||||
| CVE-2022-26533 | 1 Alistgo | 1 Alist | 2026-02-13 | 6.1 Medium |
| Alist v2.1.0 and below was discovered to contain a cross-site scripting (XSS) vulnerability via /i/:data/ipa.plist. | ||||
| CVE-2022-45968 | 1 Alistgo | 1 Alist | 2026-02-13 | 8.8 High |
| Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder (even a password protected one). | ||||
| CVE-2022-45969 | 1 Alistgo | 1 Alist | 2026-02-13 | 9.8 Critical |
| Alist v3.4.0 is vulnerable to Directory Traversal, | ||||
| CVE-2022-45970 | 1 Alistgo | 1 Alist | 2026-02-13 | 5.4 Medium |
| Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via the bulletin board. | ||||
| CVE-2023-31726 | 1 Alistgo | 1 Alist | 2026-02-13 | 7.5 High |
| AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information. | ||||
| CVE-2025-68128 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-68127 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-68126 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-68125 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-68124 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-58184 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-58182 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2025-47915 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2024-34157 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2024-34154 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||
| CVE-2023-45291 | 2026-02-13 | N/A | ||
| reserved but not needed | ||||