Export limit exceeded: 364989 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8843 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12699 | 1 Zoll | 1 Zoll Epcr Ios Mobile Application | 2026-04-15 | 5.5 Medium |
| The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields (run number, incident, call sign, notes) are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept (POC), injected scripts return local file content, which would allow arbitrary local file reads from the app's runtime context. These local files contain device and user data within the ePCR medical application, and if exposed, would allow an attacker to access protected health information (PHI) or device telemetry. | ||||
| CVE-2025-61482 | 2 Google, Privacyidea | 2 Android, Privacyidea | 2026-04-15 | 7.2 High |
| Improper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root access to bypass two factor authentication. By hooking into app crypto routines and intercepting decryption paths, attacker can recover plaintext secrets, enabling generation of valid one-time passwords, and bypassing authentication for enrolled accounts. | ||||
| CVE-2024-51721 | 1 Blackberry | 1 Secusuite | 2026-04-15 | 7.3 High |
| A code injection vulnerability in the SecuSUITE Server Web Administration Portal of SecuSUITE versions 5.0.420 and earlier could allow an attacker to potentially inject script commands or other executable content into the server that would run with root privilege. | ||||
| CVE-2025-62035 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in uxper Togo togo.This issue affects Togo: from n/a through < 1.0.4. | ||||
| CVE-2023-32735 | 1 Siemens | 11 Simatic Step 7, Simatic Step 7 Safety, Simatic Wincc and 8 more | 2026-04-15 | 6.5 Medium |
| A vulnerability has been identified in SIMATIC STEP 7 Safety V16 (All versions < V16 Update 7), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 7), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 2), SIMATIC STEP 7 V16 (All versions < V16 Update 7), SIMATIC STEP 7 V17 (All versions < V17 Update 7), SIMATIC STEP 7 V18 (All versions < V18 Update 2), SIMATIC WinCC Unified V16 (All versions < V16 Update 7), SIMATIC WinCC Unified V17 (All versions < V17 Update 7), SIMATIC WinCC Unified V18 (All versions < V18 Update 2), SIMATIC WinCC V16 (All versions < V16.7), SIMATIC WinCC V17 (All versions < V17.7), SIMATIC WinCC V18 (All versions < V18 Update 2), SIMOCODE ES V16 (All versions < V16 Update 7), SIMOCODE ES V17 (All versions < V17 Update 7), SIMOCODE ES V18 (All versions < V18 Update 2), SIMOTION SCOUT TIA V5.4 SP1 (All versions), SIMOTION SCOUT TIA V5.4 SP3 (All versions), SIMOTION SCOUT TIA V5.5 SP1 (All versions), SINAMICS Startdrive V16 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SIRIUS Safety ES V17 (All versions < V17 Update 7), SIRIUS Safety ES V18 (All versions < V18 Update 2), SIRIUS Soft Starter ES V17 (All versions < V17 Update 7), SIRIUS Soft Starter ES V18 (All versions < V18 Update 2), Soft Starter ES V16 (All versions < V16 Update 7), TIA Portal Cloud V3.0 (All versions < V18 Update 2). Affected applications do not properly restrict the .NET BinaryFormatter when deserializing hardware configuration profiles. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application. This is the same issue that exists for .NET BinaryFormatter https://docs.microsoft.com/en-us/visualstudio/code-quality/ca2300. | ||||
| CVE-2021-4471 | 2 Tg8, Togrow | 2 Tg8 Firewall, Tg8 Firewall | 2026-04-15 | N/A |
| TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access. | ||||
| CVE-2025-8452 | 2026-04-15 | 4.3 Medium | ||
| By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar to CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network. Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer. Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password. | ||||
| CVE-2025-59037 | 1 Duckdb | 1 Duckdb | 2026-04-15 | N/A |
| DuckDB is an analytical in-process SQL database management system. On 08 September 2025, the DuckDB distribution for Node.js on npm was compromised with malware (along with several other packages). An attacker published new versions of four of DuckDB's packages that included malicious code to interfere with cryptocoin transactions* According to the npm statistics, nobody has downloaded these packages before they were deprecated. The packages and versions `@duckdb/node-api@1.3.3`, `@duckdb/node-bindings@1.3.3`, `duckdb@1.3.3`, and `@duckdb/duckdb-wasm@1.29.2` were affected. DuckDB immediately deprecated the specific versions, engaged npm support to delete the affected verions, and re-released the node packages with higher version numbers (1.3.4/1.30.0). Users may upgrade to versions 1.3.4, 1.30.0, or a higher version to protect themselves. As a workaround, they may also downgrade to 1.3.2 or 1.29.1. | ||||
| CVE-2025-15453 | 1 Milvus | 1 Milvus | 2026-04-15 | 6.3 Medium |
| A security vulnerability has been detected in milvus up to 2.6.7. This vulnerability affects the function expr.Exec of the file pkg/util/expr/expr.go of the component HTTP Endpoint. The manipulation of the argument code leads to deserialization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. A fix is planned for the next release 2.6.8. | ||||
| CVE-2024-13961 | 1 Avast | 1 Cleanup Premium | 2026-04-15 | 7.8 High |
| Link Following Local Privilege Escalation Vulnerability in TuneupSvc in Avast Cleanup Premium Version 24.2.16593.17810 on Windows 10 Pro x64 allows local attackers to escalate privileges and execute arbitrary code in the context of SYSTEM via creating a symbolic link and leveraging a TOCTTOU (time-of-check to time-of-use) attack. | ||||
| CVE-2025-69079 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: from n/a through <= 1.6.9. | ||||
| CVE-2025-32016 | 2026-04-15 | 4.7 Medium | ||
| Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform (formerly Azure AD v2.0 endpoint) and AAD B2C. This vulnerability affects confidential client applications, including daemons, web apps, and web APIs. Under specific circumstances, sensitive information such as client secrets or certificate details may be exposed in the service logs of these applications. Service logs are intended to be handled securely. Service logs generated at the information level or credential descriptions containing local file paths with passwords, Base64 encoded values, or Client secret. Additionally, logs of services using Base64 encoded certificates or certificate paths with password credential descriptions are also affected if the certificates are invalid or expired, regardless of the log level. Note that these credentials are not usable due to their invalid or expired status. To mitigate this vulnerability, update to Microsoft.Identity.Web 3.8.2 or Microsoft.Identity.Abstractions 9.0.0. | ||||
| CVE-2025-60228 | 2 Designthemes, Wordpress | 2 Knowledge Base, Wordpress | 2026-04-15 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through <= 2.9. | ||||
| CVE-2023-41566 | 2026-04-15 | 8.1 High | ||
| OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions. | ||||
| CVE-2025-2300 | 2026-04-15 | 5.5 Medium | ||
| Hitachi Ops Center Common Services within Hitachi Ops Center OVA contains an information exposure vulnerability. This issue affects Hitachi Ops Center Common Services: from 11.0.3-00 before 11.0.4-00. | ||||
| CVE-2025-14931 | 1 Huggingface | 1 Smolagents | 2026-04-15 | N/A |
| Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of pickle data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28312. | ||||
| CVE-2024-23766 | 1 Hms-networks | 1 Anybus X-gateway Ab7832-f3 | 2026-04-15 | 7.5 High |
| An issue was discovered on HMS Anybus X-Gateway AB7832-F 3 devices. The gateway exposes a web interface on port 80. An unauthenticated GET request to a specific URL triggers the reboot of the Anybus gateway (or at least most of its modules). An attacker can use this feature to carry out a denial of service attack by continuously sending GET requests to that URL. | ||||
| CVE-2025-14925 | 1 Huggingface | 1 Accelerate | 2026-04-15 | 7.8 High |
| Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of checkpoints. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-27985. | ||||
| CVE-2021-4463 | 1 Shenzhen Longjing Technology | 1 Bems Api | 2026-04-15 | N/A |
| Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory. | ||||
| CVE-2025-14896 | 2026-04-15 | 7.5 High | ||
| due to insufficient sanitazation in Vega’s `convert()` function when `safeMode` is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitive information. | ||||