Export limit exceeded: 10764 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10764 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27949 | 2 Makeplane, Plane | 2 Plane, Plane | 2026-04-15 | 2 Low |
| Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerability was identified in Plane's authentication flow where a user's email address is included as a query parameter in the URL during error handling (e.g., when an invalid magic code is submitted). Transmitting personally identifiable information (PII) via GET request query strings is classified as an insecure design practice. The affected code path is located in the authentication utility module (packages/utils/src/auth.ts). This vulnerability is fixed in 1.3.0. | ||||
| CVE-2026-39943 | 2 Directus, Monospace | 2 Directus, Directus | 2026-04-15 | 6.5 Medium |
| Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records (in directus_revisions) whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline, sensitive fields (including user tokens, two-factor authentication secrets, external auth identifiers, auth data, stored credentials, and AI provider API keys) could be stored in plaintext within revision records. This vulnerability is fixed in 11.17.0. | ||||
| CVE-2026-27131 | 1 Putyourlightson | 1 Craft-sprig | 2026-04-15 | 5.5 Medium |
| The Sprig Plugin for Craft CMS is a reactive Twig component framework for Craft CMS. Starting in version 2.0.0 and prior to versions 2.15.2 and 3.15.2, admin users, and users with explicit permission to access the Sprig Playground, could potentially expose the security key, credentials, and other sensitive configuration data, in addition to running the `hashData()` signing function. This issue was mitigated in versions 3.15.2 and 2.15.2 by disabling access to the Sprig Playground entirely when `devMode` is disabled, by default. It is possible to override this behavior using a new `enablePlaygroundWhenDevModeDisabled` that defaults to `false`. | ||||
| CVE-2026-21008 | 2 Samsung, Samsung Mobile | 3 Android, Mobile Devices, Samsung Mobile Devices | 2026-04-15 | 6.5 Medium |
| Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information. | ||||
| CVE-2019-16738 | 3 Debian, Fedoraproject, Mediawiki | 3 Debian Linux, Fedora, Mediawiki | 2026-04-15 | 5.3 Medium |
| In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. | ||||
| CVE-2018-11802 | 1 Apache | 1 Solr | 2026-04-15 | 4.3 Medium |
| In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin). | ||||
| CVE-2026-2343 | 2 Peprodev Ultimate Invoice, Wordpress | 2 Peprodev Ultimate Invoice, Wordpress | 2026-04-15 | 5.3 Medium |
| The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII. | ||||
| CVE-2025-15433 | 2 Sharedfilespro, Wordpress | 2 Shared Files, Wordpress | 2026-04-15 | 6.8 Medium |
| The Shared Files WordPress plugin before 1.7.58 allows users with a role as low as Contributor to download any file on the web server (such as wp-config.php) via a path traversal vector | ||||
| CVE-2026-2696 | 2 Export All Urls, Wordpress | 2 Export All Urls, Wordpress | 2026-04-15 | 5.3 Medium |
| The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit number. These files are stored in the publicly accessible wp-content/uploads/ directory. As a result, any unauthenticated user can brute-force the filenames to gain access to sensitive data contained within the exported files. | ||||
| CVE-2026-1867 | 2 Wordpress, Wp Front User Submit | 2 Wordpress, Guest Posting / Frontend Posting / Front Editor | 2026-04-15 | 5.9 Medium |
| The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6 allows passing a URL parameter to regenerate a .json file based on demo data that it initially creates. If an administrator modifies the demo form and enables admin notifications in the Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.6's settings, it is possible for an unauthenticated attacker to export and download all of the form data/settings, including the administrator's email address. | ||||
| CVE-2024-54134 | 2026-04-15 | N/A | ||
| A publish-access account was compromised for `@solana/web3.js`, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 3, 2024. These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished. All Solana app developers should upgrade to version 1.95.8. Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on. | ||||
| CVE-2023-24012 | 2026-04-15 | 8.2 High | ||
| An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures. | ||||
| CVE-2023-24011 | 1 Cyclone | 1 Cyclone Dds | 2026-04-15 | 8.2 High |
| An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures. | ||||
| CVE-2025-31492 | 1 Redhat | 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more | 2026-04-15 | 7.5 High |
| mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. Prior to 2.4.16.11, a bug in a mod_auth_openidc results in disclosure of protected content to unauthenticated users. The conditions for disclosure are an OIDCProviderAuthRequestMethod POST, a valid account, and there mustn't be any application-level gateway (or load balancer etc) protecting the server. When you request a protected resource, the response includes the HTTP status, the HTTP headers, the intended response (the self-submitting form), and the protected resource (with no headers). This is an example of a request for a protected resource, including all the data returned. In the case where mod_auth_openidc returns a form, it has to return OK from check_userid so as not to go down the error path in httpd. This means httpd will try to issue the protected resource. oidc_content_handler is called early, which has the opportunity to prevent the normal output being issued by httpd. oidc_content_handler has a number of checks for when it intervenes, but it doesn't check for this case, so the handler returns DECLINED. Consequently, httpd appends the protected content to the response. The issue has been patched in mod_auth_openidc versions >= 2.4.16.11. | ||||
| CVE-2025-29316 | 2026-04-15 | 6.2 Medium | ||
| An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus is not supposed to be visible when previewing a "generated printout" on screen. The Supplier disputes the Screenshot Watermark Bypass claim because the product's documentation explains the step of setting Developer Tools to Disallowed through AD Group Policy. | ||||
| CVE-2025-24884 | 2026-04-15 | N/A | ||
| kube-audit-rest is a simple logger of mutation/creation requests to the k8s api. If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. This vulnerability is fixed in 1.0.16. | ||||
| CVE-2021-32007 | 1 Secomea | 1 Gatemanager | 2026-04-15 | 3.5 Low |
| This issue affects: Secomea GateManager Version 9.5 and all prior versions. Protection Mechanism Failure vulnerability in web server of Secomea GateManager to potentially leak information to remote servers. | ||||
| CVE-2024-11294 | 2 Memberful, Wordpress | 2 Memberful, Wordpress | 2026-04-15 | 5.3 Medium |
| The Memberful plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.73.9 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as site members. | ||||
| CVE-2025-8866 | 1 Yugabyte | 1 Yugabytedb | 2026-04-15 | 5.3 Medium |
| YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records. | ||||
| CVE-2023-45733 | 1 Redhat | 1 Enterprise Linux | 2026-04-15 | 2.8 Low |
| Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. | ||||