Export limit exceeded: 339740 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339740 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4505 | 1 Eosphoros-ai | 1 Db-gpt | 2026-03-23 | 6.3 Medium |
| A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function module_plugin.refresh_plugins of the file packages/dbgpt-serve/src/dbgpt_serve/agent/hub/controller.py of the component FastAPI Endpoint. Such manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-27649 | 1 Ctek | 1 Chargeportal | 2026-03-23 | 7.3 High |
| The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identifiers and enables session hijacking or shadowing, where the most recent connection displaces the legitimate charging station and receives backend commands intended for that station. This vulnerability may allow unauthorized users to authenticate as other users or enable a malicious actor to cause a denial-of-service condition by overwhelming the backend with valid session requests. | ||||
| CVE-2026-29796 | 1 Igl-technologies | 1 Eparking.fi | 2026-03-23 | 9.4 Critical |
| WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this can lead to privilege escalation, unauthorized control of charging infrastructure, and corruption of charging network data reported to the backend. | ||||
| CVE-2001-0631 | 1 Centrinity | 1 Centrinity Firstclass | 2026-03-23 | N/A |
| Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users. | ||||
| CVE-2026-4373 | 2 Jetmonsters, Wordpress | 2 Jetformbuilder — Dynamic Blocks Form Builder, Wordpress | 2026-03-23 | 7.5 High |
| The JetFormBuilder plugin for WordPress is vulnerable to arbitrary file read via path traversal in all versions up to, and including, 3.5.6.2. This is due to the 'Uploaded_File::set_from_array' method accepting user-supplied file paths from the Media Field preset JSON payload without validating that the path belongs to the WordPress uploads directory. Combined with an insufficient same-file check in 'File_Tools::is_same_file' that only compares basenames, this makes it possible for unauthenticated attackers to exfiltrate arbitrary local files as email attachments by submitting a crafted form request when the form is configured with a Media Field and a Send Email action with file attachment. | ||||
| CVE-2026-4509 | 1 Pbootcms | 1 Pbootcms | 2026-03-23 | 6.3 Medium |
| A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black results in incomplete blacklist. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-4515 | 1 Foundation Agents | 1 Metagpt | 2026-03-23 | 6.3 Medium |
| A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function code_generate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2019-25561 | 1 Jetaudio | 2 Jetaudio, Lyric Maker | 2026-03-23 | 6.2 Medium |
| Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000-byte buffer into the Title input field and save the file to trigger a denial of service condition. | ||||
| CVE-2019-25570 | 1 Realterm | 1 Realterm: Serial Terminal | 2026-03-23 | 5.5 Medium |
| RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash. | ||||
| CVE-2019-25573 | 1 Greencms | 1 Greencms | 2026-03-23 | 7.1 High |
| Green CMS 2.x contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cat parameter. Attackers can send GET requests to index.php with m=admin, c=posts, a=index parameters and inject SQL code in the cat parameter to manipulate database queries and extract sensitive information. | ||||
| CVE-2019-25576 | 1 Keplerwallpapers | 1 Kepler Wallpaper Script | 2026-03-23 | 8.2 High |
| Kepler Wallpaper Script 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the category parameter. Attackers can send GET requests to the category endpoint with URL-encoded SQL UNION statements to extract database information including usernames, database names, and MySQL version details. | ||||
| CVE-2019-25585 | 1 Deluge-torrent | 1 Deluge | 2026-03-23 | 6.2 Medium |
| Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash. | ||||
| CVE-2019-25582 | 1 I-doit | 1 Doit Cmdb | 2026-03-23 | 6.5 Medium |
| i-doit CMDB 1.12 contains an arbitrary file download vulnerability that allows authenticated attackers to download sensitive files by manipulating the file parameter in index.php. Attackers can send GET requests to index.php with file_manager=image and supply arbitrary file paths like src/config.inc.php to retrieve configuration files and sensitive system data. | ||||
| CVE-2019-25594 | 1 Xlinesoft | 1 Phprunner | 2026-03-23 | 6.2 Medium |
| ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the table name field. Attackers can input a buffer of 10000 characters in the table name parameter during database table creation to trigger an application crash. | ||||
| CVE-2026-4530 | 1 Apconw | 1 Aix-db | 2026-03-23 | 5.3 Medium |
| A security flaw has been discovered in apconw Aix-DB up to 1.2.3. This impacts an unknown function of the file agent/text2sql/rag/terminology_retriever.py. Performing a manipulation of the argument Description results in sql injection. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4535 | 1 Tenda | 2 Fh451, Fh451 Firmware | 2026-03-23 | 8.8 High |
| A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-4540 | 1 Projectworlds | 1 Online Notes Sharing Platform | 2026-03-23 | 7.3 High |
| A vulnerability was detected in projectworlds Online Notes Sharing System 1.0. This issue affects some unknown processing of the file /login.php of the component Parameters Handler. The manipulation of the argument User results in sql injection. The attack can be executed remotely. The exploit is now public and may be used. | ||||
| CVE-2026-4549 | 1 Mickasmt | 1 Next-saas-stripe-starter | 2026-03-23 | 3.1 Low |
| A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by this issue is the function openCustomerPortal of the file actions/open-customer-portal.ts of the component Stripe API. This manipulation causes authorization bypass. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitation is known to be difficult. | ||||
| CVE-2019-25600 | 1 Uvnc | 1 Ultravnc Viewer | 2026-03-23 | 6.5 Medium |
| UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer. | ||||
| CVE-2026-4554 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-23 | 6.3 Medium |
| A security flaw has been discovered in Tenda F453 1.0.0.3. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. | ||||