Search Results (364917 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-43661 2026-04-15 9.8 Critical
The <redacted>.so library, which is used by <redacted>, is vulnerable to a buffer overflow in the code that handles the deletion of certificates. This buffer overflow can be triggered by providing a long file path to the <redacted> action of the <redacted>.exe CGI binary or to the <redacted>.sh CGI script. This binary or script will write this file path to <redacted>, which is then read by <redacted>.so This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – An attacker will have to find this exploit by either obtaining the binaries involved in this vulnerability, or by trial and error. Furthermore, the attacker will need a (low privilege) account to gain access to the <redacted>.exe CGI binary or <redacted>.sh script to trigger the vulnerability, or convince a user with such access send an HTTP request that triggers it. Impact: High – The <redacted> process, which we assume is responsible for OCPP communication, will keep crashing after performing the exploit. This happens because the buffer overflow causes the process to segfault before <redacted> is removed. This means that, even though <redacted> is automatically restarted, it will crash again as soon as it tries to parse the text file. CVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack leads to reducred availability of the device (VC:N/VI:N/VA:H). THere is not impact on subsequent systems. (SC:N/SI:N/SA:N). Alltough this device is an EV charger handing significant amounts of power, we do not forsee a safety impact. The attack can be automated (AU:Y). Because the DoS condition is written to disk persistantly, it cannot be recovered by the user (R:I).
CVE-2024-53849 1 Editorconfig 1 Editorconfig 2026-04-15 N/A
editorconfig-core-c is theEditorConfig core library written in C (for use by plugins supporting EditorConfig parsing). In affected versions several overflows may occur in switch case '[' when the input pattern contains many escaped characters. The added backslashes leave too little space in the output pattern when processing nested brackets such that the remaining input length exceeds the output capacity. This issue has been addressed in release version 0.12.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2024-53844 2026-04-15 6.3 Medium
E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. A path traversal vulnerability exists in the backup export functionality of EDDI, as implemented in `RestExportService.java`. This vulnerability allows an attacker to access sensitive files on the server by manipulating the `botFilename` parameter in requests. The application fails to sanitize user input, enabling malicious inputs such as `..%2f..%2fetc%2fpasswd` to access arbitrary files. However, the **severity of this vulnerability is significantly limited** because EDDI typically runs within a **Docker container**, which provides additional layers of isolation and restricted permissions. As a result, while this vulnerability exposes files within the container, it does not inherently threaten the underlying host system or other containers. A patch is required to sanitize and validate the botFilename input parameter. Users should ensure they are using version 5.4 which contains this patdch. For temporary mitigation, access to the vulnerable endpoint should be restricted through firewall rules or authentication mechanisms.
CVE-2023-50702 2026-04-15 8.8 High
Sikka SSCWindowsService 5 2023-09-14 executes a program as LocalSystem but allows full control by low-privileged users (and low-privileged users have write access to %PROGRAMDATA%\SSCService). Consequently, low-privileged users can execute arbitrary code as LocalSystem.
CVE-2023-50685 1 Hipcam 1 Realserver 2026-04-15 7.5 High
An issue in Hipcam Cameras RealServer v.1.0 allows a remote attacker to cause a denial of service via a crafted script to the client_port parameter.
CVE-2025-3839 1 Gnome 1 Epiphany 2026-04-15 8 High
A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this action, resulting in potential code execution on the client device via trusted UI behavior.
CVE-2024-53379 2026-04-15 7.5 High
Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message.
CVE-2024-53278 2026-04-15 N/A
Cross-site scripting vulnerability exists in WP Admin UI Customize versions prior to ver 1.5.14. If a malicious admin user customizes the admin screen with some malicious contents, an arbitrary script may be executed on the web browser of the other users who are accessing the admin screen.
CVE-2024-53267 1 Sigstore 1 Sigstore-java 2026-04-15 5.5 Medium
sigstore-java is a sigstore java client for interacting with sigstore infrastructure. sigstore-java has insufficient verification for a situation where a validly-signed but "mismatched" bundle is presented as proof of inclusion into a transparency log. This bug impacts clients using any variation of KeylessVerifier.verify(). The verifier may accept a bundle with an unrelated log entry, cryptographically verifying everything but fails to ensure the log entry applies to the artifact in question, thereby "verifying" a bundle without any proof the signing event was logged. This allows the creation of a bundle without fulcio certificate and private key combined with an unrelated but time-correct log entry to fake logging of a signing event. A malicious actor using a compromised identity may want to do this to prevent discovery via rekor's log monitors. The signer's identity will still be available to the verifier. The signature on the bundle must still be on the correct artifact for the verifier to pass. sigstore-gradle-plugin and sigstore-maven-plugin are not affected by this as they only provide signing functionality. This issue has been patched in v1.1.0 release with PR #856. All users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2025-3838 2026-04-15 N/A
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed credentials of the installer. This EOL component was deprecated in September 2023 with end of support extended till January 2024.
CVE-2024-39209 1 Luci App Sms Tool 1 Luci App Sms Tool 2026-04-15 6.3 Medium
luci-app-sms-tool v1.9-6 was discovered to contain a command injection vulnerability via the score parameter.
CVE-2023-5052 2026-04-15 6.3 Medium
vulnerability in Uniform Server Zero, version 10.2.5, consisting of an XSS through the /us_extra/phpinfo.php page. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and partially take over their session details.
CVE-2025-0367 2026-04-15 6.5 Medium
In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service (ReDoS) attack.
CVE-2023-53880 1 Lucee 1 Lucee Server 2026-04-15 N/A
Lucee 5.4.2.17 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through administrative interface parameters. Attackers can craft specific payloads targeting admin pages like server.cfm and web.cfm to execute arbitrary JavaScript in victim's browser sessions.
CVE-2023-47859 2026-04-15 5.5 Medium
Improper access control for some Intel(R) Wireless Bluetooth products for Windows before version 23.20 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-46772 2026-04-15 3.9 Low
Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service.
CVE-2023-51413 2026-04-15 5.3 Medium
Missing Authorization vulnerability in Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.29.
CVE-2024-3468 2026-04-15 N/A
There is a vulnerability in AVEVA PI Web API that could allow malicious code to execute on the PI Web API environment under the privileges of an interactive user that was socially engineered to use API XML import functionality with content supplied by an attacker.
CVE-2025-24318 2026-04-15 6.8 Medium
Cookie policy is observable via built-in browser tools. In the presence of XSS, this could lead to full session compromise.
CVE-2024-34694 1 Lnbits 1 Lnbits 2026-04-15 8.1 High
LNbits is a Lightning wallet and accounts system. Paying invoices in Eclair that do not get settled within the internal timeout (about 30s) lead to a payment being considered failed, even though it may still be in flight. This vulnerability can lead to a total loss of funds for the node backend. This vulnerability is fixed in 0.12.6.