Search Results (363994 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-34524 1 Xlang 1 Open Agents 2026-04-15 9.1 Critical
In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by using an incorrect file extension for the nature of the file content.
CVE-2024-34523 2026-04-15 7.5 High
AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-9970 1 Abb 1 Mconfig 2026-04-15 7.4 High
Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21.
CVE-2025-9868 1 Sonatype 1 Nexus Repository Manager 2026-04-15 N/A
Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests.
CVE-2024-34463 1 Bpl 1 Pws-01-bt 2026-04-15 5.1 Medium
BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lacks authentication and integrity protection.)
CVE-2024-34454 1 Nintendo 1 Wii U 2026-04-15 7.4 High
Nintendo Wii U OS 5.5.5 allows man-in-the-middle attackers to forge SSL certificates as though they came from a Root CA, because there is a secondary verification mechanism that only checks whether a CA is known and ignores the CA details and signature (and because * is accepted as a Common Name).
CVE-2025-68219 1 Linux 1 Linux Kernel 2026-04-15 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: cifs: fix memory leak in smb3_fs_context_parse_param error path Add proper cleanup of ctx->source and fc->source to the cifs_parse_mount_err error handler. This ensures that memory allocated for the source strings is correctly freed on all error paths, matching the cleanup already performed in the success path by smb3_cleanup_fs_context_contents(). Pointers are also set to NULL after freeing to prevent potential double-free issues. This change fixes a memory leak originally detected by syzbot. The leak occurred when processing Opt_source mount options if an error happened after ctx->source and fc->source were successfully allocated but before the function completed. The specific leak sequence was: 1. ctx->source = smb3_fs_context_fullpath(ctx, '/') allocates memory 2. fc->source = kstrdup(ctx->source, GFP_KERNEL) allocates more memory 3. A subsequent error jumps to cifs_parse_mount_err 4. The old error handler freed passwords but not the source strings, causing the memory to leak. This issue was not addressed by commit e8c73eb7db0a ("cifs: client: fix memory leak in smb3_fs_context_parse_param"), which only fixed leaks from repeated fsconfig() calls but not this error path. Patch updated with minor change suggested by kernel test robot
CVE-2025-68218 1 Linux 1 Linux Kernel 2026-04-15 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix lockdep WARN due to partition scan work Blktests test cases nvme/014, 057 and 058 fail occasionally due to a lockdep WARN. As reported in the Closes tag URL, the WARN indicates that a deadlock can happen due to the dependency among disk->open_mutex, kblockd workqueue completion and partition_scan_work completion. To avoid the lockdep WARN and the potential deadlock, cut the dependency by running the partition_scan_work not by kblockd workqueue but by nvme_wq.
CVE-2025-68212 1 Linux 1 Linux Kernel 2026-04-15 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized 'offp' in statmount_string() In statmount_string(), most flags assign an output offset pointer (offp) which is later updated with the string offset. However, the STATMOUNT_MNT_UIDMAP and STATMOUNT_MNT_GIDMAP cases directly set the struct fields instead of using offp. This leaves offp uninitialized, leading to a possible uninitialized dereference when *offp is updated. Fix it by assigning offp for UIDMAP and GIDMAP as well, keeping the code path consistent.
CVE-2025-68208 1 Linux 1 Linux Kernel 2026-04-15 7.0 High
In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widen_imprecise_scalars() The usage pattern for widen_imprecise_scalars() looks as follows: prev_st = find_prev_entry(env, ...); queued_st = push_stack(...); widen_imprecise_scalars(env, prev_st, queued_st); Where prev_st is an ancestor of the queued_st in the explored states tree. This ancestor is not guaranteed to have same allocated stack depth as queued_st. E.g. in the following case: def main(): for i in 1..2: foo(i) // same callsite, differnt param def foo(i): if i == 1: use 128 bytes of stack iterator based loop Here, for a second 'foo' call prev_st->allocated_stack is 128, while queued_st->allocated_stack is much smaller. widen_imprecise_scalars() needs to take this into account and avoid accessing bpf_verifier_state->frame[*]->stack out of bounds.
CVE-2024-34400 2026-04-15 6.1 Medium
An issue was discovered in VirtoSoftware Virto Kanban Board Web Part before 5.3.5.1 for SharePoint 2019. There is /_layouts/15/Virto.KanbanTaskManager/api/KanbanData.ashx LinkTitle2 XSS.
CVE-2025-30037 1 Cgm 1 Clininet 2026-04-15 N/A
The system exposes several endpoints, typically including "/int/" in their path, that should be restricted to internal services, but are instead publicly accessible without authentication to any host able to reach the application server on port 443/tcp.
CVE-2024-54159 2026-04-15 4.1 Medium
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
CVE-2024-54124 1 Clickstudios 1 Passwordstate 2026-04-15 8.8 High
In Click Studios Passwordstate before build 9920, there is a potential permission escalation on the edit folder screen.
CVE-2024-53983 2026-04-15 5.4 Medium
The Backstage Scaffolder plugin Houses types and utilities for building scaffolder-related modules. A vulnerability is identified in Backstage Scaffolder template functionality where Server-Side Template Injection (SSTI) can be exploited to perform Git config injection. The vulnerability allows an attacker to capture privileged git tokens used by the Backstage Scaffolder plugin. With these tokens, unauthorized access to sensitive resources in git can be achieved. The impact is considered medium severity as the Backstage Threat Model recommends restricting access to adding and editing templates in the Backstage Catalog plugin. The issue has been resolved in versions `v0.4.12`, `v0.5.1` and `v0.6.1` of the `@backstage/plugin-scaffolder-node` package. Users are encouraged to upgrade to this version to mitigate the vulnerability. Users are advised to upgrade. Users unable to upgrade may ensure that templates do not change git config.
CVE-2024-3430 2026-04-15 2.4 Low
A vulnerability was found in QKSMS up to 3.9.4 on Android. It has been classified as problematic. This affects an unknown part of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259611. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-34170 1 Intel 1 Graphics Drivers 2026-04-15 6.6 Medium
Improper buffer restrictions in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access.
CVE-2024-34164 1 Intel 1 Mas Software 2026-04-15 6.7 Medium
Uncontrolled search path element in some Intel(R) MAS software before version 2.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-47976 1 Solidigm 12 D5 P4320 Firmware, D5 P4326 Firmware, D5 P5316 Firmware and 9 more 2026-04-15 6.7 Medium
Improper access removal handling in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access.
CVE-2024-47975 1 Solidigm 11 D5 P4320 Firmware, D5 P4326 Firmware, D5 P5316 Firmware and 8 more 2026-04-15 7 High
Improper access control validation in firmware of some Solidigm DC Products may allow an attacker with physical access to gain unauthorized access or an attacker with local access to potentially enable denial of service.