Export limit exceeded: 14525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 25410 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25410 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39912 | 2026-04-15 | 5.3 Medium | ||
| web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found. When WebAuthn is used as the first or only authentication method, an attacker can enumerate usernames based on the absence of the `allowedCredentials` property in the assertion options response. This allows enumeration of valid or invalid usernames. By knowing which usernames are valid, attackers can focus their efforts on a smaller set of potential targets, increasing the efficiency and likelihood of successful attacks. This issue has been addressed in version 4.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-39344 | 1 Salesforce | 1 Docusign Api Package For Salesforce | 2026-04-15 | 8.1 High |
| An issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is installed via the marketplace from this package and stores some configuration information in a manner that could be compromised. With the default settings when installed for all users, the object can be accessible and (via its fields) could disclose some keys. These disclosed components can be combined to create a valid session via the Docusign API. This will generally lead to a complete compromise of the Docusign account because the session is for an administrator service account and may have permission to re-authenticate as specific users with the same authorization flow. | ||||
| CVE-2024-39314 | 2026-04-15 | 4.7 Medium | ||
| toy-blog is a headless content management system implementation. Starting in version 0.4.3 and prior to version 0.5.0, the administrative password was leaked through the command line parameter. The problem was patched in version 0.5.0. As a workaround, pass `--read-bearer-token-from-stdin` to the launch arguments and feed the token from the standard input in version 0.4.14 or later. Earlier versions do not have this workaround. | ||||
| CVE-2024-38650 | 1 Veeam | 1 Service Provider Console | 2026-04-15 | N/A |
| An authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server. | ||||
| CVE-2024-38525 | 2026-04-15 | 7.5 High | ||
| dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the `nlohmann` JSON library. However, due to the way the JSON library is invoked, it throws an uncaught exception, which results in a crash. This vulnerability has been patched in version 0.2.2. | ||||
| CVE-2024-37924 | 1 Wp2speed | 1 Wp2speed | 2026-04-15 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wp2speed WP2Speed Faster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP2Speed Faster: from n/a through 1.0.1. | ||||
| CVE-2024-37881 | 1 Eg Secure Solutions | 1 Siteguard | 2026-04-15 | 5.3 Medium |
| SiteGuard WP Plugin provides a functionality to customize the path to the login page wp-login.php and implements a measure to avoid redirection from other URLs. However, SiteGuard WP Plugin versions prior to 1.7.7 missed to implement a measure to avoid redirection from wp-register.php. As a result, the customized path to the login page may be exposed. | ||||
| CVE-2024-3682 | 2026-04-15 | 5.3 Medium | ||
| The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable to Sensitive Information Exposure in versions up to, and including, 3.4.3, and versions up to, and including, 5.4.3, respectively, via the ajaxSendReport function. This makes it possible for unauthenticated attackers to extract sensitive data from a log file, including system information and (in the Pro version) license keys. Successful exploitation requires an administrator to have used the 'Contact Us' functionality along with the "Enable this option to automatically submit the log files." option. | ||||
| CVE-2024-36107 | 1 Minio | 1 Minio | 2026-04-15 | 5.3 Medium |
| MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. `If-Modified-Since` and `If-Unmodified-Since` headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a specific bucket and also gain access to some amount of information such as `Last-Modified (of the latest version)`, `Etag (of the latest version)`, `x-amz-version-id (of the latest version)`, `Expires (metadata value of the latest version)`, `Cache-Control (metadata value of the latest version)`. This conditional check was being honored before validating if the anonymous access is indeed allowed on the metadata of an object. This issue has been addressed in commit `e0fe7cc3917`. Users must upgrade to RELEASE.2024-05-27T19-17-46Z for the fix. There are no known workarounds for this issue. | ||||
| CVE-2024-36053 | 1 Linuxmint | 1 Mintupload | 2026-04-15 | 9 Critical |
| In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in check_connection, drop_data_received_cb, and Service.remove. A user can modify a service name in a ~/.linuxmint/mintUpload/services/service file. | ||||
| CVE-2024-35343 | 1 Anpviz | 17 Ipc-b850 Firmware, Ipc-d250 Firmware, Ipc-d260 Firmware and 14 more | 2026-04-15 | 9.8 Critical |
| Certain Anpviz products allow unauthenticated users to download arbitrary files from the device's filesystem via a HTTP GET request to the /playback/ URI. This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 (IP Cameras) firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera. | ||||
| CVE-2024-35341 | 2026-04-15 | 7.5 High | ||
| Certain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFile.ini or /config.xml URIs. This configuration file contains usernames and encrypted passwords (encrypted with a hardcoded key common to all devices). This affects IPC-D250, IPC-D260, IPC-B850, IPC-D850, IPC-D350, IPC-D3150, IPC-D4250, IPC-D380, IPC-D880, IPC-D280, IPC-D3180, MC800N, YM500L, YM800N_N2, YMF50B, YM800SV2, YM500L8, and YM200E10 firmware v3.2.2.2 and lower and possibly more vendors/models of IP camera. | ||||
| CVE-2024-5202 | 2026-04-15 | 7.7 High | ||
| Arbitrary File Read in OpenText Dimensions RM allows authenticated users to read files stored on the server via webservices | ||||
| CVE-2024-34529 | 1 Nebari | 1 Nebari | 2026-04-15 | 4.8 Medium |
| Nebari through 2024.4.1 prints the temporary Keycloak root password. | ||||
| CVE-2024-34473 | 1 O-ran-sc | 1 Near-rt Ric | 2026-04-15 | 5.3 Medium |
| An issue was discovered in appmgr in O-RAN Near-RT RIC I-Release. An attacker could register an unintended RMR message type during xApp registration to disrupt other service components. | ||||
| CVE-2024-3296 | 1 Redhat | 1 Enterprise Linux | 2026-04-15 | 5.9 Medium |
| A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages for decryption. The vulnerability affects the legacy PKCS#1v1.5 RSA encryption padding mode. | ||||
| CVE-2024-2740 | 2026-04-15 | 7.7 High | ||
| Information exposure vulnerability in Planet IGS-4215-16T2S, affecting firmware version 1.305b210528. This vulnerability could allow a remote attacker to access some administrative resources due to lack of proper management of the Switch web interface. | ||||
| CVE-2024-32051 | 2026-04-15 | 6.5 Medium | ||
| Insertion of sensitive information into log file issue exists in RoamWiFi R10 prior to 4.8.45. If this vulnerability is exploited, a network-adjacent unauthenticated attacker with access to the device may obtain sensitive information. | ||||
| CVE-2024-2746 | 2026-04-15 | 8.8 High | ||
| Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit authentication was even started. The dnf5 library code does not check whether non-root users control the directory in question. On one hand, this poses a Denial-of-Service attack vector by making the daemonoperate on a blocking file (e.g. named FIFO special file) or a very large file that causes an out-of-memory situation (e.g. /dev/zero). On the other hand, this can be used to let the daemon process privileged files like /etc/shadow. The file in question is parsed as an INI file. Error diagnostics resulting from parsing privileged files could cause information leaks, if these diagnostics are accessible to unprivileged users. In the case of libdnf5, no such user accessible diagnostics should exist, though. Also, a local attacker can place a valid repository configuration file in this directory. This configuration file allows to specify a plethora of additional configuration options. This makes various additional code paths in libdnf5 accessible to the attacker. | ||||
| CVE-2024-2756 | 2 Php, Redhat | 2 Archive Tar, Enterprise Linux | 2026-04-15 | 6.5 Medium |
| Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard insecure cookie in the victim's browser which is treated as a __Host- or __Secure- cookie by PHP applications. | ||||