CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-70241 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANType_Wizard5. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27507 Binardat 10G08-0800GSM network switch firmware versionΒ V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows ful... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-69985 FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution (RCE). The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trust... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28391 OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests (non-default configuration), allowing attackers to bypass command approval... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25526 JinJava is a Java-based template engine based on django template syntax, adapted to render jinja templates. Prior to versions 2.7.6 and 2.8.3, JinJava is vulnerable to arbitrary Java execution via byp... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70234 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70239 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard55. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70240 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWAN_Wizard51. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2807 Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2797 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28443 OpenReplay is a self-hosted session replay suite. Prior to version 1.20.0, the POST /{projectId}/cards/search endpoint has a SQL injection in the sort.field parameter. This issue has been patched in v... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-23796 Quick.Cart allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication.Β This behaviour enables an attacker to fix a session ID ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2796 JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2795 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2793 Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2792 Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3485 A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub_1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27012 OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allo... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2590 Improper enforcement of the Disable password saving in vaults setting in the connection entry component in Devolutions Remote Desktop Manager 2025.3.30 and earlier allows an authenticated user to pe... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3130 Improper Enforcement of Behavioral Controls inΒ Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete permission to delete a PAM account that is currently checked ou... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27944 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt t... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3204 Improper input validation in the error message page in Devolutions Server 2025.3.16 and earlier allows remote attackers to spoof the displayed error message via a specially crafted URL. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3224 Authentication bypass in the Microsoft Entra ID (Azure AD) authentication mode in Devolutions Server 2025.3.15.0 and earlier allows an unauthenticated user to authenticate as an arbitrary Entra ID use... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27971 Qwik is a performance focused javascript framework. qwik <=1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25544 Payload is a free and open source headless content management system. Prior to 3.73.0, when querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-3266 Missing Authorization vulnerability in OpenTextβ’ Filr allows Authentication Bypass.Β The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. T... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24494 SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28775 An unauthenticated Remote Code Execution (RCE) vulnerability exists in the SNMP service of International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver. The deployment insecurely... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37162 Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability in the registration key input that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malici... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25803 3DP-MANAGER is an inbound generator for 3x-ui. In version 2.0.1 and prior, the application automatically creates an administrative account with known default credentials (admin/admin) upon the first i... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-37161 Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70233 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70232 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70231 D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70230 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70229 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28776 International Datacasting Corporation (IDC) SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the `monitor` account. A remote unauthenticated attacker can use these trivial, un... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-13476 Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0βv25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (D... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28777 International Datacasting Corporation (IDC) SFX2100 Satellite Receiver, trivial password for the `user` (usr) account. A remote unauthenticated attacker can exploit this to gain unauthorized SSH acc... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-28778 International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver contains undocumented, hardcoded/insecure credentials for the `xd` user account. A remote unauthenticated attacker c... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25459 Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL ... | 9.8 | CRITICAL | β | 0 |
| CVE-2019-25458 Web Ofisi Firma Rehberi v1 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can send... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29119 International Datacasting Corporation (IDC) SFX Series SuperFlex(SFX2100) SatelliteReceiver contains hardcoded and insecure credentials for the `admin` account. A remote unauthenticated attacker can u... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27441 SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20997 Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-27446 Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker t... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66602 A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts access by IP address. When a worm that randomly searches for IP addresses intrudes int... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66603 A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The web server accepts the OPTIONS method. An attacker could potentially use this information to carry out ot... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2599 The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.7 via deserialization of untrusted input ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21628 A improperly secured file management feature allows uploads of dangerous data types for unauthenticated users, leading to remote code execution. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.