Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-25357 Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro:... | 8.1 | HIGH | — | 0 |
| CVE-2026-32505 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CreativeWS Kiddy kiddy allows PHP Local File Inclusion.This issue affects Kiddy... | 8.1 | HIGH | — | 0 |
| CVE-2025-55041 MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup method) that allows attackers to escalate privileges by adding any us... | 8.0 | HIGH | — | 0 |
| CVE-2026-32014 OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth si... | 8.0 | HIGH | — | 0 |
| CVE-2025-41258 LibreChat version 0.8.1-rc2 uses the same JWT secret for the user session mechanism and RAG API which compromises the service-level authentication of the RAG API. | 8.0 | HIGH | — | 0 |
| CVE-2026-21311 Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-p... | 8.0 | HIGH | — | 0 |
| CVE-2026-3108 Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers... | 8.0 | HIGH | — | 0 |
| CVE-2026-32978 OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals fail to bind mutable file operands for certain script runners like tsx and jiti. Attackers can obtain ... | 8.0 | HIGH | — | 0 |
| CVE-2026-4248 The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the '{usermeta:password_reset_link}' template tag ... | 8.0 | HIGH | — | 0 |
| CVE-2026-22248 GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. From 11.0.0 to before 11.0.5, an authenticated techni... | 8.0 | HIGH | — | 0 |
| CVE-2026-32813 Admidio is an open-source user management solution. Versions 5.0.6 and below are vulnerable to arbitrary SQL Injection through the MyList configuration feature. The MyList configuration feature lets a... | 8.0 | HIGH | — | 0 |
| CVE-2026-1961 A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitiz... | 8.0 | HIGH | — | 0 |
| CVE-2026-26111 Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-33335 Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper passes URLs from `window.open()` calls direc... | 8.0 | HIGH | — | 0 |
| CVE-2026-20155 A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive informa... | 8.0 | HIGH | — | 0 |
| CVE-2026-25173 Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-25172 Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-23660 Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-30309 InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely ineffective. The predefined blocklist fails to cov... | 7.8 | HIGH | — | 0 |
| CVE-2026-32647 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting ... | 7.8 | HIGH | — | 0 |
| CVE-2026-23410 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race on rawdata dereference There is a race condition that leads to a use-after-free situation: because the rawdata ... | 7.8 | HIGH | — | 0 |
| CVE-2026-23411 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to i_private data on its end after ... | 7.8 | HIGH | — | 0 |
| CVE-2026-33851 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib.This issue affects doslib: before doslib-20250729. | 7.8 | HIGH | — | 0 |
| CVE-2026-33874 Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerab... | 7.8 | HIGH | — | 0 |
| CVE-2026-26134 Integer overflow or wraparound in Microsoft Office allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-4775 A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. Th... | 7.8 | HIGH | — | 0 |
| CVE-2026-22561 Uncontrolled search path elements in Anthropic Claude for Windows installer (Claude Setup.exe) versions prior to 1.1.3363 allow local privilege escalation via DLL search-order hijacking. The installer... | 7.8 | HIGH | — | 0 |
| CVE-2026-23665 Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally. | 7.8 | HIGH | — | 0 |
| CVE-2026-34054 vcpkg is a free and open-source C/C++ package manager. Prior to version 3.6.1#3, vcpkg's Windows builds of OpenSSL set openssldir to a path on the build machine, making that path be attackable later o... | 7.8 | HIGH | — | 0 |
| CVE-2026-33847 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96. | 7.8 | HIGH | — | 0 |
| CVE-2026-33744 BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.37, the `docker.system_packages` field in `bentofile.yaml` accepts arbitrary str... | 7.8 | HIGH | — | 0 |
| CVE-2016-20061 sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can inse... | 7.8 | HIGH | — | 0 |
| CVE-2026-22163 Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical ... | 7.8 | HIGH | — | 0 |
| CVE-2016-20060 Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can pl... | 7.8 | HIGH | — | 0 |
| CVE-2016-20059 IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a mali... | 7.8 | HIGH | — | 0 |
| CVE-2025-66342 A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerability, which can lead to memory corruption and result in arbitra... | 7.8 | HIGH | — | 0 |
| CVE-2016-20058 Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers... | 7.8 | HIGH | — | 0 |
| CVE-2026-3779 The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when th... | 7.8 | HIGH | — | 0 |
| CVE-2026-33298 llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a G... | 7.8 | HIGH | — | 0 |
| CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary p... | 7.8 | HIGH | — | 0 |
| CVE-2026-32708 PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, the Zenoh uORB subscriber allocates a stack VLA directly from the incoming payload length without bounds. A remote Zenoh pub... | 7.8 | HIGH | — | 0 |
| CVE-2026-3991 Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1, 16.1 MP2, 16.0 RU2 HF9, 16.0 RU1 MP1 HF12, and 16.0 MP2 HF15, may be susceptible to a Elevation of Privilege vulnerability, which is ... | 7.8 | HIGH | — | 0 |
| CVE-2025-64301 An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out‑of‑bounds ... | 7.8 | HIGH | — | 0 |
| CVE-2016-20056 Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious exec... | 7.8 | HIGH | — | 0 |
| CVE-2026-33850 Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54. | 7.8 | HIGH | — | 0 |
| CVE-2016-20055 IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a ma... | 7.8 | HIGH | — | 0 |
| CVE-2026-23408 In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix double free of ns_name in aa_replace_profiles() if ns_name is NULL after 1071 error = aa_unpack(udata, &lh, ... | 7.8 | HIGH | — | 0 |
| CVE-2026-30900 Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | 7.8 | HIGH | — | 0 |
| CVE-2026-23406 In the Linux kernel, the following vulnerability has been resolved: apparmor: fix side-effect bug in match_char() macro usage The match_char() macro evaluates its character parameter multiple times ... | 7.8 | HIGH | — | 0 |
| CVE-2025-41359 Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfigurat... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.