Total CVEs

145,982

Critical Severity

4,294

High Severity

15,805

Last 7 Days

2,233
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 21,641 - 21,660 of 42,387 CVEs
CVE-2018-25269 MEDIUM - 6.1

ICEWARP 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object and embed tags. Attackers can craft emails containing data URIs with embedded scripts that execute in the client when the ...

Vendor: icewarp
Product: ICEWARP Client
Published: Apr 22, 2026
Source: NVD
CVE-2018-25268 HIGH - 8.4

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan field. Attackers can craft a payload with 688 bytes of padding followed by 4 bytes of controlled data to crash the application or potent...

Vendor: Lizardsystems
Product: LanSpy
Published: Apr 22, 2026
Source: NVD
CVE-2018-25267 MEDIUM - 6.2

UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite value...

Vendor: Ultraiso
Product: UltraISO
Published: Apr 22, 2026
Source: NVD
CVE-2018-25266 MEDIUM - 6.2

Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying an excessively large string. Attackers can generate a file containing a massive buffer of repeated characters and paste it into the unavailable ...

Vendor: Angryip
Product: Angry IP Scanner
Published: Apr 22, 2026
Source: NVD
CVE-2018-25265 HIGH - 8.4

LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode, trigger...

Vendor: Lizardsystems
Product: LanSpy
Published: Apr 22, 2026
Source: NVD
CVE-2018-25262 MEDIUM - 6.2

Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed input to the port selection field. Attackers can craft a malicious string containing buffer overflow patterns and paste it into the Preferences Port...

Vendor: Angryip
Product: Angry IP Scanner for Linux
Published: Apr 22, 2026
Source: NVD
CVE-2018-25261 HIGH - 8.4

Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location fi...

Vendor: Iperiusbackup
Product: Iperius Backup
Published: Apr 22, 2026
Source: NVD
CVE-2018-25260 HIGH - 8.4

MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB ...

Vendor: Magix
Product: MAGIX Music Editor
Published: Apr 22, 2026
Source: NVD
CVE-2018-25259 HIGH - 8.4

Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overw...

Vendor: Lizardsystems
Product: Terminal Services Manager
Published: Apr 22, 2026
Source: NVD
CVE-2026-35548 HIGH - 8.5

An issue was discovered in guardsix (formerly Logpoint) ODBC Enrichment Plugins before 5.2.1 (5.2.1 is used in guardsix 7.9.0.0). A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source, prev...

Published: Apr 22, 2026
Source: NVD
CVE-2026-41179 CRITICAL - 9.8

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint `operations/fsinfo` is exposed without `AuthRequired: true` and accepts attacker-controlled `fs` input. Because `rc.Ge...

Vendor: go
Product: github.com/rclone/rclone
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41176 CRITICAL - 9.8

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without `AuthRequired: true`, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pr...

Vendor: go
Product: github.com/rclone/rclone
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41166 HIGH - 7.0

OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager API to update Keycloak realm roles for users in another realm, including `master`. The handler uses the `{realm}` path segment when talking to th...

Vendor: maven
Product: io.openremote:openremote-manager
Published: Apr 22, 2026
Source: GitHub

Poetry is a dependency manager for Python. Prior to 2.3.4, the extractall() function in src/poetry/utils/helpers.py:410-426 extracts sdist tarballs without path traversal protection on Python versions where tarfile.data_filter is unavailable. Considering only Python versions which are still supporte...

Vendor: pip
Product: poetry
Published: Apr 22, 2026
Source: GitHub
CVE-2026-41070 CRITICAL - 10.0

openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version 1.27.3, when openvpn-auth-oauth2 is deployed in the experimental plugin mode (shared library loaded by OpenVPN via the plugin ...

Vendor: go
Product: github.com/jkroepke/openvpn-auth-oauth2
Published: Apr 22, 2026
Source: GitHub
CVE-2026-6862 MEDIUM - 5.5

A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI (Extensible Firmware Interface) device path node header. A local user could exploit this vul...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6861 MEDIUM - 6.1

A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG (Scalable Vector Graphics) CSS (Cascading Style Sheets) data. A local user could exploit this by convincing a victim to open a malicious SVG file, which may lead to a denia...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6859 HIGH - 8.8

A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from HuggingFace. This allows a remote attacker to achieve arbitrary Python code execution by convincing a user to run `ilab train/download/generate` with a specially crafted malicious...

Published: Apr 22, 2026
Source: NVD
CVE-2026-6356 CRITICAL - 9.6

A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information.

Published: Apr 22, 2026
Source: NVD
CVE-2026-6355 MEDIUM - 6.5

A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configurati...

Published: Apr 22, 2026
Source: NVD