Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,667
Quick preset (or use dates below)
Clear Filters
Showing 9,181 - 9,200 of 14,211 CVEs
CVE-2025-62403 MEDIUM - 6.1

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Vendor: Canva
Product: Affinity
Published: Mar 17, 2026
Source: NVD
CVE-2025-61979 MEDIUM - 6.1

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Vendor: Canva
Product: Affinity
Published: Mar 17, 2026
Source: NVD
CVE-2025-61952 MEDIUM - 6.1

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Vendor: Canva
Product: Affinity
Published: Mar 17, 2026
Source: NVD
CVE-2025-58427 MEDIUM - 6.1

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Vendor: Canva
Product: Affinity
Published: Mar 17, 2026
Source: NVD
CVE-2025-47873 MEDIUM - 6.1

An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.

Vendor: Canva
Product: Affinity
Published: Mar 17, 2026
Source: NVD
CVE-2026-32947 MEDIUM - 4.9

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS (DoH) vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like dns....

Vendor: actions
Product: step-security/harden-runner
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32946 MEDIUM - 2.7

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, the Harden-Runner that allows bypass of the egress-policy: block network restriction using DNS queries over TCP. Egress policies are enforced on GitHub runners by filtering outbou...

Vendor: actions
Product: step-security/harden-runner
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32770 MEDIUM - 5.9

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.19 and 8.6.43, a remote attacker can crash the Parse Server by subscribing to a LiveQuery with an invalid regular expression pattern. The server process terminates when the in...

Vendor: npm
Product: parse-server
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32742 MEDIUM - 4.3

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.17 and 8.6.42, an authenticated user can overwrite server-generated session fields (`sessionToken`, `expiresAt`, `createdWith`) when creating a session object via `POST /class...

Vendor: npm
Product: parse-server
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32878 MEDIUM - 7.5

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.20 and 8.6.44, an attacker can bypass the default request keyword denylist protection and the class-level permission for adding fields by sending a crafted request that exploi...

Vendor: npm
Product: parse-server
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32294 MEDIUM - 4.7

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification.

Vendor: JetKVM
Product: JetKVM
Published: Mar 17, 2026
Source: NVD
CVE-2026-32291 MEDIUM - 6.8

The GL-iNet Comet (GL-RM1) KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins.

Vendor: GL-iNet
Product: Comet KVM
Published: Mar 17, 2026
Source: NVD
CVE-2026-32290 MEDIUM - 4.7

The GL-iNet Comet (GL-RM1) KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification.

Vendor: GL-iNet
Product: Comet KVM
Published: Mar 17, 2026
Source: NVD
CVE-2026-32941 MEDIUM - 6.5

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM (Out-of-Memory) vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an attack...

Vendor: go
Product: github.com/bishopfox/sliver
Published: Mar 17, 2026
Source: GitHub

Devise is an authentication solution for Rails based on Warden. Prior to version 5.0.3, a race condition in Devise's Confirmable module allows an attacker to confirm an email address they do not own. This affects any Devise application using the `reconfirmable` option (the default when using Co...

Vendor: rubygems
Product: devise
Published: Mar 17, 2026
Source: GitHub
CVE-2026-32636 MEDIUM - 5.3

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue.

Vendor: nuget
Product: Magick.NET-Q16-AnyCPU
Published: Mar 17, 2026
Source: GitHub
CVE-2026-31865 MEDIUM - 6.5

Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to version 1.4.27, an Elysia cookie can be overridden by prototype pollution , eg. `__proto__`. This issue is patched in 1.4.27. As a workaround, use t.Cookie valida...

Vendor: npm
Product: elysia
Published: Mar 17, 2026
Source: GitHub
CVE-2026-29057 MEDIUM - 6.5

Next.js is a React framework for building full-stack web applications. Starting in version 9.5.0 and prior to versions 15.5.13 and 16.1.7, when Next.js rewrites proxy traffic to an external backend, a crafted `DELETE`/`OPTIONS` request using `Transfer-Encoding: chunked` could trigger request boundar...

Vendor: npm
Product: next
Published: Mar 17, 2026
Source: GitHub
CVE-2026-27980 MEDIUM - 7.5

Next.js is a React framework for building full-stack web applications. Starting in version 10.0.0 and prior to version 16.1.7, the default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many ...

Vendor: npm
Product: next
Published: Mar 17, 2026
Source: GitHub
CVE-2026-27979 MEDIUM - 7.5

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, a request containing the `next-resume: 1` header (corresponding with a PPR resume request) would buffer request bodies without consistently enforcing `maxPostponedStateSize`...

Vendor: npm
Product: next
Published: Mar 17, 2026
Source: GitHub