Search

Search Results (362815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-3907 1 Gitlab 1 Gitlab 2026-04-23 4.9 Medium
A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner
CVE-2026-21571 1 Atlassian 1 Bamboo 2026-04-23 N/A
This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center.   This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H allows an authenticated attacker to execute commands on the remote system, which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.   Atlassian recommends that Bamboo Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bamboo Data Center 9.6.0: Upgrade to a release greater than or equal to 9.6.25 Bamboo Data Center 10.2: Upgrade to a release greater than or equal to 10.2.18  Bamboo Data Center 12.1: Upgrade to a release greater than or equal to 12.1.6 See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).
CVE-2026-6769 1 Mozilla 2 Firefox, Thunderbird 2026-04-23 8.8 High
Privilege escalation in the Debugger component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6761 1 Mozilla 2 Firefox, Thunderbird 2026-04-23 8.8 High
Privilege escalation in the Networking component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-40250 2 Academysoftwarefoundation, Openexr 2 Openexr, Openexr 2026-04-23 7.1 High
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, `internal_dwa_compressor.h:1040` performs `chan->width * chan->bytes_per_element` in `int32` arithmetic without a `(size_t)` cast. This is the same overflow pattern fixed in other decoders by CVE-2026-34589/34588/34544, but this line was missed. Versions 3.4.10, 3.3.10, and 3.2.8 contain a fix that addresses `internal_dwa_compressor.h:1040`.
CVE-2026-40244 2 Academysoftwarefoundation, Openexr 2 Openexr, Openexr 2026-04-23 7.1 High
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, `internal_dwa_compressor.h:1722` performs `curc->width * curc->height` in `int32` arithmetic without a `(size_t)` cast. This is the same overflow pattern fixed in other locations by the recent CVE-2026-34589 batch, but this line was missed. Versions 3.4.10, 3.3.10, and 3.2.8 contain a fix that addresses `internal_dwa_compressor.h:1722`.
CVE-2024-1394 1 Redhat 23 Ansible Automation Platform, Ansible Automation Platform Developer, Ansible Automation Platform Inside and 20 more 2026-04-23 7.5 High
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs​. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey​ and ctx​. That function uses named return parameters to free pkey​ and ctx​ if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey​ and ctx​ will be nil inside the deferred function that should free them.
CVE-2006-5970 1 Verity 1 Ultraseek 2026-04-23 N/A
Verity Ultraseek before 5.7 allows remote attackers to obtain sensitive information via direct requests with (1) a null ("%00") terminated url parameter to help/urlstatusgo.html; or missing parameters to (2) help/header.html, (3) help/footer.html, (4) spell.html, (5) coreforma.html, (6) daterange.html, (7) hits.html, (8) hitsnavbottom.html, (9) indexform.html, (10) indexforma.html, (11) languages.html, (12) nohits.html, (13) onehit1.html, (14) onehit2.html, (15) query.html, (16) queryform0.html, (17) queryform0a.html, (18) queryform1.html, (19) queryform1a.html, (20) queryform2.html, (21) queryform2a.html, (22) quicklinks.html, (23) relatedtopics.html, (24) signin.html, (25) subtopics.html, (26) thesaurus.html, (27) topics.html, (28) hitspagebar.html, (29) highlight/highlight.html, (30) highlight/highlight_one.html, and (31) highlight/topnav.html, which leaks the installation path in the resulting error message.
CVE-2008-6543 1 Comscripts 1 Quick Classifieds 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3, (18) alterTheme.php3, (19) color_help.php3, (20) createdb.php3, (21) createFeatured.php3, (22) createHomepage.php3, (23) createL.php3, (24) createM.php3, (25) createNews.php3, (26) createP.php3, (27) createS.php3, (28) createT.php3, (29) index.php3, (30) mailadmin.php3, and (31) setUp.php3 in controlpannel/; (32) include/sendit.php3 and (33) include/sendit2.php3; and possibly (34) include/adminHead.inc, (35) include/usersHead.inc, and (36) style/default.scheme.inc.
CVE-2006-5093 1 Paul Schudar 1 Tagmin Control Center 2026-04-23 N/A
PHP remote file inclusion vulnerability in index.php in Tagmin Control Center in TagIt! Tagboard 2.1.B Build 2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.
CVE-2006-5091 1 Hp 1 Hp-ux 2026-04-23 N/A
Unspecified vulnerability in HP-UX B.11.11 and B.11.23 CIFS Server (Samba) allows local users to gain privileges or obtain "unauthorized access" via unspecified vectors.
CVE-2006-5090 1 Phoenix Evolution 1 Phoenix Evolution Cms 2026-04-23 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote attackers to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-5088 1 Phpheaven 1 Phpmychat 2026-04-23 N/A
PHP remote file inclusion vulnerability in connected_users.lib.php3 in phpHeaven phpMyChat 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ChatPath parameter.
CVE-2006-5080 1 Six Apart 1 Movable Type 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in the search function in Six Apart Movable Type 3.3 to 3.32, and Movable Type Enterprise 1.01 and 1.02, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5079 1 Php Arena 1 Pabugs 2026-04-23 N/A
PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
CVE-2006-5076 1 Back-end 1 Back-end Cms 2026-04-23 N/A
Multiple PHP remote file inclusion vulnerabilities in OpenConcept Back-End 0.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the includes_path parameter in (1) admin/index.php, (2) Facts.php, or (3) search.php.
CVE-2006-5075 1 Sun 1 Solaris 2026-04-23 N/A
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.
CVE-2006-5074 1 Php Invoice 1 Php Invoice 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter.
CVE-2006-5073 1 Sun 2 Solaris, Sunos 2026-04-23 N/A
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
CVE-2006-4099 1 Businessobjects 1 Crystal Enterprise 2026-04-23 N/A
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values.