Search
Search Results (327265 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0719 | 1 Redhat | 1 Enterprise Linux | 2026-01-13 | 8.6 High |
| A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk. | ||||
| CVE-2025-20748 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-01-13 | 6.7 Medium |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432679; Issue ID: MSV-3950. | ||||
| CVE-2025-20711 | 2 Mediatek, Openwrt | 6 Mt6890, Mt7916, Mt7981 and 3 more | 2026-01-13 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422399; Issue ID: MSV-3748. | ||||
| CVE-2025-15070 | 1 Gmission | 1 Web Fax | 2026-01-13 | 5.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse.This issue affects Web Fax: from 3.0 before 3.0.1 | ||||
| CVE-2025-15069 | 1 Gmission | 1 Web Fax | 2026-01-13 | 7.1 High |
| Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1 | ||||
| CVE-2025-15068 | 1 Gmission | 1 Web Fax | 2026-01-13 | 7.7 High |
| Missing Authorization vulnerability in Gmission Web Fax allows Authentication Abuse, Session Credential Falsification through Manipulation.This issue affects Web Fax: from 3.0 before 3.0.1 | ||||
| CVE-2006-3730 | 1 Microsoft | 3 Ie, Internet Explorer, Windows Xp | 2026-01-13 | N/A |
| Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. | ||||
| CVE-2025-8110 | 1 Gogs | 1 Gogs | 2026-01-13 | N/A |
| Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code. | ||||
| CVE-2026-22837 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22836 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22835 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22834 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22833 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22832 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22831 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22830 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2026-22829 | 2026-01-13 | N/A | ||
| Not used | ||||
| CVE-2023-33941 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2026-01-13 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in the Plugin for OAuth 2.0 module's OAuth2ProviderApplicationRedirect class in Liferay Portal 7.4.3.41 through 7.4.3.52, and Liferay DXP 7.4 update 41 through 52 allow remote attackers to inject arbitrary web script or HTML via the (1) code, or (2) error parameter. | ||||
| CVE-2023-33942 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2026-01-13 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in the Web Content Display widget's article selector in Liferay Liferay Portal 7.4.3.50, and Liferay DXP 7.4 update 50 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a web content article's `Title` field. | ||||
| CVE-2023-33948 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2026-01-13 | 5.3 Medium |
| The Dynamic Data Mapping module in Liferay Portal 7.4.3.67, and Liferay DXP 7.4 update 67 does not limit Document and Media files which can be downloaded from a Form, which allows remote attackers to download any file from Document and Media via a crafted URL. | ||||