Total
341187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28526 | 2026-03-30 | N/A | 3.5 LOW | ||
| BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES and LIST_PLAYER_APPLICATION_SETTING_VALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth Classic connection can send a specially crafted VENDOR_DEPENDENT response with an attacker-controlled count value to trigger an out-of-bounds read from the L2CAP receive buffer, potentially causing a crash on resource-constrained devices. | |||||
| CVE-2025-61190 | 2026-03-30 | N/A | 6.1 MEDIUM | ||
| A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in DSpace JSPUI 6.5 within the search/discover filtering functionality. The vulnerability exists due to improper sanitization of user-supplied input via the filter_type_1 parameter. | |||||
| CVE-2025-13611 | 1 Gitlab | 1 Gitlab | 2026-03-30 | N/A | 2.0 LOW |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user with access to certain logs to obtain sensitive tokens under specific conditions. | |||||
| CVE-2022-34134 | 1 Jorani | 1 Jorani | 2026-03-30 | 6.8 MEDIUM | 8.8 HIGH |
| Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /application/controllers/Users.php. | |||||
| CVE-2022-34133 | 1 Jorani | 1 Jorani | 2026-03-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Comment parameter at application/controllers/Leaves.php. | |||||
| CVE-2022-34132 | 1 Jorani | 1 Jorani | 2026-03-30 | 7.5 HIGH | 9.8 CRITICAL |
| Jorani v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at application/controllers/Leaves.php. | |||||
| CVE-2026-21902 | 1 Juniper | 7 Junos Os Evolved, Ptx10001-36mr, Ptx10002-36qdd and 4 more | 2026-03-30 | N/A | 9.8 CRITICAL |
| An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root. The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally exposed port. With the ability to access and manipulate the service to execute code as root a remote attacker can take complete control of the device. Please note that this service is enabled by default as no specific configuration is required. This issue affects Junos OS Evolved on PTX Series: * 25.4 versions before 25.4R1-S1-EVO, 25.4R2-EVO. This issue does not affect Junos OS Evolved versions before 25.4R1-EVO. This issue does not affect Junos OS. | |||||
| CVE-2026-4396 | 1 Devolutions | 1 Hub Reporting Service | 2026-03-30 | N/A | 8.1 HIGH |
| Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to perform a man-in-the-middle attack via disabled TLS certificate verification. | |||||
| CVE-2026-32828 | 1 Akuity | 1 Kargo | 2026-03-30 | N/A | 4.9 MEDIUM |
| Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery (SSRF) against link-local addresses, most critically the cloud instance metadata endpoint (169.254.169.254), enabling exfiltration of sensitive data such as IAM credentials. These steps provide full control over request headers and methods, rendering cloud provider header-based SSRF mitigations ineffective. An authenticated attacker with permissions to create/update Stages or craft Promotion resources can exploit this by submitting a malicious Promotion manifest, with response data retrievable via Promotion status fields, Git repositories, or a second http step. This issue has been fixed in versions 1.6.4, 1.7.9, 1.8.12 and 1.9.5. | |||||
| CVE-2026-32829 | 1 Pseitz | 1 Lz4 Flex | 2026-03-30 | N/A | 7.5 HIGH |
| lz4_flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values during LZ4 "match copy operations," allowing out-of-bounds reads from the output buffer. The block-based API functions (`decompress_into`, `decompress_into_with_dict`, and others when `safe-decode` is disabled) are affected, while all frame APIs are unaffected. The impact is potential exposure of sensitive data and secrets through crafted or malformed LZ4 input. This issue has been fixed in versions 0.11.6 and 0.12.1. | |||||
| CVE-2020-19513 | 1 Aida64 | 1 Aida64 | 2026-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler. | |||||
| CVE-2026-32811 | 1 Dadrus | 1 Heimdall | 2026-03-30 | N/A | 8.2 HIGH |
| Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits the requested URL into parts, and sends the parts individually to Heimdall. Although query and path are present in the API, the query field is documented to be always empty and the URL query is included in the path field. The implementation uses go's url library to reconstruct the url which automatically encodes special characters in the path. As a consequence, a parameter like /mypath?foo=bar to Path is escaped into /mypath%3Ffoo=bar. Subsequently, a rule matching /mypath no longer matches and is bypassed. The issue can only lead to unintended access if Heimdall is configured with an "allow all" default rule. Since v0.16.0, Heimdall enforces secure defaults and refuses to start with such a configuration unless this enforcement is explicitly disabled, e.g. via --insecure-skip-secure-default-rule-enforcement or the broader --insecure flag. This issue has been fixed in version 0.17.11. | |||||
| CVE-2026-33660 | 1 N8n | 1 N8n | 2026-03-30 | N/A | 8.8 HIGH |
| n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code execution. The AlaSQL sandbox did not sufficiently restrict certain SQL statements, allowing an attacker to access sensitive files on the server or even compromise the instance. The issue has been fixed in n8n versions 2.14.1, 2.13.3, and 1.123.26. Users should upgrade to one of these versions or later to remediate the vulnerability. If upgrading is not immediately possible, administrators should consider the following temporary mitigations: Limit workflow creation and editing permissions to fully trusted users only, and/or disable the Merge node by adding `n8n-nodes-base.merge` to the `NODES_EXCLUDE` environment variable. These workarounds do not fully remediate the risk and should only be used as short-term mitigation measures. | |||||
| CVE-2026-32889 | 1 Tinytag Project | 1 Tinytag | 2026-03-30 | N/A | 6.5 MEDIUM |
| tinytag is a Python library for reading audio file metadata. Version 2.2.0 allows an attacker who can supply MP3 files for parsing to trigger a non-terminating loop while the library parses an ID3v2 SYLT (synchronized lyrics) frame. In server-side deployments that automatically parse attacker-supplied files, a single 498-byte MP3 can cause the parsing operation to stop making progress and remain busy until the worker or process is terminated. The root cause is that _parse_synced_lyrics assumes _find_string_end_pos always returns a position greater than the current offset. That assumption is false when no string terminator is present in the remaining frame content. This issue has been fixed in version 2.2.1. | |||||
| CVE-2025-48611 | 1 Google | 1 Android | 2026-03-30 | N/A | 10.0 CRITICAL |
| In DeviceId of DeviceId.java, there is a possible desync in persistence due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2026-31836 | 1 Bluewavelabs | 1 Checkmate | 2026-03-30 | N/A | 8.1 HIGH |
| Checkmate is an open-source, self-hosted tool designed to track and monitor server hardware, uptime, response times, and incidents in real-time with beautiful visualizations. In versions from 3.5.1 and prior, a mass assignment vulnerability in Checkmate's user profile update endpoint allows any authenticated user to escalate their privileges to superadmin, bypassing all role-based access controls. An attacker can modify their user role to gain complete administrative access to the application, including the ability to view all users, modify critical configurations, and access sensitive system data. At time of publication, there are no publicly available patches. | |||||
| CVE-2026-32850 | 1 Mailenable | 1 Mailenable | 2026-03-30 | N/A | 6.1 MEDIUM |
| MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the SelectedIndex parameter in the ManageShares.aspx form, which is not properly sanitized before being embedded into dynamically generated JavaScript. | |||||
| CVE-2026-32851 | 1 Mailenable | 1 Mailenable | 2026-03-30 | N/A | 6.1 MEDIUM |
| MailEnable versions prior to 10.55 contain a reflected cross-site scripting vulnerability in the webmail interface that allows remote attackers to execute arbitrary JavaScript in a victim's browser by crafting a malicious URL. Attackers can inject malicious code through the Attendees parameter in the FreeBusy.aspx form, which is not properly sanitized before being embedded into dynamically generated JavaScript. | |||||
| CVE-2022-26652 | 2 Linuxfoundation, Nats | 2 Nats-server, Nats Streaming Server | 2026-03-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| NATS nats-server before 2.7.4 allows Directory Traversal (with write access) via an element in a ZIP archive for JetStream streams. nats-streaming-server before 0.24.3 is also affected. | |||||
| CVE-2020-28466 | 1 Linuxfoundation | 1 Nats-server | 2026-03-30 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightened risk. Any remote execution flaw or equivalent seriousness, or denial-of-service by unauthenticated users, will lead to prompt releases by the NATS maintainers. Fixes for denial of service issues with no threat of remote execution, when limited to account holders, are likely to just be committed to the main development branch with no special attention. Those who are running such services are encouraged to build regularly from git. | |||||