Common Vulnerabilities and Exposures (CVE)

CVE-2026-7020

Apr 26, 2026 04:45:11 UTC

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results i...

CVE-2026-7019

Apr 26, 2026 04:30:17 UTC

A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possibl...

CVE-2023-4658

Apr 26, 2026 04:06:59 UTC

An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `A...

CVE-2023-4532

Apr 26, 2026 04:06:54 UTC

An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of privat...

CVE-2026-7018

Apr 26, 2026 03:30:20 UTC

A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the compo...

CVE-2026-7016

Apr 26, 2026 03:15:16 UTC

A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site scripting. Remote exploitation of the at...

CVE-2026-42254

Apr 26, 2026 03:10:54 UTC

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response.

CVE-2026-42255

Apr 26, 2026 03:10:30 UTC

Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation.

CVE-2026-7015

Apr 26, 2026 02:45:13 UTC

A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_email leads to cross site scripting. The atta...

CVE-2026-7014

Apr 26, 2026 02:30:20 UTC

A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down_count Plugin. This manipulation of the argument f_file/f_prefix causes cross site scripting. The attack may be initiated remotel...

CVE-2026-7013

Apr 26, 2026 02:00:20 UTC

A security vulnerability has been detected in MaxSite CMS up to 109.3. Affected by this issue is some unknown functionality of the component mail_send Plugin. The manipulation of the argument f_subject/f_files/f_from leads to cross site scr...

CVE-2026-7012

Apr 26, 2026 01:15:16 UTC

A vulnerability was detected in MaxSite CMS up to 109.3. This affects an unknown part of the component Redirect Plugin. The manipulation of the argument f_all/f_all404 results in cross site scripting. The attack can be launched remotely. Th...

CVE-2026-7011

Apr 26, 2026 00:30:20 UTC

A weakness has been identified in MaxSite CMS up to 109.3. Affected by this vulnerability is an unknown functionality of the file /admin/plugin_antispam of the component Antispam Plugin. Executing a manipulation of the argument f_logging_fi...

CVE-2024-0456

Apr 25, 2026 23:00:34 UTC

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project

CVE-2023-6955

Apr 25, 2026 23:00:34 UTC

A missing authorization check vulnerability exists in GitLab Remote Development affecting all versions prior to 16.5.6, 16.6 prior to 16.6.4 and 16.7 prior to 16.7.2. This condition allows an attacker to create a workspace in one group that...