| CVE-2026-35616 |
CRIT
|
9.8 |
A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 throug… |
1
|
2026-04-04 |
| CVE-2026-33107 |
CRIT
|
10.0 |
Server-side request forgery (ssrf) in Azure Databricks allows an unauthorized a… |
2267
|
2026-04-03 |
| CVE-2026-33105 |
CRIT
|
10.0 |
Improper authorization in Microsoft Azure Kubernetes Service allows an unauthor… |
2267
|
2026-04-03 |
| CVE-2026-32213 |
CRIT
|
10.0 |
Improper authorization in Azure AI Foundry allows an unauthorized attacker to e… |
2267
|
2026-04-03 |
| CVE-2026-32211 |
CRIT
|
9.1 |
Missing authentication for critical function in Azure MCP Server allows an unau… |
2267
|
2026-04-03 |
| CVE-2026-32173 |
HIGH
|
8.6 |
Improper authentication in Azure SRE Agent allows an unauthorized attacker to d… |
2267
|
2026-04-03 |
| CVE-2026-26135 |
CRIT
|
9.6 |
Server-side request forgery (ssrf) in Azure Custom Locations Resource Provider … |
2267
|
2026-04-03 |
| CVE-2026-34758 |
CRIT
|
9.1 |
OneUptime is an open-source monitoring and observability platform. Prior to ver… |
15
|
2026-04-02 |
| CVE-2026-34752 |
HIGH
|
7.5 |
Haraka is a Node.js mail server. Prior to version 3.1.4, sending an email with … |
84
|
2026-04-02 |
| CVE-2026-34730 |
MED
|
5.5 |
Copier is a library and CLI app for rendering project templates. Prior to versi… |
79
|
2026-04-02 |
| CVE-2026-34726 |
MED
|
4.4 |
Copier is a library and CLI app for rendering project templates. Prior to versi… |
79
|
2026-04-02 |
| CVE-2026-34426 |
HIGH
|
7.6 |
OpenClaw versions prior to commit b57b680 contain an approval bypass vulnerabil… |
84
|
2026-04-02 |
| CVE-2026-35414 |
MED
|
4.2 |
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommo… |
18
|
2026-04-02 |
| CVE-2026-34835 |
MED
|
4.8 |
Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to befor… |
11
|
2026-04-02 |
| CVE-2026-35038 |
MED
|
6.5 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
25
|
2026-04-02 |
| CVE-2026-34083 |
MED
|
6.1 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
25
|
2026-04-02 |
| CVE-2026-33951 |
HIGH
|
7.5 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
25
|
2026-04-02 |
| CVE-2026-33950 |
CRIT
|
9.4 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
25
|
2026-04-02 |
| CVE-2025-65114 |
HIGH
|
7.5 |
Apache Traffic Server allows request smuggling if chunked messages are malforme… |
1
|
2026-04-02 |
| CVE-2025-58136 |
HIGH
|
7.5 |
A bug in POST request handling causes a crash under a certain condition.
This … |
1
|
2026-04-02 |
| CVE-2026-34974 |
MED
|
5.4 |
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the reg… |
16
|
2026-04-02 |
| CVE-2026-34973 |
MED
|
5.3 |
phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, the sea… |
16
|
2026-04-02 |
| CVE-2026-5334 |
HIGH
|
7.3 |
A weakness has been identified in itsourcecode Online Enrollment System 1.0. Im… |
1
|
2026-04-02 |
| CVE-2026-34530 |
MED
|
6.9 |
File Browser is a file managing interface for uploading, deleting, previewing, … |
2
|
2026-04-01 |
| CVE-2026-34529 |
HIGH
|
7.6 |
File Browser is a file managing interface for uploading, deleting, previewing, … |
2
|
2026-04-01 |
| CVE-2026-34528 |
HIGH
|
8.1 |
File Browser is a file managing interface for uploading, deleting, previewing, … |
2
|
2026-04-01 |
| CVE-2026-34872 |
CRIT
|
9.1 |
An issue was discovered in Mbed TLS 3.5.x and 3.6.x through 3.6.5 and TF-PSA-Cr… |
20
|
2026-04-01 |
| CVE-2025-66442 |
MED
|
5.1 |
In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in … |
20
|
2026-04-01 |
| CVE-2026-34874 |
HIGH
|
7.5 |
An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There … |
19
|
2026-04-01 |
| CVE-2026-34871 |
MED
|
6.7 |
An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PS… |
20
|
2026-04-01 |
| CVE-2026-25835 |
HIGH
|
7.7 |
Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-R… |
19
|
2026-04-01 |
| CVE-2026-25833 |
HIGH
|
7.5 |
Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x… |
19
|
2026-04-01 |
| CVE-2026-34875 |
CRIT
|
9.8 |
An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A bu… |
19
|
2026-04-01 |
| CVE-2026-25834 |
MED
|
6.5 |
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. |
19
|
2026-04-01 |
| CVE-2026-30273 |
HIGH
|
7.3 |
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via th… |
79
|
2026-04-01 |
| CVE-2026-5175 |
MED
|
5.0 |
Improper access control in the multi-factor authentication (MFA) management API… |
1
|
2026-04-01 |
| CVE-2026-4989 |
MED
|
4.3 |
Improper input validation in the gateway health check feature in Devolutions Se… |
2
|
2026-04-01 |
| CVE-2026-4927 |
MED
|
6.5 |
Exposure of sensitive information in the users MFA feature in Devolutions Serve… |
1
|
2026-04-01 |
| CVE-2026-4925 |
MED
|
5.0 |
Improper access control in the users MFA feature in Devolutions Server allows a… |
1
|
2026-04-01 |
| CVE-2026-4924 |
HIGH
|
8.2 |
Improper
authentication in the two-factor authentication (2FA) feature in
Dev… |
2
|
2026-04-01 |
| CVE-2026-4829 |
MED
|
5.4 |
Improper authentication in the external OAuth authentication flow in Devolution… |
3
|
2026-04-01 |
| CVE-2026-4828 |
HIGH
|
8.2 |
Improper authentication in the OAuth login functionality in Devolutions Server … |
2
|
2026-04-01 |
| CVE-2026-3877 |
MED
|
6.1 |
A reflected cross-site scripting (XSS) vulnerability in the dashboard search fu… |
3
|
2026-04-01 |
| CVE-2026-34430 |
HIGH
|
8.8 |
ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape v… |
8
|
2026-04-01 |
| CVE-2026-22768 |
HIGH
|
7.3 |
Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment f… |
3
|
2026-04-01 |
| CVE-2026-22767 |
HIGH
|
7.3 |
Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Foll… |
3
|
2026-04-01 |
| CVE-2026-0932 |
HIGH
|
7.3 |
Blind server-side request forgery (SSRF) vulnerability in legacy connection met… |
16
|
2026-04-01 |
| CVE-2026-27101 |
MED
|
4.7 |
Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application version(s) 5.28… |
3
|
2026-04-01 |
| CVE-2026-5292 |
HIGH
|
8.8 |
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowe… |
240
|
2026-04-01 |
| CVE-2026-5291 |
MED
|
6.5 |
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 … |
240
|
2026-04-01 |
| CVE-2026-5290 |
CRIT
|
9.6 |
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed … |
240
|
2026-04-01 |
| CVE-2026-5289 |
CRIT
|
9.6 |
Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a… |
240
|
2026-04-01 |
| CVE-2026-5288 |
CRIT
|
9.6 |
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 a… |
240
|
2026-04-01 |
| CVE-2026-5287 |
HIGH
|
8.8 |
Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote… |
240
|
2026-04-01 |
| CVE-2026-5286 |
HIGH
|
8.8 |
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remot… |
240
|
2026-04-01 |
| CVE-2026-5285 |
HIGH
|
8.8 |
Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remo… |
240
|
2026-04-01 |
| CVE-2026-5284 |
HIGH
|
7.5 |
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remot… |
240
|
2026-04-01 |
| CVE-2026-5283 |
MED
|
6.5 |
Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 … |
240
|
2026-04-01 |
| CVE-2026-5282 |
HIGH
|
8.1 |
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowe… |
240
|
2026-04-01 |
| CVE-2026-5281 |
HIGH
|
8.8 |
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remot… |
240
|
2026-04-01 |
| CVE-2026-5280 |
HIGH
|
8.8 |
Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a … |
240
|
2026-04-01 |
| CVE-2026-5279 |
HIGH
|
8.8 |
Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remo… |
240
|
2026-04-01 |
| CVE-2026-5278 |
HIGH
|
8.8 |
Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 … |
240
|
2026-04-01 |
| CVE-2026-5277 |
HIGH
|
7.5 |
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 a… |
240
|
2026-04-01 |
| CVE-2026-5276 |
MED
|
6.5 |
Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.… |
240
|
2026-04-01 |
| CVE-2026-5275 |
HIGH
|
8.8 |
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 a… |
240
|
2026-04-01 |
| CVE-2026-5274 |
HIGH
|
8.8 |
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a r… |
240
|
2026-04-01 |
| CVE-2026-5273 |
MED
|
6.3 |
Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote… |
240
|
2026-04-01 |
| CVE-2026-5272 |
HIGH
|
8.8 |
Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a … |
240
|
2026-04-01 |
| CVE-2025-13855 |
HIGH
|
7.6 |
IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable … |
1
|
2026-04-01 |
| CVE-2026-34784 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34215 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2025-62184 |
LOW
|
3.4 |
Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site… |
7
|
2026-03-31 |
| CVE-2026-24165 |
HIGH
|
7.8 |
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserializat… |
1
|
2026-03-31 |
| CVE-2026-24164 |
HIGH
|
8.8 |
NVIDIA BioNeMo contains a vulnerability where a user could cause a deserializat… |
1
|
2026-03-31 |
| CVE-2026-5087 |
HIGH
|
7.5 |
PAGI::Middleware::Session::Store::Cookie versions through 0.001003 for Perl gen… |
14
|
2026-03-31 |
| CVE-2026-34595 |
MED
|
4.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34574 |
MED
|
5.4 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34573 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34243 |
CRIT
|
9.8 |
wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, a… |
79
|
2026-03-31 |
| CVE-2026-34240 |
HIGH
|
7.5 |
JOSE is a Javascript Object Signing and Encryption (JOSE) library. Prior to ver… |
9
|
2026-03-31 |
| CVE-2026-34221 |
CRIT
|
9.1 |
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and… |
84
|
2026-03-31 |
| CVE-2026-34220 |
CRIT
|
9.8 |
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and… |
84
|
2026-03-31 |
| CVE-2026-22561 |
HIGH
|
7.8 |
Uncontrolled search path elements in Anthropic Claude for Windows installer (Cl… |
44
|
2026-03-31 |
| CVE-2026-34532 |
CRIT
|
9.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34504 |
HIGH
|
8.3 |
OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability … |
84
|
2026-03-31 |
| CVE-2026-34503 |
HIGH
|
8.1 |
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when de… |
84
|
2026-03-31 |
| CVE-2026-34373 |
HIGH
|
8.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34363 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34224 |
MED
|
4.4 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
92
|
2026-03-31 |
| CVE-2026-34210 |
HIGH
|
8.1 |
mppx is a TypeScript interface for machine payments protocol. Prior to version … |
84
|
2026-03-31 |
| CVE-2026-34209 |
HIGH
|
7.5 |
mppx is a TypeScript interface for machine payments protocol. Prior to version … |
84
|
2026-03-31 |
| CVE-2026-34165 |
MED
|
5.0 |
go-git is an extensible git implementation library written in pure Go. From ver… |
96
|
2026-03-31 |
| CVE-2026-33762 |
LOW
|
2.8 |
go-git is an extensible git implementation library written in pure Go. Prior to… |
96
|
2026-03-31 |
| CVE-2026-33581 |
MED
|
6.5 |
OpenClaw before 2026.3.24 contains a sandbox bypass vulnerability in the messag… |
84
|
2026-03-31 |
| CVE-2026-33580 |
MED
|
6.5 |
OpenClaw before 2026.3.28 contains a missing rate limiting vulnerability in the… |
84
|
2026-03-31 |
| CVE-2026-33579 |
CRIT
|
9.9 |
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the … |
84
|
2026-03-31 |
| CVE-2026-33578 |
MED
|
4.3 |
OpenClaw before 2026.3.28 contains a sender policy bypass vulnerability in the … |
84
|
2026-03-31 |
| CVE-2026-33577 |
HIGH
|
8.1 |
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerabili… |
84
|
2026-03-31 |
| CVE-2026-33576 |
MED
|
6.5 |
OpenClaw before 2026.3.28 downloads and stores inbound media from Zalo channels… |
84
|
2026-03-31 |
| CVE-2026-34506 |
MED
|
4.3 |
OpenClaw before 2026.3.8 contains a sender allowlist bypass vulnerability in it… |
84
|
2026-03-31 |
| CVE-2026-34505 |
MED
|
6.5 |
OpenClaw before 2026.3.12 applies rate limiting only after successful webhook a… |
84
|
2026-03-31 |
| CVE-2026-32988 |
HIGH
|
7.5 |
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in f… |
84
|
2026-03-31 |
| CVE-2026-32982 |
HIGH
|
7.5 |
OpenClaw before 2026.3.13 contains an information disclosure vulnerability in t… |
84
|
2026-03-31 |
| CVE-2026-32977 |
MED
|
6.3 |
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in t… |
84
|
2026-03-31 |
| CVE-2026-32976 |
MED
|
6.5 |
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowi… |
84
|
2026-03-31 |
| CVE-2026-32971 |
HIGH
|
7.1 |
OpenClaw before 2026.3.11 contains an approval-integrity vulnerability in node-… |
84
|
2026-03-31 |
| CVE-2026-32970 |
LOW
|
2.5 |
OpenClaw before 2026.3.11 contains a credential fallback vulnerability where un… |
84
|
2026-03-31 |
| CVE-2026-32921 |
MED
|
6.3 |
OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.ru… |
84
|
2026-03-31 |
| CVE-2026-32920 |
HIGH
|
8.4 |
OpenClaw before 2026.3.12 automatically discovers and loads plugins from .OpenC… |
84
|
2026-03-31 |
| CVE-2026-32917 |
CRIT
|
9.8 |
OpenClaw before 2026.3.13 contains a remote command injection vulnerability in … |
84
|
2026-03-31 |
| CVE-2026-32916 |
CRIT
|
9.4 |
OpenClaw versions 2026.3.7 before 2026.3.11 contain an authorization bypass vul… |
84
|
2026-03-31 |
| CVE-2026-34073 |
MED
|
5.3 |
cryptography is a package designed to expose cryptographic primitives and recip… |
79
|
2026-03-31 |
| CVE-2026-5115 |
HIGH
|
7.5 |
The PaperCut NG/MF (specifically, the embedded application for Konica Minolta d… |
1
|
2026-03-31 |
| CVE-2026-4794 |
MED
|
4.8 |
Multiple cross-site scripting (XSS) vulnerabilities in PaperCut NG/MF before 25… |
1
|
2026-03-31 |
| CVE-2026-33995 |
MED
|
5.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33987 |
HIGH
|
7.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33986 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33985 |
MED
|
5.9 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33984 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33983 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33982 |
HIGH
|
7.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33977 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-33952 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-03-30 |
| CVE-2026-34714 |
CRIT
|
9.2 |
Vim before 9.2.0272 allows code execution that happens immediately upon opening… |
14
|
2026-03-30 |
| CVE-2026-28528 |
MED
|
4.6 |
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulne… |
1
|
2026-03-30 |
| CVE-2026-28527 |
LOW
|
3.5 |
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulne… |
1
|
2026-03-30 |
| CVE-2026-28526 |
LOW
|
3.5 |
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulne… |
1
|
2026-03-30 |
| CVE-2026-5119 |
MED
|
5.9 |
A flaw was found in libsoup. When establishing HTTPS tunnels through a configur… |
15
|
2026-03-30 |
| CVE-2026-2370 |
HIGH
|
8.1 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3… |
54
|
2026-03-30 |
| CVE-2018-25221 |
CRIT
|
9.8 |
EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpo… |
1
|
2026-03-28 |
| CVE-2017-20229 |
CRIT
|
9.8 |
MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability th… |
5
|
2026-03-28 |
| CVE-2026-33996 |
MED
|
5.5 |
LibJWT is a C JSON Web Token Library. Starting in version 3.0.0 and prior to ve… |
2
|
2026-03-27 |
| CVE-2026-33976 |
CRIT
|
9.6 |
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.… |
14
|
2026-03-27 |
| CVE-2026-33955 |
HIGH
|
8.6 |
Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross… |
14
|
2026-03-27 |
| CVE-2026-33941 |
HIGH
|
8.2 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-33940 |
HIGH
|
8.1 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-33939 |
HIGH
|
7.5 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-27309 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Fre… |
80
|
2026-03-27 |
| CVE-2026-33938 |
HIGH
|
8.1 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-33937 |
CRIT
|
9.8 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-33916 |
MED
|
4.7 |
Handlebars provides the power necessary to let users build semantic templates. … |
2
|
2026-03-27 |
| CVE-2026-33875 |
CRIT
|
9.3 |
Gematik Authenticator securely authenticates users for login to digital health … |
1
|
2026-03-27 |
| CVE-2026-33873 |
CRIT
|
9.9 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-27 |
| CVE-2026-32187 |
MED
|
4.2 |
Microsoft Edge (Chromium-based) Defense in Depth Vulnerability |
2155
|
2026-03-27 |
| CVE-2026-28369 |
HIGH
|
8.7 |
A flaw was found in Undertow. When Undertow receives an HTTP request where the … |
19
|
2026-03-27 |
| CVE-2026-28368 |
HIGH
|
8.7 |
A flaw was found in Undertow. This vulnerability allows a remote attacker to co… |
19
|
2026-03-27 |
| CVE-2026-33206 |
MED
|
6.3 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-03-27 |
| CVE-2026-33205 |
MED
|
5.5 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-03-27 |
| CVE-2026-27880 |
HIGH
|
7.5 |
The OpenFeature feature toggle evaluation endpoint reads unbounded values into … |
2
|
2026-03-27 |
| CVE-2026-27876 |
CRIT
|
9.1 |
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead t… |
2
|
2026-03-27 |
| CVE-2026-34352 |
HIGH
|
8.5 |
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to obser… |
2
|
2026-03-26 |
| CVE-2026-33687 |
HIGH
|
8.8 |
Sharp is a content management framework built for Laravel as a package. Version… |
2
|
2026-03-26 |
| CVE-2026-33686 |
HIGH
|
8.8 |
Sharp is a content management framework built for Laravel as a package. Version… |
2
|
2026-03-26 |
| CVE-2026-3573 |
HIGH
|
7.5 |
Incorrect Authorization vulnerability in Drupal AI (Artificial Intelligence) al… |
8
|
2026-03-26 |
| CVE-2026-3526 |
MED
|
5.3 |
Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) al… |
120
|
2026-03-26 |
| CVE-2026-3525 |
MED
|
5.3 |
Incorrect Authorization vulnerability in Drupal File Access Fix (deprecated) al… |
120
|
2026-03-26 |
| CVE-2026-33541 |
MED
|
6.5 |
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and S… |
1
|
2026-03-26 |
| CVE-2026-33375 |
MED
|
6.5 |
The Grafana MSSQL data source plugin contains a logic flaw that allows a low-pr… |
1
|
2026-03-26 |
| CVE-2026-2272 |
MED
|
4.3 |
A flaw was found in GIMP. An integer overflow vulnerability exists when process… |
2
|
2026-03-26 |
| CVE-2026-2239 |
LOW
|
2.8 |
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the frea… |
3
|
2026-03-26 |
| CVE-2026-0968 |
CRIT
|
9.8 |
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protoco… |
18
|
2026-03-26 |
| CVE-2026-0967 |
MED
|
5.5 |
A flaw was found in libssh. A remote attacker, by controlling client configurat… |
18
|
2026-03-26 |
| CVE-2026-0965 |
LOW
|
3.3 |
A flaw was found in libssh where it can attempt to open arbitrary files during … |
18
|
2026-03-26 |
| CVE-2026-33536 |
MED
|
5.1 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-26 |
| CVE-2026-33535 |
MED
|
4.0 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-26 |
| CVE-2026-3121 |
MED
|
6.5 |
A flaw was found in Keycloak. An administrator with `manage-clients` permission… |
7
|
2026-03-26 |
| CVE-2026-33495 |
MED
|
6.5 |
ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision … |
7
|
2026-03-26 |
| CVE-2026-33636 |
HIGH
|
7.6 |
LIBPNG is a reference library for use in applications that read, create, and ma… |
11
|
2026-03-26 |
| CVE-2026-33416 |
HIGH
|
7.5 |
LIBPNG is a reference library for use in applications that read, create, and ma… |
11
|
2026-03-26 |
| CVE-2026-33413 |
HIGH
|
8.8 |
etcd is a distributed key-value store for the data of a distributed system. Pri… |
1
|
2026-03-26 |
| CVE-2026-33396 |
CRIT
|
9.9 |
OneUptime is an open-source monitoring and observability platform. Prior to ver… |
15
|
2026-03-26 |
| CVE-2026-33343 |
N/A
|
— |
etcd is a distributed key-value store for the data of a distributed system. Pri… |
1
|
2026-03-26 |
| CVE-2018-25219 |
HIGH
|
8.4 |
PassFab Excel Password Recovery 8.3.1 contains a structured exception handling … |
164
|
2026-03-26 |
| CVE-2018-25218 |
HIGH
|
8.4 |
PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SE… |
86
|
2026-03-26 |
| CVE-2018-25216 |
MED
|
6.2 |
AnyBurn 4.3 contains a local buffer overflow vulnerability that allows local at… |
1
|
2026-03-26 |
| CVE-2018-25215 |
MED
|
5.5 |
Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow v… |
164
|
2026-03-26 |
| CVE-2026-4874 |
LOW
|
3.1 |
A flaw was found in Keycloak. An authenticated attacker can perform Server-Side… |
7
|
2026-03-26 |
| CVE-2026-30892 |
N/A
|
— |
crun is an open source OCI Container Runtime fully written in C. In versions 1.… |
8
|
2026-03-26 |
| CVE-2025-36187 |
MED
|
4.4 |
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1… |
8
|
2026-03-25 |
| CVE-2026-33248 |
MED
|
4.2 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33223 |
MED
|
6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33222 |
MED
|
4.9 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33247 |
HIGH
|
7.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33246 |
MED
|
6.4 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33219 |
MED
|
5.3 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33218 |
HIGH
|
7.5 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33217 |
HIGH
|
7.1 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-33216 |
HIGH
|
8.6 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-29785 |
HIGH
|
7.5 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-03-25 |
| CVE-2026-30587 |
HIGH
|
8.7 |
Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.… |
1
|
2026-03-25 |
| CVE-2026-3988 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5… |
54
|
2026-03-25 |
| CVE-2026-3857 |
HIGH
|
8.1 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1… |
54
|
2026-03-25 |
| CVE-2026-34085 |
MED
|
5.9 |
fontconfig before 2.17.1 has an off-by-one error in allocation during sfnt capa… |
17
|
2026-03-25 |
| CVE-2026-2995 |
HIGH
|
7.7 |
GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 be… |
54
|
2026-03-25 |
| CVE-2026-2973 |
MED
|
5.4 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7… |
54
|
2026-03-25 |
| CVE-2026-2745 |
MED
|
6.8 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11… |
54
|
2026-03-25 |
| CVE-2026-2726 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.1… |
54
|
2026-03-25 |
| CVE-2026-25645 |
MED
|
4.4 |
Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extrac… |
15
|
2026-03-25 |
| CVE-2026-1724 |
MED
|
6.8 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 be… |
54
|
2026-03-25 |
| CVE-2025-14595 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 be… |
54
|
2026-03-25 |
| CVE-2025-13436 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7… |
54
|
2026-03-25 |
| CVE-2025-13078 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1… |
54
|
2026-03-25 |
| CVE-2026-4363 |
LOW
|
3.7 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 be… |
54
|
2026-03-25 |
| CVE-2026-28890 |
MED
|
5.5 |
An out-of-bounds read was addressed with improved bounds checking. This issue i… |
92
|
2026-03-25 |
| CVE-2026-28889 |
MED
|
6.2 |
A permissions issue was addressed with additional restrictions. This issue is f… |
92
|
2026-03-25 |
| CVE-2026-28871 |
MED
|
4.3 |
A logic issue was addressed with improved checks. This issue is fixed in Safari… |
93
|
2026-03-25 |
| CVE-2026-28861 |
MED
|
4.3 |
A logic issue was addressed with improved state management. This issue is fixed… |
93
|
2026-03-25 |
| CVE-2026-28859 |
MED
|
4.3 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-03-25 |
| CVE-2026-28857 |
MED
|
6.5 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-03-25 |
| CVE-2026-20691 |
MED
|
4.3 |
An authorization issue was addressed with improved state management. This issue… |
93
|
2026-03-25 |
| CVE-2026-20665 |
MED
|
6.5 |
This issue was addressed through improved state management. This issue is fixed… |
93
|
2026-03-25 |
| CVE-2026-20664 |
MED
|
4.3 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-03-25 |
| CVE-2026-4371 |
HIGH
|
7.4 |
A malicious mail server could send malformed strings with negative lengths, cau… |
288
|
2026-03-24 |
| CVE-2026-3889 |
MED
|
6.5 |
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and… |
288
|
2026-03-24 |
| CVE-2026-24159 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remo… |
1
|
2026-03-24 |
| CVE-2026-24158 |
HIGH
|
7.5 |
NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint wh… |
1
|
2026-03-24 |
| CVE-2026-24157 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an a… |
1
|
2026-03-24 |
| CVE-2025-33254 |
HIGH
|
7.5 |
NVIDIA Triton Inference Server contains a vulnerability where an attacker may c… |
1
|
2026-03-24 |
| CVE-2025-33238 |
HIGH
|
7.5 |
NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability w… |
1
|
2026-03-24 |
| CVE-2026-33412 |
MED
|
5.6 |
Vim is an open source, command line text editor. Prior to version 9.2.0202, a c… |
14
|
2026-03-24 |
| CVE-2026-33353 |
MED
|
6.5 |
Soft Serve is a self-hostable Git server for the command line. From version 0.6… |
19
|
2026-03-24 |
| CVE-2026-33345 |
MED
|
6.5 |
solidtime is an open-source time-tracking app. Prior to version 0.11.6, the pro… |
14
|
2026-03-24 |
| CVE-2026-33627 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33624 |
LOW
|
2.7 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33539 |
HIGH
|
7.2 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33538 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33527 |
MED
|
4.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33508 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33498 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33429 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33421 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33409 |
CRIT
|
9.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-33323 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-24 |
| CVE-2026-32854 |
HIGH
|
7.5 |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null p… |
3
|
2026-03-24 |
| CVE-2026-32853 |
HIGH
|
8.1 |
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap… |
3
|
2026-03-24 |
| CVE-2026-32647 |
HIGH
|
7.8 |
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_modul… |
3
|
2026-03-24 |
| CVE-2026-28755 |
MED
|
5.4 |
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_stream_ssl_mod… |
3
|
2026-03-24 |
| CVE-2026-28753 |
LOW
|
3.7 |
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_mail_smtp_modu… |
3
|
2026-03-24 |
| CVE-2026-27784 |
HIGH
|
7.8 |
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_h… |
2
|
2026-03-24 |
| CVE-2026-27654 |
HIGH
|
8.2 |
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_modul… |
3
|
2026-03-24 |
| CVE-2026-27651 |
HIGH
|
7.5 |
When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Ope… |
3
|
2026-03-24 |
| CVE-2026-33497 |
HIGH
|
7.5 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-24 |
| CVE-2026-33484 |
HIGH
|
7.5 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-24 |
| CVE-2026-4729 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bu… |
302
|
2026-03-24 |
| CVE-2026-4728 |
MED
|
6.5 |
Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affe… |
302
|
2026-03-24 |
| CVE-2026-4727 |
HIGH
|
7.5 |
Denial-of-service in the Libraries component in NSS. This vulnerability affects… |
302
|
2026-03-24 |
| CVE-2026-4726 |
HIGH
|
7.5 |
Denial-of-service in the XML component. This vulnerability affects Firefox < 14… |
302
|
2026-03-24 |
| CVE-2026-4725 |
CRIT
|
10.0 |
Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This … |
302
|
2026-03-24 |
| CVE-2026-4724 |
CRIT
|
9.1 |
Undefined behavior in the Audio/Video component. This vulnerability affects Fir… |
302
|
2026-03-24 |
| CVE-2026-4723 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
302
|
2026-03-24 |
| CVE-2026-4722 |
HIGH
|
8.8 |
Privilege escalation in the IPC component. This vulnerability affects Firefox <… |
302
|
2026-03-24 |
| CVE-2026-4721 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbir… |
302
|
2026-03-24 |
| CVE-2026-4720 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox… |
302
|
2026-03-24 |
| CVE-2026-4719 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics: Text component. This vulnerabili… |
302
|
2026-03-24 |
| CVE-2026-4718 |
HIGH
|
8.1 |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affec… |
302
|
2026-03-24 |
| CVE-2026-4717 |
CRIT
|
9.8 |
Privilege escalation in the Netmonitor component. This vulnerability affects Fi… |
302
|
2026-03-24 |
| CVE-2026-4716 |
CRIT
|
9.1 |
Incorrect boundary conditions, uninitialized memory in the JavaScript Engine co… |
302
|
2026-03-24 |
| CVE-2026-4715 |
CRIT
|
9.1 |
Uninitialized memory in the Graphics: Canvas2D component. This vulnerability af… |
302
|
2026-03-24 |
| CVE-2026-4714 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Audio/Video component. This vulnerability … |
302
|
2026-03-24 |
| CVE-2026-4713 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics component. This vulnerability aff… |
302
|
2026-03-24 |
| CVE-2026-4712 |
HIGH
|
7.5 |
Information disclosure in the Widget: Cocoa component. This vulnerability affec… |
302
|
2026-03-24 |
| CVE-2026-4711 |
CRIT
|
9.8 |
Use-after-free in the Widget: Cocoa component. This vulnerability affects Firef… |
302
|
2026-03-24 |
| CVE-2026-4710 |
CRIT
|
9.8 |
Incorrect boundary conditions in the Audio/Video component. This vulnerability … |
302
|
2026-03-24 |
| CVE-2026-4709 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerabi… |
302
|
2026-03-24 |
| CVE-2026-4708 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics component. This vulnerability aff… |
302
|
2026-03-24 |
| CVE-2026-4707 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnera… |
302
|
2026-03-24 |
| CVE-2026-4706 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnera… |
302
|
2026-03-24 |
| CVE-2026-4705 |
CRIT
|
9.8 |
Undefined behavior in the WebRTC: Signaling component. This vulnerability affec… |
302
|
2026-03-24 |
| CVE-2026-4704 |
HIGH
|
7.5 |
Denial-of-service in the WebRTC: Signaling component. This vulnerability affect… |
302
|
2026-03-24 |
| CVE-2026-4702 |
CRIT
|
9.8 |
JIT miscompilation in the JavaScript Engine component. This vulnerability affec… |
302
|
2026-03-24 |
| CVE-2026-4701 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
302
|
2026-03-24 |
| CVE-2026-4700 |
CRIT
|
9.8 |
Mitigation bypass in the Networking: HTTP component. This vulnerability affects… |
302
|
2026-03-24 |
| CVE-2026-4699 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Layout: Text and Fonts component. This vul… |
302
|
2026-03-24 |
| CVE-2026-4698 |
CRIT
|
9.8 |
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability … |
302
|
2026-03-24 |
| CVE-2026-4697 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vu… |
302
|
2026-03-24 |
| CVE-2026-4696 |
CRIT
|
9.8 |
Use-after-free in the Layout: Text and Fonts component. This vulnerability affe… |
302
|
2026-03-24 |
| CVE-2026-4695 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vu… |
302
|
2026-03-24 |
| CVE-2026-4694 |
HIGH
|
7.5 |
Incorrect boundary conditions, integer overflow in the Graphics component. This… |
302
|
2026-03-24 |
| CVE-2026-4693 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Audio/Video: Playback component. This vuln… |
302
|
2026-03-24 |
| CVE-2026-4692 |
CRIT
|
10.0 |
Sandbox escape in the Responsive Design Mode component. This vulnerability affe… |
302
|
2026-03-24 |
| CVE-2026-4691 |
CRIT
|
9.8 |
Use-after-free in the CSS Parsing and Computation component. This vulnerability… |
302
|
2026-03-24 |
| CVE-2026-4690 |
HIGH
|
8.6 |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XP… |
302
|
2026-03-24 |
| CVE-2026-4689 |
CRIT
|
10.0 |
Sandbox escape due to incorrect boundary conditions, integer overflow in the XP… |
302
|
2026-03-24 |
| CVE-2026-4688 |
CRIT
|
10.0 |
Sandbox escape due to use-after-free in the Disability Access APIs component. T… |
302
|
2026-03-24 |
| CVE-2026-4687 |
HIGH
|
8.6 |
Sandbox escape due to incorrect boundary conditions in the Telemetry component.… |
302
|
2026-03-24 |
| CVE-2026-4686 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnera… |
302
|
2026-03-24 |
| CVE-2026-4685 |
HIGH
|
7.5 |
Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnera… |
302
|
2026-03-24 |
| CVE-2026-4684 |
HIGH
|
7.5 |
Race condition, use-after-free in the Graphics: WebRender component. This vulne… |
302
|
2026-03-24 |
| CVE-2026-33475 |
CRIT
|
9.1 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-24 |
| CVE-2026-33309 |
CRIT
|
9.9 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-24 |
| CVE-2019-25632 |
MED
|
6.2 |
phpFileManager 1.7.8 contains a local file inclusion vulnerability that allows … |
12
|
2026-03-24 |
| CVE-2026-4756 |
HIGH
|
7.8 |
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This is… |
12
|
2026-03-24 |
| CVE-2026-4755 |
CRIT
|
9.8 |
CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects A… |
12
|
2026-03-24 |
| CVE-2026-4754 |
MED
|
6.1 |
CWE-79 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects A… |
12
|
2026-03-24 |
| CVE-2026-33852 |
HIGH
|
7.5 |
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCher… |
12
|
2026-03-24 |
| CVE-2026-33856 |
HIGH
|
7.5 |
Missing Release of Memory after Effective Lifetime vulnerability in MolotovCher… |
12
|
2026-03-24 |
| CVE-2026-33855 |
MED
|
5.5 |
Integer Overflow or Wraparound vulnerability in MolotovCherry Android-ImageMagi… |
12
|
2026-03-24 |
| CVE-2026-33854 |
HIGH
|
8.8 |
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This is… |
12
|
2026-03-24 |
| CVE-2026-33853 |
MED
|
5.5 |
NULL Pointer Dereference vulnerability in MolotovCherry Android-ImageMagick7.Th… |
12
|
2026-03-24 |
| CVE-2026-33308 |
MED
|
6.8 |
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. Prior to version 0… |
14
|
2026-03-24 |
| CVE-2026-33307 |
HIGH
|
7.5 |
Mod_gnutls is a TLS module for Apache HTTPD based on GnuTLS. In versions prior … |
14
|
2026-03-24 |
| CVE-2026-4680 |
HIGH
|
8.8 |
Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remo… |
225
|
2026-03-24 |
| CVE-2026-4679 |
HIGH
|
8.8 |
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a re… |
225
|
2026-03-24 |
| CVE-2026-4678 |
HIGH
|
8.8 |
Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a rem… |
225
|
2026-03-24 |
| CVE-2026-4677 |
HIGH
|
8.8 |
Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.1… |
225
|
2026-03-24 |
| CVE-2026-4676 |
HIGH
|
8.8 |
Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remot… |
225
|
2026-03-24 |
| CVE-2026-4675 |
HIGH
|
8.8 |
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed … |
225
|
2026-03-24 |
| CVE-2026-4674 |
HIGH
|
8.8 |
Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a re… |
225
|
2026-03-24 |
| CVE-2026-4673 |
HIGH
|
8.8 |
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allow… |
225
|
2026-03-24 |
| CVE-2026-3055 |
CRIT
|
9.8 |
Insufficient input validation in NetScaler ADC and NetScaler Gateway when confi… |
159
|
2026-03-23 |
| CVE-2024-51226 |
MED
|
6.1 |
A stored cross-site scripting (XSS) vulnerability in the component /admin/searc… |
12
|
2026-03-23 |
| CVE-2024-51225 |
MED
|
4.8 |
A stored cross-site scripting (XSS) vulnerability in the component /admin/add-b… |
12
|
2026-03-23 |
| CVE-2024-51224 |
MED
|
4.8 |
Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edi… |
12
|
2026-03-23 |
| CVE-2024-51223 |
MED
|
4.8 |
A stored cross-site scripting (XSS) vulnerability in the component /admin/profi… |
12
|
2026-03-23 |
| CVE-2024-51222 |
MED
|
4.8 |
A stored cross-site scripting (XSS) vulnerability in the component /admin/profi… |
12
|
2026-03-23 |
| CVE-2026-4647 |
MED
|
6.1 |
A flaw was found in the GNU Binutils BFD library, a widely used component for h… |
60
|
2026-03-23 |
| CVE-2019-25614 |
CRIT
|
9.8 |
Free Float FTP 1.0 contains a buffer overflow vulnerability in the STOR command… |
1
|
2026-03-22 |
| CVE-2019-25579 |
HIGH
|
7.5 |
phpTransformer 2016.9 contains a directory traversal vulnerability that allows … |
12
|
2026-03-21 |
| CVE-2019-25578 |
HIGH
|
8.2 |
phpTransformer 2016.9 contains an SQL injection vulnerability that allows remot… |
12
|
2026-03-21 |
| CVE-2019-25570 |
MED
|
5.5 |
RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability th… |
8
|
2026-03-21 |
| CVE-2019-25569 |
MED
|
6.2 |
RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulner… |
8
|
2026-03-21 |
| CVE-2026-33179 |
MED
|
5.5 |
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 … |
12
|
2026-03-20 |
| CVE-2026-33156 |
HIGH
|
7.8 |
ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, Scre… |
5
|
2026-03-20 |
| CVE-2026-33150 |
HIGH
|
7.8 |
libfuse is the reference implementation of the Linux FUSE. From version 3.18.0 … |
12
|
2026-03-20 |
| CVE-2026-33147 |
HIGH
|
7.3 |
GMT is an open source collection of command-line tools for manipulating geograp… |
46
|
2026-03-20 |
| CVE-2026-33143 |
HIGH
|
7.5 |
OneUptime is a solution for monitoring and managing online services. Prior to v… |
15
|
2026-03-20 |
| CVE-2026-33142 |
HIGH
|
8.1 |
OneUptime is a solution for monitoring and managing online services. Prior to v… |
15
|
2026-03-20 |
| CVE-2026-32710 |
HIGH
|
8.5 |
MariaDB server is a community developed fork of MySQL server. An authenticated … |
1
|
2026-03-20 |
| CVE-2026-31836 |
HIGH
|
8.1 |
Checkmate is an open-source, self-hosted tool designed to track and monitor ser… |
1
|
2026-03-20 |
| CVE-2026-4434 |
HIGH
|
8.1 |
Improper certificate validation in the PAM propagation WinRM connections
allow… |
3
|
2026-03-20 |
| CVE-2026-25792 |
MED
|
6.5 |
Greenshot is an open source Windows screenshot utility. Versions 1.3.312 and be… |
4
|
2026-03-20 |
| CVE-2026-33130 |
MED
|
6.5 |
Uptime Kuma is an open source, self-hosted monitoring tool. In versions 1.23.0 … |
14
|
2026-03-20 |
| CVE-2026-33080 |
HIGH
|
7.3 |
Filament is a collection of full-stack components for accelerated Laravel devel… |
12
|
2026-03-20 |
| CVE-2026-33068 |
HIGH
|
8.8 |
Claude Code is an agentic coding tool. Versions prior to 2.1.53 resolved the pe… |
50
|
2026-03-20 |
| CVE-2026-33056 |
MED
|
6.5 |
tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 an… |
15
|
2026-03-20 |
| CVE-2026-33055 |
HIGH
|
8.1 |
tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and b… |
15
|
2026-03-20 |
| CVE-2026-33053 |
HIGH
|
8.8 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-20 |
| CVE-2026-33017 |
CRIT
|
9.8 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-03-20 |
| CVE-2026-32935 |
MED
|
5.9 |
phpseclib is a PHP secure communications library. Projects using versions 1.0.2… |
12
|
2026-03-20 |
| CVE-2026-21992 |
CRIT
|
9.8 |
Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middlewar… |
140
|
2026-03-20 |
| CVE-2026-4464 |
HIGH
|
8.8 |
Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a re… |
222
|
2026-03-20 |
| CVE-2026-4463 |
HIGH
|
8.8 |
Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed… |
222
|
2026-03-20 |
| CVE-2026-4462 |
HIGH
|
8.8 |
Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a … |
222
|
2026-03-20 |
| CVE-2026-4461 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 all… |
222
|
2026-03-20 |
| CVE-2026-4460 |
HIGH
|
8.8 |
Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a r… |
222
|
2026-03-20 |
| CVE-2026-4459 |
HIGH
|
8.8 |
Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.1… |
222
|
2026-03-20 |
| CVE-2026-4458 |
HIGH
|
8.8 |
Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed a… |
222
|
2026-03-20 |
| CVE-2026-4457 |
HIGH
|
8.8 |
Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote … |
222
|
2026-03-20 |
| CVE-2026-4456 |
HIGH
|
8.8 |
Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.… |
222
|
2026-03-20 |
| CVE-2026-4455 |
HIGH
|
8.8 |
Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed… |
222
|
2026-03-20 |
| CVE-2026-4454 |
HIGH
|
8.8 |
Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a re… |
222
|
2026-03-20 |
| CVE-2026-4453 |
MED
|
4.3 |
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowe… |
222
|
2026-03-20 |
| CVE-2026-4452 |
HIGH
|
8.8 |
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 a… |
222
|
2026-03-20 |
| CVE-2026-4451 |
HIGH
|
8.8 |
Insufficient validation of untrusted input in Navigation in Google Chrome prior… |
222
|
2026-03-20 |
| CVE-2026-4450 |
HIGH
|
8.8 |
Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a re… |
222
|
2026-03-20 |
| CVE-2026-4449 |
HIGH
|
8.8 |
Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remo… |
222
|
2026-03-20 |
| CVE-2026-4448 |
HIGH
|
8.8 |
Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed … |
222
|
2026-03-20 |
| CVE-2026-4447 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 all… |
222
|
2026-03-20 |
| CVE-2026-4446 |
HIGH
|
8.8 |
Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a rem… |
222
|
2026-03-20 |
| CVE-2026-4445 |
HIGH
|
8.8 |
Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a rem… |
222
|
2026-03-20 |
| CVE-2026-4444 |
HIGH
|
8.8 |
Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowe… |
222
|
2026-03-20 |
| CVE-2026-4443 |
HIGH
|
8.8 |
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allow… |
222
|
2026-03-20 |
| CVE-2026-4442 |
HIGH
|
8.8 |
Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a … |
222
|
2026-03-20 |
| CVE-2026-4441 |
HIGH
|
8.8 |
Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remot… |
222
|
2026-03-20 |
| CVE-2026-4440 |
HIGH
|
8.8 |
Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 … |
222
|
2026-03-20 |
| CVE-2026-4439 |
HIGH
|
8.8 |
Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0… |
222
|
2026-03-20 |
| CVE-2026-32881 |
MED
|
5.3 |
ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.… |
1
|
2026-03-20 |
| CVE-2026-26139 |
HIGH
|
8.6 |
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized … |
2267
|
2026-03-19 |
| CVE-2026-26138 |
HIGH
|
8.6 |
Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized … |
2267
|
2026-03-19 |
| CVE-2026-26137 |
CRIT
|
9.9 |
Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized a… |
2267
|
2026-03-19 |
| CVE-2026-26136 |
MED
|
6.5 |
Improper neutralization of special elements used in a command ('command injecti… |
2267
|
2026-03-19 |
| CVE-2026-26120 |
MED
|
6.5 |
Server-side request forgery (ssrf) in Microsoft Bing allows an unauthorized att… |
2267
|
2026-03-19 |
| CVE-2026-24299 |
MED
|
5.3 |
Improper neutralization of special elements used in a command ('command injecti… |
2267
|
2026-03-19 |
| CVE-2026-23659 |
HIGH
|
8.6 |
Exposure of sensitive information to an unauthorized actor in Azure Data Factor… |
2267
|
2026-03-19 |
| CVE-2026-23658 |
HIGH
|
8.6 |
Insufficiently protected credentials in Azure DevOps allows an unauthorized att… |
2267
|
2026-03-19 |
| CVE-2026-26940 |
MED
|
6.5 |
Improper Validation of Specified Quantity in Input (CWE-1284) in the Timelion v… |
1
|
2026-03-19 |
| CVE-2026-26939 |
MED
|
6.5 |
Missing Authorization (CWE-862) in Kibana’s server-side Detection Rule Manageme… |
1
|
2026-03-19 |
| CVE-2026-30403 |
HIGH
|
7.5 |
There is an arbitrary file read vulnerability in the test connection function o… |
23
|
2026-03-19 |
| CVE-2026-30404 |
HIGH
|
7.5 |
The backend database management connection test feature in wgcloud v3.6.3 has a… |
23
|
2026-03-19 |
| CVE-2026-30402 |
CRIT
|
9.8 |
An issue in wgcloud v.2.3.7 and before allows a remote attacker to execute arbi… |
23
|
2026-03-19 |
| CVE-2025-69720 |
HIGH
|
7.3 |
The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based … |
9
|
2026-03-19 |
| CVE-2024-42210 |
HIGH
|
7.6 |
A Stored cross-site scripting (XSS) vulnerability affects HCL Unica Marketing O… |
4
|
2026-03-19 |
| CVE-2025-15031 |
CRIT
|
9.1 |
A vulnerability in MLflow's pyfunc extraction process allows for arbitrary file… |
8
|
2026-03-18 |
| CVE-2026-33163 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-33042 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32944 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32943 |
LOW
|
3.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32886 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32878 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32770 |
MED
|
5.9 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32742 |
MED
|
4.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32728 |
HIGH
|
7.6 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-18 |
| CVE-2026-32636 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-18 |
| CVE-2026-31972 |
CRIT
|
9.8 |
SAMtools is a program for reading, manipulating and writing bioinformatics file… |
1
|
2026-03-18 |
| CVE-2026-4396 |
HIGH
|
8.1 |
Improper certificate validation in Devolutions Hub Reporting Service
2025.3.1.… |
2
|
2026-03-18 |
| CVE-2026-32634 |
HIGH
|
8.1 |
Glances is an open-source system cross-platform monitoring tool. Prior to versi… |
1
|
2026-03-18 |
| CVE-2026-32633 |
CRIT
|
9.1 |
Glances is an open-source system cross-platform monitoring tool. Prior to versi… |
1
|
2026-03-18 |
| CVE-2026-32632 |
MED
|
5.9 |
Glances is an open-source system cross-platform monitoring tool. Glances recent… |
1
|
2026-03-18 |
| CVE-2026-32611 |
HIGH
|
7.0 |
Glances is an open-source system cross-platform monitoring tool. The GHSA-x46r … |
1
|
2026-03-18 |
| CVE-2026-27135 |
HIGH
|
7.5 |
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C.… |
1
|
2026-03-18 |
| CVE-2026-26740 |
HIGH
|
8.2 |
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cau… |
7
|
2026-03-18 |
| CVE-2026-32610 |
HIGH
|
8.1 |
Glances is an open-source system cross-platform monitoring tool. Prior to versi… |
1
|
2026-03-18 |
| CVE-2026-32609 |
HIGH
|
7.5 |
Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x … |
1
|
2026-03-18 |
| CVE-2026-32608 |
HIGH
|
7.0 |
Glances is an open-source system cross-platform monitoring tool. The Glances ac… |
1
|
2026-03-18 |
| CVE-2026-32596 |
HIGH
|
7.5 |
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2… |
1
|
2026-03-18 |
| CVE-2026-4366 |
MED
|
5.8 |
A flaw was identified in Keycloak, an identity and access management solution, … |
7
|
2026-03-18 |
| CVE-2026-31938 |
CRIT
|
9.6 |
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user… |
13
|
2026-03-18 |
| CVE-2026-31898 |
HIGH
|
8.1 |
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user… |
13
|
2026-03-18 |
| CVE-2026-31891 |
HIGH
|
7.7 |
Cockpit is a headless content management system. Any Cockpit CMS instance runni… |
15
|
2026-03-18 |
| CVE-2026-27459 |
CRIT
|
9.8 |
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 2… |
25
|
2026-03-18 |
| CVE-2026-27448 |
MED
|
5.3 |
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0… |
31
|
2026-03-18 |
| CVE-2026-21994 |
CRIT
|
9.8 |
Vulnerability in the Oracle Edge Cloud Infrastructure Designer and Visualisatio… |
140
|
2026-03-17 |
| CVE-2026-4064 |
HIGH
|
8.3 |
Missing authorization checks on multiple gRPC service endpoints in PowerShell U… |
11
|
2026-03-17 |
| CVE-2026-3563 |
MED
|
5.5 |
Improper input validation in the apps and endpoints configuration in PowerShell… |
11
|
2026-03-17 |
| CVE-2026-32981 |
HIGH
|
7.5 |
A path traversal vulnerability was identified in Ray Dashboard (default port 82… |
44
|
2026-03-17 |
| CVE-2026-22882 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2026-20726 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-66633 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-66617 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-66503 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-66342 |
HIGH
|
7.8 |
A type confusion vulnerability exists in the EMF functionality of Canva Affinit… |
2
|
2026-03-17 |
| CVE-2025-66042 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-66000 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-65119 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-64776 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-64735 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-64733 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-64301 |
HIGH
|
7.8 |
An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva A… |
2
|
2026-03-17 |
| CVE-2025-62500 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-62403 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-61979 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-61952 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-58427 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2025-47873 |
MED
|
6.1 |
An out-of-bounds read vulnerability exists in the EMF functionality of Canva Af… |
2
|
2026-03-17 |
| CVE-2026-4271 |
MED
|
5.3 |
A flaw was found in libsoup, a library for handling HTTP requests. This vulnera… |
15
|
2026-03-17 |
| CVE-2025-31966 |
LOW
|
2.7 |
HCL Sametime is vulnerable to broken server-side validation. While the applicat… |
15
|
2026-03-17 |
| CVE-2026-3634 |
LOW
|
3.9 |
A flaw was found in libsoup. An attacker controlling the value used to set the … |
15
|
2026-03-17 |
| CVE-2026-3633 |
LOW
|
3.9 |
A flaw was found in libsoup. A remote attacker, by controlling the method param… |
15
|
2026-03-17 |
| CVE-2026-3632 |
LOW
|
3.9 |
A flaw was found in libsoup, a library used by applications to send network req… |
15
|
2026-03-17 |
| CVE-2025-69693 |
MED
|
5.4 |
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60d… |
3
|
2026-03-16 |
| CVE-2026-3442 |
MED
|
6.1 |
A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overf… |
60
|
2026-03-16 |
| CVE-2026-3441 |
MED
|
6.1 |
A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability… |
60
|
2026-03-16 |
| CVE-2026-3086 |
HIGH
|
7.8 |
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerab… |
1
|
2026-03-16 |
| CVE-2026-3085 |
HIGH
|
8.8 |
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnera… |
1
|
2026-03-16 |
| CVE-2026-3084 |
HIGH
|
7.8 |
GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerabil… |
1
|
2026-03-16 |
| CVE-2026-3083 |
HIGH
|
8.8 |
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability.… |
1
|
2026-03-16 |
| CVE-2026-3082 |
HIGH
|
7.8 |
GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerab… |
1
|
2026-03-16 |
| CVE-2026-3081 |
HIGH
|
7.8 |
GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution … |
1
|
2026-03-16 |
| CVE-2026-32600 |
HIGH
|
8.2 |
xml-security is a library that implements XML signatures and encryption. Prior … |
12
|
2026-03-16 |
| CVE-2026-32594 |
HIGH
|
7.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-16 |
| CVE-2026-2923 |
HIGH
|
7.8 |
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability… |
1
|
2026-03-16 |
| CVE-2026-2922 |
HIGH
|
7.8 |
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerabi… |
1
|
2026-03-16 |
| CVE-2026-2921 |
HIGH
|
7.8 |
GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. Th… |
1
|
2026-03-16 |
| CVE-2026-2920 |
HIGH
|
7.8 |
GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerab… |
1
|
2026-03-16 |
| CVE-2026-2476 |
HIGH
|
7.6 |
Mattermost Plugins versions <=2.0.3.0 fail to properly mask sensitive configura… |
97
|
2026-03-16 |
| CVE-2026-2461 |
MED
|
4.3 |
Mattermost Plugins versions <=11.3 11.0.3 11.2.2 10.10.11.0 fail to implement a… |
1
|
2026-03-16 |
| CVE-2026-0385 |
MED
|
5.0 |
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability |
2148
|
2026-03-16 |
| CVE-2026-3910 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allo… |
218
|
2026-03-13 |
| CVE-2026-3909 |
HIGH
|
8.8 |
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a r… |
220
|
2026-03-13 |
| CVE-2026-32745 |
MED
|
6.3 |
In JetBrains Datalore before 2026.1 session hijacking was possible due to missi… |
30
|
2026-03-13 |
| CVE-2026-32598 |
MED
|
6.5 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-13 |
| CVE-2026-32308 |
HIGH
|
7.6 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-13 |
| CVE-2026-32306 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-13 |
| CVE-2026-31897 |
N/A
|
— |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-31885 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-31884 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-31883 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-31864 |
MED
|
6.8 |
JumpServer is an open source bastion host and an operation and maintenance secu… |
1
|
2026-03-13 |
| CVE-2026-31806 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-31798 |
MED
|
5.0 |
JumpServer is an open source bastion host and an operation and maintenance secu… |
1
|
2026-03-13 |
| CVE-2026-30961 |
MED
|
4.3 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-13 |
| CVE-2026-30955 |
MED
|
6.5 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-13 |
| CVE-2026-30943 |
MED
|
4.1 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-13 |
| CVE-2026-30853 |
MED
|
5.0 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-03-13 |
| CVE-2026-29776 |
LOW
|
3.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-29775 |
MED
|
5.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-29774 |
MED
|
5.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.… |
1
|
2026-03-13 |
| CVE-2026-0957 |
HIGH
|
7.8 |
There is a memory corruption vulnerability due to an out-of-bounds write when l… |
47
|
2026-03-13 |
| CVE-2026-0956 |
HIGH
|
7.8 |
There is a memory corruption vulnerability due to an out-of-bounds read when lo… |
47
|
2026-03-13 |
| CVE-2026-0955 |
HIGH
|
7.8 |
There is a memory corruption vulnerability due to an out-of-bounds read when lo… |
47
|
2026-03-13 |
| CVE-2026-0954 |
HIGH
|
7.8 |
There is a memory corruption vulnerability due to an out-of-bounds write when l… |
47
|
2026-03-13 |
| CVE-2026-32274 |
HIGH
|
7.5 |
Black is the uncompromising Python code formatter. Prior to 26.3.1, Black write… |
86
|
2026-03-12 |
| CVE-2026-32269 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
4
|
2026-03-12 |
| CVE-2026-32259 |
MED
|
6.7 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-12 |
| CVE-2026-32249 |
MED
|
5.3 |
Vim is an open source, command line text editor. From 9.1.0011 to before 9.2.01… |
13
|
2026-03-12 |
| CVE-2026-32248 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-12 |
| CVE-2026-32242 |
HIGH
|
7.4 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-12 |
| CVE-2026-32230 |
MED
|
5.3 |
Uptime Kuma is an open source, self-hosted monitoring tool. From 2.0.0 to 2.1.3… |
14
|
2026-03-12 |
| CVE-2026-25529 |
HIGH
|
8.1 |
Postal is an open source SMTP server. Postal versions less than 3.3.5 had a HTM… |
1
|
2026-03-12 |
| CVE-2019-25543 |
HIGH
|
8.2 |
Netartmedia Real Estate Portal 5.0 contains an SQL injection vulnerability that… |
15
|
2026-03-12 |
| CVE-2019-25542 |
HIGH
|
8.2 |
Netartmedia Real Estate Portal 5.0 contains a SQL injection vulnerability that … |
15
|
2026-03-12 |
| CVE-2019-25541 |
HIGH
|
8.2 |
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that a… |
27
|
2026-03-12 |
| CVE-2019-25540 |
HIGH
|
8.2 |
Netartmedia PHP Mall 4.1 contains multiple SQL injection vulnerabilities that a… |
27
|
2026-03-12 |
| CVE-2019-25520 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an authentication bypass vul… |
12
|
2026-03-12 |
| CVE-2019-25519 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25518 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25517 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25516 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V1 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25515 |
HIGH
|
7.5 |
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vul… |
12
|
2026-03-12 |
| CVE-2019-25514 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25513 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25512 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25511 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25510 |
HIGH
|
8.2 |
Jettweb PHP Hazir Haber Sitesi Scripti V2 contains an authentication bypass vul… |
12
|
2026-03-12 |
| CVE-2019-25508 |
HIGH
|
8.2 |
Jettweb Php Hazir Ilan Sitesi Scripti V2 contains an SQL injection vulnerabilit… |
12
|
2026-03-12 |
| CVE-2019-25488 |
HIGH
|
8.2 |
Jettweb Hazir Rent A Car Scripti V4 contains multiple SQL injection vulnerabili… |
12
|
2026-03-12 |
| CVE-2019-25482 |
HIGH
|
8.2 |
Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 contains an SQL injection vulner… |
12
|
2026-03-12 |
| CVE-2026-3099 |
MED
|
5.8 |
A flaw was found in Libsoup. The server-side digest authentication implementati… |
15
|
2026-03-12 |
| CVE-2026-1182 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14… |
54
|
2026-03-12 |
| CVE-2023-43010 |
HIGH
|
8.8 |
The issue was addressed with improved memory handling. This issue is fixed in i… |
93
|
2026-03-12 |
| CVE-2026-3942 |
MED
|
4.3 |
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.… |
216
|
2026-03-11 |
| CVE-2026-3941 |
MED
|
4.3 |
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.768… |
216
|
2026-03-11 |
| CVE-2026-3940 |
MED
|
5.3 |
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.768… |
216
|
2026-03-11 |
| CVE-2026-3939 |
MED
|
5.3 |
Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 … |
216
|
2026-03-11 |
| CVE-2026-3938 |
MED
|
4.3 |
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.76… |
216
|
2026-03-11 |
| CVE-2026-3937 |
MED
|
6.5 |
Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7… |
216
|
2026-03-11 |
| CVE-2026-3936 |
HIGH
|
8.8 |
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 al… |
216
|
2026-03-11 |
| CVE-2026-3935 |
MED
|
6.5 |
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71… |
216
|
2026-03-11 |
| CVE-2026-3934 |
MED
|
6.5 |
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0… |
216
|
2026-03-11 |
| CVE-2026-3932 |
HIGH
|
7.5 |
Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146… |
216
|
2026-03-11 |
| CVE-2026-3931 |
HIGH
|
8.8 |
Heap buffer overflow in Skia in Google Chrome prior to 146.0.7680.71 allowed a … |
216
|
2026-03-11 |
| CVE-2026-3930 |
MED
|
5.3 |
Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 … |
216
|
2026-03-11 |
| CVE-2026-3929 |
LOW
|
3.1 |
Side-channel information leakage in ResourceTiming in Google Chrome prior to 14… |
216
|
2026-03-11 |
| CVE-2026-3928 |
MED
|
4.3 |
Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7… |
216
|
2026-03-11 |
| CVE-2026-3927 |
MED
|
4.3 |
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.… |
216
|
2026-03-11 |
| CVE-2026-3926 |
HIGH
|
8.8 |
Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remo… |
216
|
2026-03-11 |
| CVE-2026-3925 |
MED
|
4.3 |
Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 1… |
216
|
2026-03-11 |
| CVE-2026-3924 |
HIGH
|
7.5 |
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed … |
216
|
2026-03-11 |
| CVE-2026-3923 |
HIGH
|
8.8 |
Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a rem… |
216
|
2026-03-11 |
| CVE-2026-3922 |
HIGH
|
8.8 |
Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a… |
216
|
2026-03-11 |
| CVE-2026-3921 |
HIGH
|
8.8 |
Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed … |
216
|
2026-03-11 |
| CVE-2026-3920 |
HIGH
|
8.8 |
Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 al… |
216
|
2026-03-11 |
| CVE-2026-3919 |
HIGH
|
8.8 |
Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an… |
216
|
2026-03-11 |
| CVE-2026-3918 |
HIGH
|
8.8 |
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remo… |
216
|
2026-03-11 |
| CVE-2026-3917 |
HIGH
|
8.8 |
Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remo… |
216
|
2026-03-11 |
| CVE-2026-3916 |
CRIT
|
9.6 |
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowe… |
216
|
2026-03-11 |
| CVE-2026-3915 |
HIGH
|
8.8 |
Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a… |
216
|
2026-03-11 |
| CVE-2026-3914 |
HIGH
|
8.8 |
Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a rem… |
216
|
2026-03-11 |
| CVE-2026-3913 |
HIGH
|
8.8 |
Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a… |
216
|
2026-03-11 |
| CVE-2026-32112 |
MED
|
6.8 |
ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent… |
1
|
2026-03-11 |
| CVE-2026-32111 |
MED
|
5.3 |
ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent… |
1
|
2026-03-11 |
| CVE-2026-32234 |
MED
|
4.7 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-32098 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31901 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31900 |
CRIT
|
9.8 |
Black is the uncompromising Python code formatter. Black provides a GitHub acti… |
86
|
2026-03-11 |
| CVE-2026-24510 |
MED
|
6.7 |
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an I… |
77
|
2026-03-11 |
| CVE-2026-24508 |
LOW
|
2.5 |
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an I… |
77
|
2026-03-11 |
| CVE-2026-31876 |
MED
|
5.4 |
Notesnook is a note-taking app focused on user privacy & ease of use. Prior to … |
14
|
2026-03-11 |
| CVE-2026-24509 |
LOW
|
3.6 |
Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an I… |
77
|
2026-03-11 |
| CVE-2026-31875 |
MED
|
5.9 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31872 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31871 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31868 |
MED
|
6.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31863 |
LOW
|
3.6 |
Anytype Heart is the middleware library for Anytype. The challenge-based authen… |
12
|
2026-03-11 |
| CVE-2026-31856 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31854 |
HIGH
|
8.8 |
Cursor is a code editor built for programming with AI. Prior to 2.0 ,if a visit… |
14
|
2026-03-11 |
| CVE-2026-31853 |
MED
|
5.7 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-11 |
| CVE-2026-31840 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-11 |
| CVE-2026-31813 |
MED
|
4.8 |
Supabase Auth is a JWT based API for managing users and issuing JWT tokens. Pri… |
1
|
2026-03-11 |
| CVE-2026-20166 |
MED
|
5.4 |
In Splunk Enterprise versions below 10.2.1 and 10.0.4, and Splunk Cloud Platfor… |
4
|
2026-03-11 |
| CVE-2026-20165 |
MED
|
6.3 |
In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splu… |
4
|
2026-03-11 |
| CVE-2026-20164 |
MED
|
6.5 |
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splu… |
4
|
2026-03-11 |
| CVE-2026-20163 |
HIGH
|
7.2 |
In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splu… |
4
|
2026-03-11 |
| CVE-2026-20162 |
MED
|
6.3 |
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splun… |
4
|
2026-03-11 |
| CVE-2025-12555 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1… |
54
|
2026-03-11 |
| CVE-2026-1732 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6… |
54
|
2026-03-11 |
| CVE-2026-1663 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4… |
54
|
2026-03-11 |
| CVE-2026-1230 |
MED
|
4.1 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 1.0 … |
96
|
2026-03-11 |
| CVE-2026-1090 |
HIGH
|
8.7 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6… |
54
|
2026-03-11 |
| CVE-2026-1069 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9… |
54
|
2026-03-11 |
| CVE-2026-0602 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6… |
54
|
2026-03-11 |
| CVE-2025-14513 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1… |
54
|
2026-03-11 |
| CVE-2025-13929 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.0… |
54
|
2026-03-11 |
| CVE-2025-13690 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1… |
54
|
2026-03-11 |
| CVE-2025-12704 |
LOW
|
3.5 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 be… |
54
|
2026-03-11 |
| CVE-2025-12697 |
LOW
|
2.2 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5… |
54
|
2026-03-11 |
| CVE-2025-12576 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.3 … |
54
|
2026-03-11 |
| CVE-2026-32229 |
MED
|
6.8 |
In JetBrains Hub before 2026.1 possible on sign-in account mismatch with non-SS… |
45
|
2026-03-11 |
| CVE-2026-3805 |
HIGH
|
7.5 |
When doing a second SMB request to the same host again, curl would wrongly use
… |
26
|
2026-03-11 |
| CVE-2026-3784 |
MED
|
6.5 |
curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a
s… |
28
|
2026-03-11 |
| CVE-2026-3783 |
MED
|
5.3 |
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer
… |
28
|
2026-03-11 |
| CVE-2026-1965 |
MED
|
6.5 |
libcurl can in some circumstances reuse the wrong connection when asked to do
a… |
28
|
2026-03-11 |
| CVE-2026-3826 |
CRIT
|
9.8 |
IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowin… |
1
|
2026-03-11 |
| CVE-2026-3825 |
MED
|
6.1 |
IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerabilit… |
1
|
2026-03-11 |
| CVE-2026-3824 |
MED
|
6.1 |
IFTOP developed by WellChoose has an Open redirect vulnerability, allowing auth… |
1
|
2026-03-11 |
| CVE-2026-21361 |
HIGH
|
8.1 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21360 |
MED
|
6.8 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21359 |
MED
|
4.7 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21311 |
HIGH
|
8.0 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21310 |
MED
|
5.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21309 |
HIGH
|
7.5 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21297 |
MED
|
4.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21296 |
MED
|
4.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21295 |
LOW
|
3.1 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21294 |
MED
|
5.5 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21293 |
MED
|
5.5 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21292 |
MED
|
5.4 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21291 |
MED
|
4.8 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21290 |
HIGH
|
8.7 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21289 |
HIGH
|
7.5 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21286 |
MED
|
5.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21285 |
MED
|
4.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21284 |
HIGH
|
8.1 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-21282 |
MED
|
5.3 |
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15,… |
75
|
2026-03-11 |
| CVE-2026-27266 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27265 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27262 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27257 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27256 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27255 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27254 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27253 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27252 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27251 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27250 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27249 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27248 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27247 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27244 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27242 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27241 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27240 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27239 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27237 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27236 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27235 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27234 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27233 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27232 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27231 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27230 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27229 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27228 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27226 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27225 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27224 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27223 |
MED
|
5.4 |
Adobe Experience Manager versions 6.5.23 and earlier are affected by a stored C… |
619
|
2026-03-11 |
| CVE-2026-27272 |
HIGH
|
7.8 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds … |
85
|
2026-03-10 |
| CVE-2026-27271 |
HIGH
|
7.8 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by a Heap-based Buff… |
85
|
2026-03-10 |
| CVE-2026-27270 |
MED
|
5.5 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds … |
85
|
2026-03-10 |
| CVE-2026-27268 |
MED
|
5.5 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Out-of-bounds … |
85
|
2026-03-10 |
| CVE-2026-27267 |
HIGH
|
7.8 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by a Stack-based Buf… |
85
|
2026-03-10 |
| CVE-2026-21362 |
HIGH
|
7.8 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds … |
85
|
2026-03-10 |
| CVE-2026-21333 |
HIGH
|
8.6 |
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Sear… |
85
|
2026-03-10 |
| CVE-2026-31829 |
HIGH
|
7.1 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-10 |
| CVE-2026-31828 |
HIGH
|
8.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-27278 |
HIGH
|
7.8 |
Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier ar… |
482
|
2026-03-10 |
| CVE-2026-27221 |
MED
|
5.5 |
Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier ar… |
482
|
2026-03-10 |
| CVE-2026-27220 |
HIGH
|
7.8 |
Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier ar… |
482
|
2026-03-10 |
| CVE-2026-31800 |
CRIT
|
9.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30972 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30967 |
HIGH
|
8.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30966 |
CRIT
|
10.0 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30965 |
CRIT
|
9.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30962 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30949 |
HIGH
|
8.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30948 |
MED
|
5.4 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30947 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30946 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2025-13213 |
MED
|
5.4 |
IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header inject… |
8
|
2026-03-10 |
| CVE-2026-3582 |
MED
|
4.3 |
An Incorrect Authorization vulnerability was identified in GitHub Enterprise Se… |
104
|
2026-03-10 |
| CVE-2026-2713 |
HIGH
|
7.4 |
IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a … |
8
|
2026-03-10 |
| CVE-2026-2266 |
MED
|
5.4 |
An improper neutralization of input vulnerability was identified in GitHub Ente… |
104
|
2026-03-10 |
| CVE-2026-26123 |
MED
|
5.5 |
Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized … |
984
|
2026-03-10 |
| CVE-2025-13219 |
MED
|
5.9 |
IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL… |
8
|
2026-03-10 |
| CVE-2026-28292 |
CRIT
|
9.8 |
`simple-git`, an interface for running git commands in any node.js application,… |
54
|
2026-03-10 |
| CVE-2026-27281 |
MED
|
5.5 |
DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or … |
72
|
2026-03-10 |
| CVE-2026-27280 |
HIGH
|
7.8 |
DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write … |
72
|
2026-03-10 |
| CVE-2026-27279 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bound… |
80
|
2026-03-10 |
| CVE-2026-27277 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Fre… |
80
|
2026-03-10 |
| CVE-2026-27276 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Fre… |
80
|
2026-03-10 |
| CVE-2026-27275 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bound… |
80
|
2026-03-10 |
| CVE-2026-27274 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bound… |
80
|
2026-03-10 |
| CVE-2026-27273 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bound… |
80
|
2026-03-10 |
| CVE-2026-27269 |
HIGH
|
7.8 |
Premiere Pro versions 25.5 and earlier are affected by an out-of-bounds read vu… |
499
|
2026-03-10 |
| CVE-2026-27219 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by an Out-of-bou… |
158
|
2026-03-10 |
| CVE-2026-27218 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-27217 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-27216 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bou… |
158
|
2026-03-10 |
| CVE-2026-27215 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-27214 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-21365 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bou… |
158
|
2026-03-10 |
| CVE-2026-21364 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-21363 |
MED
|
5.5 |
Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointe… |
158
|
2026-03-10 |
| CVE-2026-3854 |
HIGH
|
8.8 |
An improper neutralization of special elements vulnerability was identified in … |
104
|
2026-03-10 |
| CVE-2026-3847 |
HIGH
|
8.8 |
Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed eviden… |
301
|
2026-03-10 |
| CVE-2026-3846 |
MED
|
6.5 |
Same-origin policy bypass in the CSS Parsing and Computation component. This vu… |
301
|
2026-03-10 |
| CVE-2026-3845 |
HIGH
|
8.8 |
Heap buffer overflow in the Audio/Video: Playback component in Firefox for Andr… |
301
|
2026-03-10 |
| CVE-2026-3483 |
HIGH
|
7.8 |
An exposed dangerous method in Ivanti DSM before version 2026.1.1 allows a loca… |
54
|
2026-03-10 |
| CVE-2026-3306 |
MED
|
4.3 |
An improper authorization vulnerability was identified in GitHub Enterprise Ser… |
104
|
2026-03-10 |
| CVE-2026-30970 |
CRIT
|
9.1 |
Coral Server is open collaboration infrastructure that enables communication, c… |
1
|
2026-03-10 |
| CVE-2026-30969 |
CRIT
|
9.1 |
Coral Server is open collaboration infrastructure that enables communication, c… |
1
|
2026-03-10 |
| CVE-2026-30968 |
CRIT
|
9.8 |
Coral Server is open collaboration infrastructure that enables communication, c… |
1
|
2026-03-10 |
| CVE-2026-30959 |
MED
|
5.0 |
OneUptime is a solution for monitoring and managing online services. The resend… |
15
|
2026-03-10 |
| CVE-2026-30958 |
HIGH
|
7.2 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-30957 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-30956 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-30941 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30939 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30938 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30930 |
CRIT
|
9.8 |
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1… |
1
|
2026-03-10 |
| CVE-2026-30928 |
HIGH
|
7.5 |
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1… |
1
|
2026-03-10 |
| CVE-2026-30897 |
MED
|
6.6 |
A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through … |
1
|
2026-03-10 |
| CVE-2026-26148 |
HIGH
|
8.1 |
External initialization of trusted variables or data stores in Azure Entra ID a… |
577
|
2026-03-10 |
| CVE-2026-26144 |
HIGH
|
7.5 |
Improper neutralization of input during web page generation ('cross-site script… |
2267
|
2026-03-10 |
| CVE-2026-26141 |
HIGH
|
7.8 |
Improper authentication in Azure Arc allows an authorized attacker to elevate p… |
588
|
2026-03-10 |
| CVE-2026-26134 |
HIGH
|
7.8 |
Integer overflow or wraparound in Microsoft Office allows an authorized attacke… |
1957
|
2026-03-10 |
| CVE-2026-26131 |
HIGH
|
7.8 |
Incorrect default permissions in .NET allows an authorized attacker to elevate … |
571
|
2026-03-10 |
| CVE-2026-26130 |
HIGH
|
7.5 |
Allocation of resources without limits or throttling in ASP.NET Core allows an … |
571
|
2026-03-10 |
| CVE-2026-26127 |
HIGH
|
7.5 |
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over… |
571
|
2026-03-10 |
| CVE-2026-26121 |
HIGH
|
7.5 |
Server-side request forgery (ssrf) in Azure IoT Explorer allows an unauthorized… |
573
|
2026-03-10 |
| CVE-2026-26118 |
HIGH
|
8.8 |
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized att… |
818
|
2026-03-10 |
| CVE-2026-26117 |
HIGH
|
7.8 |
Authentication bypass using an alternate path or channel in Azure Windows Virtu… |
675
|
2026-03-10 |
| CVE-2026-26116 |
HIGH
|
8.8 |
Improper neutralization of special elements used in an sql command ('sql inject… |
571
|
2026-03-10 |
| CVE-2026-26115 |
HIGH
|
8.8 |
Improper validation of specified type of input in SQL Server allows an authoriz… |
571
|
2026-03-10 |
| CVE-2026-26114 |
HIGH
|
8.8 |
Deserialization of untrusted data in Microsoft Office SharePoint allows an auth… |
571
|
2026-03-10 |
| CVE-2026-26113 |
HIGH
|
8.4 |
Untrusted pointer dereference in Microsoft Office allows an unauthorized attack… |
2273
|
2026-03-10 |
| CVE-2026-26112 |
HIGH
|
7.8 |
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized … |
2274
|
2026-03-10 |
| CVE-2026-26110 |
HIGH
|
8.4 |
Access of resource using incompatible type ('type confusion') in Microsoft Offi… |
2280
|
2026-03-10 |
| CVE-2026-26109 |
HIGH
|
8.4 |
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to… |
2274
|
2026-03-10 |
| CVE-2026-26108 |
HIGH
|
7.8 |
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized att… |
2274
|
2026-03-10 |
| CVE-2026-26107 |
HIGH
|
7.8 |
Use after free in Microsoft Office Excel allows an unauthorized attacker to exe… |
2274
|
2026-03-10 |
| CVE-2026-26106 |
HIGH
|
8.8 |
Improper input validation in Microsoft Office SharePoint allows an authorized a… |
1897
|
2026-03-10 |
| CVE-2026-26105 |
HIGH
|
8.1 |
Improper neutralization of input during web page generation ('cross-site script… |
1897
|
2026-03-10 |
| CVE-2026-25180 |
MED
|
5.5 |
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attac… |
1957
|
2026-03-10 |
| CVE-2026-24641 |
LOW
|
2.7 |
A NULL Pointer Dereference vulnerability [CWE-476] vulnerability in Fortinet Fo… |
1
|
2026-03-10 |
| CVE-2026-24640 |
MED
|
6.6 |
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet… |
1
|
2026-03-10 |
| CVE-2026-24285 |
HIGH
|
7.0 |
Use after free in Windows Win32K allows an authorized attacker to elevate privi… |
1957
|
2026-03-10 |
| CVE-2026-24018 |
HIGH
|
7.8 |
A UNIX symbolic link (Symlink) following vulnerability in Fortinet FortiClientL… |
1
|
2026-03-10 |
| CVE-2026-24017 |
HIGH
|
8.1 |
An Improper Control of Interaction Frequency vulnerability [CWE-799] vulnerabil… |
1
|
2026-03-10 |
| CVE-2026-23665 |
HIGH
|
7.8 |
Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized… |
816
|
2026-03-10 |
| CVE-2026-23664 |
HIGH
|
7.5 |
Improper restriction of communication channel to intended endpoints in Azure Io… |
573
|
2026-03-10 |
| CVE-2026-23662 |
HIGH
|
7.5 |
Missing authentication for critical function in Azure IoT Explorer allows an un… |
573
|
2026-03-10 |
| CVE-2026-23661 |
HIGH
|
7.5 |
Cleartext transmission of sensitive information in Azure IoT Explorer allows an… |
573
|
2026-03-10 |
| CVE-2026-23660 |
HIGH
|
7.8 |
Improper access control in Azure Portal Windows Admin Center allows an authoriz… |
839
|
2026-03-10 |
| CVE-2026-23656 |
MED
|
5.9 |
Insufficient verification of data authenticity in Windows App Installer allows … |
819
|
2026-03-10 |
| CVE-2026-23654 |
HIGH
|
8.8 |
Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoun… |
571
|
2026-03-10 |
| CVE-2026-22629 |
LOW
|
3.7 |
An improper restriction of excessive authentication attempts vulnerability in F… |
1
|
2026-03-10 |
| CVE-2026-22572 |
HIGH
|
7.2 |
An authentication bypass using an alternate path or channel vulnerability in Fo… |
1
|
2026-03-10 |
| CVE-2026-21262 |
HIGH
|
8.8 |
Improper access control in SQL Server allows an authorized attacker to elevate … |
609
|
2026-03-10 |
| CVE-2026-20967 |
HIGH
|
8.8 |
Improper input validation in System Center Operations Manager allows an authori… |
571
|
2026-03-10 |
| CVE-2025-68648 |
HIGH
|
7.2 |
A use of externally-controlled format string vulnerability in Fortinet FortiAna… |
1
|
2026-03-10 |
| CVE-2025-68482 |
MED
|
6.9 |
A improper certificate validation vulnerability in Fortinet FortiAnalyzer 7.6.0… |
1
|
2026-03-10 |
| CVE-2025-66178 |
HIGH
|
7.2 |
A improper neutralization of special elements used in an os command ('os comman… |
1
|
2026-03-10 |
| CVE-2025-55717 |
MED
|
4.0 |
A cleartext storage of sensitive information vulnerability [CWE-312] vulnerabil… |
1
|
2026-03-10 |
| CVE-2025-54820 |
HIGH
|
8.1 |
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet… |
1
|
2026-03-10 |
| CVE-2025-49784 |
MED
|
6.0 |
An improper neutralization of special elements used in an sql command ('sql inj… |
1
|
2026-03-10 |
| CVE-2025-48840 |
MED
|
5.3 |
An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 t… |
1
|
2026-03-10 |
| CVE-2025-48418 |
MED
|
6.7 |
A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.… |
1
|
2026-03-10 |
| CVE-2026-30925 |
HIGH
|
7.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-10 |
| CVE-2026-30921 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-30920 |
HIGH
|
8.6 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-30887 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to 1… |
15
|
2026-03-10 |
| CVE-2026-31802 |
MED
|
5.5 |
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.11, tar (npm)… |
23
|
2026-03-10 |
| CVE-2026-30937 |
MED
|
6.8 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-30936 |
MED
|
5.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-30935 |
MED
|
4.4 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-30931 |
MED
|
6.8 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-30929 |
HIGH
|
7.7 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-30883 |
MED
|
5.7 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28693 |
HIGH
|
8.1 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28692 |
MED
|
4.8 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28691 |
HIGH
|
7.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28690 |
MED
|
6.9 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28689 |
MED
|
6.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28688 |
MED
|
4.0 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28687 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28686 |
MED
|
6.8 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28494 |
HIGH
|
7.1 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-28493 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-03-10 |
| CVE-2026-3638 |
MED
|
5.9 |
Improper access control in user and role restore API endpoints in Devolutions S… |
2
|
2026-03-09 |
| CVE-2025-69648 |
MED
|
6.2 |
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability whe… |
54
|
2026-03-09 |
| CVE-2025-69647 |
MED
|
6.2 |
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability whe… |
54
|
2026-03-09 |
| CVE-2026-3813 |
MED
|
6.3 |
A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6… |
8
|
2026-03-09 |
| CVE-2026-3731 |
MED
|
5.3 |
A weakness has been identified in libssh up to 0.11.3. The impacted element is … |
18
|
2026-03-08 |
| CVE-2026-30863 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-07 |
| CVE-2026-30854 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
4
|
2026-03-07 |
| CVE-2026-30852 |
HIGH
|
7.5 |
Caddy is an extensible server platform that uses TLS by default. From version 2… |
1
|
2026-03-07 |
| CVE-2026-30851 |
HIGH
|
8.1 |
Caddy is an extensible server platform that uses TLS by default. From version 2… |
1
|
2026-03-07 |
| CVE-2026-30850 |
MED
|
5.9 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-07 |
| CVE-2026-30848 |
LOW
|
3.7 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-07 |
| CVE-2026-30838 |
MED
|
6.1 |
league/commonmark is a PHP Markdown parser. Prior to version 2.8.1, the Disallo… |
12
|
2026-03-07 |
| CVE-2026-30832 |
CRIT
|
9.1 |
Soft Serve is a self-hostable Git server for the command line. From version 0.6… |
19
|
2026-03-07 |
| CVE-2026-29786 |
MED
|
6.3 |
node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10, tar can b… |
23
|
2026-03-07 |
| CVE-2026-29784 |
HIGH
|
7.5 |
Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, i… |
10
|
2026-03-07 |
| CVE-2026-29779 |
HIGH
|
7.5 |
UptimeFlare is a serverless uptime monitoring & status page solution, powered b… |
15
|
2026-03-07 |
| CVE-2026-29186 |
HIGH
|
7.7 |
Backstage is an open framework for building developer portals. Prior to version… |
2
|
2026-03-07 |
| CVE-2026-30829 |
MED
|
5.3 |
Checkmate is an open-source, self-hosted tool designed to track and monitor ser… |
1
|
2026-03-07 |
| CVE-2026-30824 |
CRIT
|
9.8 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-07 |
| CVE-2026-30823 |
HIGH
|
8.8 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-07 |
| CVE-2026-30822 |
HIGH
|
7.7 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-07 |
| CVE-2026-30821 |
CRIT
|
9.8 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-07 |
| CVE-2026-30820 |
HIGH
|
8.8 |
Flowise is a drag & drop user interface to build a customized large language mo… |
8
|
2026-03-07 |
| CVE-2026-30244 |
HIGH
|
7.5 |
Plane is an an open-source project management tool. Prior to version 1.2.2, una… |
2
|
2026-03-06 |
| CVE-2026-30242 |
HIGH
|
8.5 |
Plane is an an open-source project management tool. Prior to version 1.2.3, the… |
2
|
2026-03-06 |
| CVE-2026-30835 |
MED
|
5.3 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-06 |
| CVE-2026-30229 |
HIGH
|
7.2 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-06 |
| CVE-2026-30228 |
MED
|
4.9 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-06 |
| CVE-2026-29788 |
HIGH
|
7.5 |
TSPortal is the WikiTide Foundation’s in-house platform used by the Trust and S… |
1
|
2026-03-06 |
| CVE-2026-29182 |
HIGH
|
7.2 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-03-06 |
| CVE-2025-69652 |
MED
|
6.2 |
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort … |
54
|
2026-03-06 |
| CVE-2025-69650 |
HIGH
|
7.5 |
GNU Binutils thru 2.46 readelf contains a double free vulnerability when proces… |
54
|
2026-03-06 |
| CVE-2025-69649 |
HIGH
|
7.5 |
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerabilit… |
54
|
2026-03-06 |
| CVE-2026-29089 |
HIGH
|
8.8 |
TimescaleDB is a time-series database for high-performance real-time analytics … |
14
|
2026-03-06 |
| CVE-2025-69651 |
MED
|
5.5 |
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invali… |
54
|
2026-03-06 |
| CVE-2025-69646 |
MED
|
5.5 |
Binutils objdump contains a denial-of-service vulnerability when processing a c… |
47
|
2026-03-06 |
| CVE-2025-69645 |
MED
|
5.5 |
Binutils objdump contains a denial-of-service vulnerability when processing a c… |
47
|
2026-03-06 |
| CVE-2025-69644 |
MED
|
5.0 |
An issue was discovered in Binutils before 2.46. The objdump contains a denial-… |
54
|
2026-03-06 |
| CVE-2018-25200 |
MED
|
5.3 |
OOP CMS BLOG 1.0 contains a cross-site request forgery vulnerability that allow… |
12
|
2026-03-06 |
| CVE-2018-25199 |
HIGH
|
8.2 |
OOP CMS BLOG 1.0 contains SQL injection vulnerabilities that allow unauthentica… |
12
|
2026-03-06 |
| CVE-2026-29084 |
MED
|
4.6 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-06 |
| CVE-2026-29061 |
MED
|
5.4 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-06 |
| CVE-2026-29060 |
MED
|
5.0 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-06 |
| CVE-2026-28787 |
HIGH
|
8.2 |
OneUptime is a solution for monitoring and managing online services. In version… |
15
|
2026-03-06 |
| CVE-2026-28683 |
HIGH
|
8.7 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-06 |
| CVE-2026-28682 |
MED
|
6.4 |
Gokapi is a self-hosted file sharing server with automatic expiration and encry… |
8
|
2026-03-06 |
| CVE-2026-28727 |
HIGH
|
7.8 |
Local privilege escalation due to insecure Unix socket permissions. The followi… |
31
|
2026-03-06 |
| CVE-2026-28713 |
HIGH
|
7.1 |
Default credentials set for local privileged user in Virtual Appliance. The fol… |
31
|
2026-03-06 |
| CVE-2025-30413 |
MED
|
4.4 |
Credentials are not deleted from Acronis Agent after plan revocation. The follo… |
31
|
2026-03-06 |
| CVE-2025-11792 |
HIGH
|
7.3 |
Local privilege escalation due to DLL hijacking vulnerability. The following pr… |
31
|
2026-03-06 |
| CVE-2025-11791 |
HIGH
|
7.1 |
Sensitive information disclosure and manipulation due to insufficient authoriza… |
31
|
2026-03-06 |
| CVE-2025-11790 |
MED
|
4.4 |
Credentials are not deleted from Acronis Agent after plan revocation. The follo… |
31
|
2026-03-06 |
| CVE-2026-26125 |
HIGH
|
8.6 |
Payment Orchestrator Service Elevation of Privilege Vulnerability |
2275
|
2026-03-05 |
| CVE-2026-26124 |
MED
|
6.7 |
'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate p… |
2267
|
2026-03-05 |
| CVE-2026-26122 |
MED
|
6.5 |
Initialization of a resource with an insecure default in Azure Compute Gallery … |
2267
|
2026-03-05 |
| CVE-2026-23651 |
MED
|
6.7 |
Permissive regular expression in Azure Compute Gallery allows an authorized att… |
2267
|
2026-03-05 |
| CVE-2026-21536 |
CRIT
|
9.8 |
Microsoft Devices Pricing Program Remote Code Execution Vulnerability |
2267
|
2026-03-05 |
| CVE-2026-28413 |
MED
|
5.3 |
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prio… |
1
|
2026-03-05 |
| CVE-2026-28350 |
MED
|
6.1 |
lxml_html_clean is a project for HTML cleaning functionalities copied from `lxm… |
4
|
2026-03-05 |
| CVE-2026-28348 |
MED
|
6.1 |
lxml_html_clean is a project for HTML cleaning functionalities copied from `lxm… |
4
|
2026-03-05 |
| CVE-2026-28343 |
MED
|
6.4 |
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. St… |
1
|
2026-03-05 |
| CVE-2026-28223 |
MED
|
6.1 |
Wagtail is an open source content management system built on Django. Prior to v… |
8
|
2026-03-05 |
| CVE-2026-28222 |
MED
|
6.1 |
Wagtail is an open source content management system built on Django. Prior to v… |
8
|
2026-03-05 |
| CVE-2026-3009 |
HIGH
|
8.1 |
A security flaw in the IdentityBrokerService.performLogin endpoint of Keycloak … |
7
|
2026-03-05 |
| CVE-2026-26418 |
HIGH
|
7.5 |
Missing authentication and authorization in the web API of Tata Consultancy Ser… |
4
|
2026-03-05 |
| CVE-2026-26417 |
HIGH
|
8.1 |
A broken access control vulnerability in the password reset functionality of Ta… |
4
|
2026-03-05 |
| CVE-2026-26416 |
HIGH
|
8.8 |
An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon… |
4
|
2026-03-05 |
| CVE-2026-30798 |
HIGH
|
7.5 |
Insufficient Verification of Data Authenticity, Improper Handling of Exceptiona… |
19
|
2026-03-05 |
| CVE-2026-30797 |
HIGH
|
8.1 |
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk… |
19
|
2026-03-05 |
| CVE-2026-30796 |
HIGH
|
7.5 |
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-serve… |
24
|
2026-03-05 |
| CVE-2026-30795 |
HIGH
|
7.5 |
Cleartext Transmission of Sensitive Information vulnerability in rustdesk-clien… |
19
|
2026-03-05 |
| CVE-2026-30794 |
HIGH
|
8.1 |
Improper Certificate Validation vulnerability in rustdesk-client RustDesk Clien… |
19
|
2026-03-05 |
| CVE-2026-30793 |
CRIT
|
9.8 |
Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Cli… |
19
|
2026-03-05 |
| CVE-2026-30792 |
HIGH
|
8.1 |
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, … |
19
|
2026-03-05 |
| CVE-2026-30790 |
CRIT
|
9.8 |
Improper Restriction of Excessive Authentication Attempts, Use of Password Hash… |
24
|
2026-03-05 |
| CVE-2026-30789 |
CRIT
|
9.8 |
Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient… |
19
|
2026-03-05 |
| CVE-2026-30785 |
MED
|
5.5 |
Improperly Controlled Modification of Object Prototype Attributes ('Prototype P… |
19
|
2026-03-05 |
| CVE-2026-30784 |
CRIT
|
9.8 |
Missing Authorization, Missing Authentication for Critical Function vulnerabili… |
24
|
2026-03-05 |
| CVE-2026-30783 |
CRIT
|
9.8 |
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, … |
19
|
2026-03-05 |
| CVE-2026-3598 |
HIGH
|
7.5 |
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-serv… |
24
|
2026-03-05 |
| CVE-2026-30791 |
HIGH
|
7.5 |
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-clie… |
19
|
2026-03-05 |
| CVE-2025-69534 |
HIGH
|
7.5 |
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like s… |
4
|
2026-03-05 |
| CVE-2026-21786 |
LOW
|
3.3 |
HCL Sametime for iOS is impacted by a sensitive information disclosure. Hostna… |
15
|
2026-03-05 |
| CVE-2026-29053 |
HIGH
|
7.6 |
Ghost is a Node.js content management system. From version 0.7.2 to 6.19.0, spe… |
10
|
2026-03-05 |
| CVE-2026-26034 |
HIGH
|
7.8 |
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an In… |
56
|
2026-03-05 |
| CVE-2026-26033 |
MED
|
6.7 |
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Un… |
56
|
2026-03-05 |
| CVE-2026-3545 |
CRIT
|
9.6 |
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632… |
210
|
2026-03-04 |
| CVE-2026-3544 |
HIGH
|
8.8 |
Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allo… |
210
|
2026-03-04 |
| CVE-2026-3543 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 all… |
210
|
2026-03-04 |
| CVE-2026-3542 |
HIGH
|
8.8 |
Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.763… |
210
|
2026-03-04 |
| CVE-2026-3541 |
HIGH
|
8.8 |
Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 al… |
210
|
2026-03-04 |
| CVE-2026-3540 |
HIGH
|
8.8 |
Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.1… |
210
|
2026-03-04 |
| CVE-2026-3539 |
HIGH
|
8.8 |
Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 all… |
209
|
2026-03-04 |
| CVE-2026-3538 |
HIGH
|
8.8 |
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a rem… |
209
|
2026-03-04 |
| CVE-2026-3537 |
HIGH
|
8.8 |
Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.76… |
209
|
2026-03-04 |
| CVE-2026-3536 |
HIGH
|
8.8 |
Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a re… |
210
|
2026-03-04 |
| CVE-2026-26949 |
MED
|
5.5 |
Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Incorr… |
56
|
2026-03-04 |
| CVE-2026-20149 |
MED
|
6.1 |
A vulnerability in Cisco Webex could have allowed an unauthenticated, remote at… |
123
|
2026-03-04 |
| CVE-2026-20131 |
CRIT
|
10.0 |
A vulnerability in the web-based management interface of Cisco Secure Firewall … |
68
|
2026-03-04 |
| CVE-2019-25503 |
HIGH
|
7.1 |
PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated … |
12
|
2026-03-04 |
| CVE-2026-22760 |
LOW
|
3.3 |
Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Improp… |
56
|
2026-03-04 |
| CVE-2025-15558 |
HIGH
|
8.0 |
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cl… |
54
|
2026-03-04 |
| CVE-2026-22285 |
MED
|
4.4 |
Dell Device Management Agent (DDMA), versions prior to 26.02, contain a Plainte… |
56
|
2026-03-04 |
| CVE-2025-12801 |
MED
|
6.5 |
A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-uti… |
14
|
2026-03-04 |
| CVE-2025-70341 |
HIGH
|
7.8 |
Insecure permissions in App-Auto-Patch v3.4.2 create a race condition which all… |
12
|
2026-03-04 |
| CVE-2025-40896 |
MED
|
6.5 |
The server certificate was not verified when an Arc agent connected to a Guardi… |
14
|
2026-03-04 |
| CVE-2025-40894 |
MED
|
4.4 |
A Stored HTML Injection vulnerability was discovered in the Alerted Nodes Dashb… |
3
|
2026-03-04 |
| CVE-2025-66168 |
MED
|
5.4 |
Apache ActiveMQ does not properly validate the remaining length field which may… |
4
|
2026-03-04 |
| CVE-2026-27932 |
HIGH
|
7.5 |
joserfc is a Python library that provides an implementation of several JSON Obj… |
8
|
2026-03-03 |
| CVE-2026-3224 |
CRIT
|
9.8 |
Authentication bypass in the Microsoft Entra ID (Azure AD) authentication mode … |
2
|
2026-03-03 |
| CVE-2026-3204 |
CRIT
|
9.8 |
Improper
input validation in the error message page in Devolutions Server 2025… |
2
|
2026-03-03 |
| CVE-2026-3130 |
CRIT
|
9.8 |
Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and… |
2
|
2026-03-03 |
| CVE-2026-2590 |
CRIT
|
9.8 |
Improper
enforcement of the Disable password saving in vaults setting in the
… |
62
|
2026-03-03 |
| CVE-2026-25906 |
HIGH
|
7.3 |
Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Be… |
3
|
2026-03-03 |
| CVE-2026-24502 |
HIGH
|
8.8 |
Dell Command | Intel vPro Out of Band, versions prior to 4.7.0, contain an Unco… |
12
|
2026-03-03 |
| CVE-2026-3494 |
MED
|
4.3 |
In MariaDB server version through 11.8.5, when server audit plugin is enabled w… |
1
|
2026-03-03 |
| CVE-2026-3484 |
MED
|
6.3 |
A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547… |
1
|
2026-03-03 |
| CVE-2026-2915 |
HIGH
|
7.1 |
HP System Event Utility might allow denial of service with elevated arbitrary f… |
19
|
2026-03-03 |
| CVE-2026-3136 |
CRIT
|
9.8 |
An improper authorization vulnerability in GitHub Trigger Comment Control in Go… |
238
|
2026-03-03 |
| CVE-2025-66680 |
HIGH
|
7.1 |
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7… |
8
|
2026-03-03 |
| CVE-2026-3351 |
MED
|
4.3 |
Improper authorization in the API endpoint GET /1.0/certificates in Canonical L… |
3
|
2026-03-03 |
| CVE-2025-15595 |
HIGH
|
7.8 |
Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier versions. |
2
|
2026-03-03 |
| CVE-2026-27631 |
MED
|
5.3 |
Exiv2 is a C++ library and a command-line utility to read, write, delete and mo… |
7
|
2026-03-02 |
| CVE-2026-27596 |
HIGH
|
7.5 |
Exiv2 is a C++ library and a command-line utility to read, write, delete and mo… |
7
|
2026-03-02 |
| CVE-2026-25884 |
HIGH
|
8.1 |
Exiv2 is a C++ library and a command-line utility to read, write, delete and mo… |
7
|
2026-03-02 |
| CVE-2026-1628 |
MED
|
4.6 |
Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting n… |
53
|
2026-03-02 |
| CVE-2026-3422 |
CRIT
|
9.8 |
U-Office Force developed by e-Excellence has a Insecure Deserialization vulnera… |
188
|
2026-03-02 |
| CVE-2026-3403 |
LOW
|
2.4 |
A vulnerability was detected in PHPGurukul Student Record Management System 1.0… |
12
|
2026-03-02 |
| CVE-2026-3402 |
LOW
|
2.4 |
A security vulnerability has been detected in PHPGurukul Student Record Managem… |
12
|
2026-03-02 |
| CVE-2026-3389 |
LOW
|
3.3 |
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affect… |
3
|
2026-03-01 |
| CVE-2026-3388 |
LOW
|
3.3 |
A vulnerability was found in Squirrel up to 3.2. This affects the function SQCo… |
3
|
2026-03-01 |
| CVE-2026-3010 |
MED
|
6.1 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site… |
14
|
2026-02-28 |
| CVE-2026-2844 |
HIGH
|
7.5 |
Missing Authentication for Critical Function vulnerability in Microchip TimePic… |
14
|
2026-02-28 |
| CVE-2026-28422 |
LOW
|
2.2 |
Vim is an open source, command line text editor. Prior to version 9.2.0078, a s… |
14
|
2026-02-27 |
| CVE-2026-28421 |
MED
|
5.3 |
Vim is an open source, command line text editor. Versions prior to 9.2.0077 hav… |
14
|
2026-02-27 |
| CVE-2026-28420 |
MED
|
4.4 |
Vim is an open source, command line text editor. Prior to version 9.2.0076, a h… |
14
|
2026-02-27 |
| CVE-2026-28419 |
MED
|
5.3 |
Vim is an open source, command line text editor. Prior to version 9.2.0075, a h… |
14
|
2026-02-27 |
| CVE-2026-28418 |
MED
|
4.4 |
Vim is an open source, command line text editor. Prior to version 9.2.0074, a h… |
14
|
2026-02-27 |
| CVE-2026-28417 |
MED
|
4.4 |
Vim is an open source, command line text editor. Prior to version 9.2.0073, an … |
14
|
2026-02-27 |
| CVE-2026-28407 |
MED
|
5.3 |
malcontent is software for discovering supply-chain compromises through context… |
4
|
2026-02-27 |
| CVE-2026-27836 |
HIGH
|
7.5 |
phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the We… |
12
|
2026-02-27 |
| CVE-2026-27824 |
MED
|
5.3 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-02-27 |
| CVE-2026-27810 |
MED
|
6.4 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-02-27 |
| CVE-2026-3277 |
MED
|
6.5 |
The OpenID Connect (OIDC) authentication configuration in PowerShell
Universal… |
11
|
2026-02-27 |
| CVE-2026-2750 |
CRIT
|
9.1 |
Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Ce… |
95
|
2026-02-27 |
| CVE-2026-2252 |
HIGH
|
7.5 |
An XML External Entity (XXE) vulnerability allows malicious user to perform Ser… |
8
|
2026-02-27 |
| CVE-2026-2251 |
CRIT
|
9.8 |
Improper limitation of a pathname to a restricted directory (Path Traversal) vu… |
8
|
2026-02-27 |
| CVE-2026-27776 |
HIGH
|
8.8 |
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserial… |
4
|
2026-02-27 |
| CVE-2025-9909 |
MED
|
6.7 |
A flaw was found in the Red Hat Ansible Automation Platform Gateway route creat… |
4
|
2026-02-27 |
| CVE-2025-9908 |
MED
|
6.7 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansib… |
4
|
2026-02-27 |
| CVE-2025-9907 |
MED
|
6.7 |
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansib… |
4
|
2026-02-27 |
| CVE-2026-28372 |
HIGH
|
7.4 |
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be ex… |
28
|
2026-02-27 |
| CVE-2026-27653 |
MED
|
6.7 |
The installers for multiple products provided by Soliton Systems K.K. contain a… |
7
|
2026-02-27 |
| CVE-2026-28230 |
MED
|
6.3 |
SteVe is an open-source EV charging station management system. In versions up t… |
1
|
2026-02-26 |
| CVE-2026-3263 |
MED
|
6.3 |
A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-… |
39
|
2026-02-26 |
| CVE-2026-3262 |
MED
|
6.3 |
A vulnerability has been found in go2ismail Asp.Net-Core-Inventory-Order-Manage… |
39
|
2026-02-26 |
| CVE-2026-26937 |
MED
|
6.5 |
Uncontrolled Resource Consumption (CWE-400) in the Timelion component in Kibana… |
1
|
2026-02-26 |
| CVE-2026-26936 |
MED
|
4.9 |
Inefficient Regular Expression Complexity (CWE-1333) in the AI Inference Anonym… |
1
|
2026-02-26 |
| CVE-2026-26935 |
MED
|
6.5 |
Improper Input Validation (CWE-20) in the internal Content Connectors search en… |
1
|
2026-02-26 |
| CVE-2026-27969 |
HIGH
|
8.8 |
Vitess is a database clustering system for horizontal scaling of MySQL. Prior t… |
1
|
2026-02-26 |
| CVE-2026-27968 |
MED
|
4.3 |
Packistry is a self-hosted Composer repository designed to handle PHP package d… |
12
|
2026-02-26 |
| CVE-2026-27966 |
CRIT
|
9.8 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-02-26 |
| CVE-2026-27965 |
CRIT
|
9.9 |
Vitess is a database clustering system for horizontal scaling of MySQL. Prior t… |
1
|
2026-02-26 |
| CVE-2026-27899 |
HIGH
|
8.8 |
WireGuard Portal (or wg-portal) is a web-based configuration portal for WireGua… |
1
|
2026-02-26 |
| CVE-2026-27818 |
HIGH
|
7.5 |
TerriaJS-Server is a NodeJS Express server for TerriaJS, a library for building… |
1
|
2026-02-26 |
| CVE-2026-27809 |
CRIT
|
9.1 |
psd-tools is a Python package for working with Adobe Photoshop PSD files. Prior… |
1
|
2026-02-26 |
| CVE-2026-27804 |
CRIT
|
9.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2026-02-26 |
| CVE-2026-27799 |
MED
|
4.0 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-26 |
| CVE-2026-27798 |
MED
|
4.0 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-26 |
| CVE-2026-27951 |
MED
|
5.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-27950 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-26986 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-2845 |
MED
|
6.5 |
An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 b… |
54
|
2026-02-25 |
| CVE-2026-27015 |
MED
|
6.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-26965 |
HIGH
|
8.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-26955 |
HIGH
|
8.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-26271 |
MED
|
5.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25997 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25959 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25955 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25954 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25953 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25952 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-25942 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-02-25 |
| CVE-2026-22721 |
MED
|
6.2 |
VMware Aria Operations contains a privilege escalation vulnerability. A malicio… |
4
|
2026-02-25 |
| CVE-2026-1747 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 b… |
54
|
2026-02-25 |
| CVE-2026-1725 |
MED
|
5.3 |
GitLab has remediated an issue in GitLab CE/EE affecting versions from 18.9 bef… |
54
|
2026-02-25 |
| CVE-2026-1662 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4… |
54
|
2026-02-25 |
| CVE-2026-1388 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 … |
54
|
2026-02-25 |
| CVE-2026-0752 |
HIGH
|
8.0 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.2… |
54
|
2026-02-25 |
| CVE-2025-14511 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2… |
54
|
2026-02-25 |
| CVE-2026-25941 |
MED
|
4.3 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on th… |
1
|
2026-02-25 |
| CVE-2026-22720 |
HIGH
|
8.0 |
VMware Aria Operations contains a stored cross-site scripting vulnerability. A … |
4
|
2026-02-25 |
| CVE-2026-22719 |
HIGH
|
8.1 |
VMware Aria Operations contains a command injection vulnerability. A malicious … |
4
|
2026-02-25 |
| CVE-2025-3525 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 … |
54
|
2026-02-25 |
| CVE-2025-14103 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7… |
54
|
2026-02-25 |
| CVE-2026-3221 |
MED
|
4.9 |
Sensitive
user account information is not encrypted in the database in Devolut… |
2
|
2026-02-25 |
| CVE-2026-27736 |
MED
|
6.1 |
BigBlueButton is an open-source virtual classroom. In versions on the 3.x branc… |
1
|
2026-02-25 |
| CVE-2026-27728 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. Prior to v… |
15
|
2026-02-25 |
| CVE-2026-27706 |
HIGH
|
7.7 |
Plane is an an open-source project management tool. Prior to version 1.2.2, a F… |
2
|
2026-02-25 |
| CVE-2026-27705 |
MED
|
6.5 |
Plane is an an open-source project management tool. Prior to version 1.2.2, the… |
2
|
2026-02-25 |
| CVE-2026-20133 |
MED
|
6.5 |
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated… |
87
|
2026-02-25 |
| CVE-2026-20129 |
CRIT
|
9.8 |
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager… |
87
|
2026-02-25 |
| CVE-2026-20128 |
HIGH
|
7.5 |
A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD… |
87
|
2026-02-25 |
| CVE-2026-20127 |
CRIT
|
10.0 |
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controll… |
88
|
2026-02-25 |
| CVE-2026-20126 |
HIGH
|
8.8 |
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, … |
87
|
2026-02-25 |
| CVE-2026-20122 |
MED
|
5.4 |
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an auth… |
87
|
2026-02-25 |
| CVE-2026-3203 |
MED
|
5.5 |
RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to… |
16
|
2026-02-25 |
| CVE-2026-3202 |
MED
|
4.7 |
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of se… |
12
|
2026-02-25 |
| CVE-2026-3201 |
MED
|
4.7 |
USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.… |
16
|
2026-02-25 |
| CVE-2026-2878 |
MED
|
5.3 |
In Progress® Telerik® UI for AJAX, versions prior to 2026.1.225, an insufficien… |
39
|
2026-02-25 |
| CVE-2026-28196 |
LOW
|
2.3 |
In JetBrains TeamCity before 2025.11.3 disabling versioned settings left a cred… |
30
|
2026-02-25 |
| CVE-2026-28195 |
MED
|
4.3 |
In JetBrains TeamCity before 2025.11.3 missing authorization allowed project de… |
30
|
2026-02-25 |
| CVE-2026-28194 |
MED
|
4.3 |
In JetBrains TeamCity before 2025.11.3 open redirect was possible in the React … |
30
|
2026-02-25 |
| CVE-2026-28193 |
HIGH
|
8.8 |
In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to t… |
30
|
2026-02-25 |
| CVE-2026-21725 |
LOW
|
2.6 |
A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-th… |
1
|
2026-02-25 |
| CVE-2026-26104 |
MED
|
5.5 |
A flaw was found in the udisks storage management daemon that allows unprivileg… |
14
|
2026-02-25 |
| CVE-2026-26103 |
HIGH
|
7.1 |
A flaw was found in the udisks storage management daemon that exposes a privile… |
14
|
2026-02-25 |
| CVE-2025-11563 |
MED
|
4.6 |
URLs containing percent-encoded slashes (`/` or `\`) can trick wcurl into
savin… |
28
|
2026-02-25 |
| CVE-2025-0976 |
MED
|
4.7 |
Information Exposure Vulnerability in Hitachi Ops Center API Configuration Mana… |
1
|
2026-02-25 |
| CVE-2026-27610 |
MED
|
5.3 |
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In ve… |
4
|
2026-02-25 |
| CVE-2026-27609 |
MED
|
6.5 |
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In ve… |
4
|
2026-02-25 |
| CVE-2026-27608 |
HIGH
|
8.1 |
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In ve… |
4
|
2026-02-25 |
| CVE-2026-27595 |
HIGH
|
7.5 |
Parse Dashboard is a standalone dashboard for managing Parse Server apps. In ve… |
4
|
2026-02-25 |
| CVE-2026-27572 |
HIGH
|
7.5 |
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04… |
15
|
2026-02-24 |
| CVE-2026-27204 |
MED
|
6.5 |
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.6, 36.0.6, 4.0.04… |
15
|
2026-02-24 |
| CVE-2026-27195 |
HIGH
|
7.5 |
Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the `comp… |
14
|
2026-02-24 |
| CVE-2025-46320 |
MED
|
6.1 |
A cross-site scripting (XSS) vulnerability in a FileMaker WebDirect custom home… |
2
|
2026-02-24 |
| CVE-2026-3131 |
MED
|
6.5 |
Improper
access control in multiple DVLS REST API endpoints in Devolutions
Se… |
2
|
2026-02-24 |
| CVE-2026-23859 |
LOW
|
2.7 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Client-Side En… |
29
|
2026-02-24 |
| CVE-2026-23858 |
MED
|
5.4 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Improper Neut… |
29
|
2026-02-24 |
| CVE-2026-22766 |
HIGH
|
7.2 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted … |
29
|
2026-02-24 |
| CVE-2026-22765 |
HIGH
|
8.8 |
Dell Wyse Management Suite, versions prior to WMS 5.5, contain a Missing Author… |
29
|
2026-02-24 |
| CVE-2026-1768 |
MED
|
4.3 |
A permission cache poisoning vulnerability in Devolutions Server allows authent… |
2
|
2026-02-24 |
| CVE-2026-26222 |
CRIT
|
9.8 |
Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes … |
4
|
2026-02-24 |
| CVE-2026-27590 |
CRIT
|
9.8 |
Caddy is an extensible server platform that uses TLS by default. Prior to versi… |
2
|
2026-02-24 |
| CVE-2026-27589 |
MED
|
6.5 |
Caddy is an extensible server platform that uses TLS by default. Prior to versi… |
2
|
2026-02-24 |
| CVE-2026-27586 |
CRIT
|
9.1 |
Caddy is an extensible server platform that uses TLS by default. Prior to versi… |
2
|
2026-02-24 |
| CVE-2026-27585 |
MED
|
6.5 |
Caddy is an extensible server platform that uses TLS by default. Prior to versi… |
2
|
2026-02-24 |
| CVE-2026-27571 |
MED
|
5.9 |
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native m… |
1
|
2026-02-24 |
| CVE-2026-2807 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox 147 and Thunderbird 147. Some of these bu… |
298
|
2026-02-24 |
| CVE-2026-2806 |
CRIT
|
9.1 |
Uninitialized memory in the Graphics: Text component. This vulnerability affect… |
298
|
2026-02-24 |
| CVE-2026-2805 |
CRIT
|
9.8 |
Invalid pointer in the DOM: Core & HTML component. This vulnerability affects F… |
298
|
2026-02-24 |
| CVE-2026-2804 |
MED
|
5.4 |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability aff… |
298
|
2026-02-24 |
| CVE-2026-2803 |
HIGH
|
7.5 |
Information disclosure, mitigation bypass in the Settings UI component. This vu… |
298
|
2026-02-24 |
| CVE-2026-2802 |
MED
|
4.2 |
Race condition in the JavaScript: GC component. This vulnerability affects Fire… |
298
|
2026-02-24 |
| CVE-2026-2801 |
HIGH
|
7.5 |
Incorrect boundary conditions in the JavaScript: WebAssembly component. This vu… |
298
|
2026-02-24 |
| CVE-2026-2800 |
CRIT
|
9.8 |
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerabi… |
298
|
2026-02-24 |
| CVE-2026-2799 |
CRIT
|
9.8 |
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fi… |
298
|
2026-02-24 |
| CVE-2026-2798 |
HIGH
|
8.8 |
Use-after-free in the DOM: Core & HTML component. This vulnerability affects Fi… |
298
|
2026-02-24 |
| CVE-2026-2797 |
CRIT
|
9.8 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Fire… |
298
|
2026-02-24 |
| CVE-2026-2796 |
CRIT
|
9.8 |
JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability… |
298
|
2026-02-24 |
| CVE-2026-2795 |
CRIT
|
9.8 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Fire… |
298
|
2026-02-24 |
| CVE-2026-2794 |
HIGH
|
7.5 |
Information disclosure due to uninitialized memory in Firefox and Firefox Focus… |
298
|
2026-02-24 |
| CVE-2026-2793 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbir… |
298
|
2026-02-24 |
| CVE-2026-2792 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox… |
298
|
2026-02-24 |
| CVE-2026-2791 |
CRIT
|
9.8 |
Mitigation bypass in the Networking: Cache component. This vulnerability affect… |
298
|
2026-02-24 |
| CVE-2026-2790 |
CRIT
|
9.8 |
Same-origin policy bypass in the Networking: JAR component. This vulnerability … |
298
|
2026-02-24 |
| CVE-2026-2789 |
CRIT
|
9.8 |
Use-after-free in the Graphics: ImageLib component. This vulnerability affects … |
298
|
2026-02-24 |
| CVE-2026-2788 |
CRIT
|
9.8 |
Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerabi… |
298
|
2026-02-24 |
| CVE-2026-2787 |
CRIT
|
9.8 |
Use-after-free in the DOM: Window and Location component. This vulnerability af… |
298
|
2026-02-24 |
| CVE-2026-2786 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
298
|
2026-02-24 |
| CVE-2026-2785 |
CRIT
|
9.8 |
Invalid pointer in the JavaScript Engine component. This vulnerability affects … |
298
|
2026-02-24 |
| CVE-2026-2784 |
CRIT
|
9.8 |
Mitigation bypass in the DOM: Security component. This vulnerability affects Fi… |
298
|
2026-02-24 |
| CVE-2026-2783 |
HIGH
|
7.5 |
Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT … |
298
|
2026-02-24 |
| CVE-2026-2782 |
CRIT
|
9.8 |
Privilege escalation in the Netmonitor component. This vulnerability affects Fi… |
298
|
2026-02-24 |
| CVE-2026-2781 |
CRIT
|
9.8 |
Integer overflow in the Libraries component in NSS. This vulnerability affects … |
298
|
2026-02-24 |
| CVE-2026-2780 |
CRIT
|
9.8 |
Privilege escalation in the Netmonitor component. This vulnerability affects Fi… |
298
|
2026-02-24 |
| CVE-2026-2779 |
CRIT
|
9.8 |
Incorrect boundary conditions in the Networking: JAR component. This vulnerabil… |
298
|
2026-02-24 |
| CVE-2026-2778 |
CRIT
|
10.0 |
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML com… |
298
|
2026-02-24 |
| CVE-2026-2777 |
CRIT
|
9.8 |
Privilege escalation in the Messaging System component. This vulnerability affe… |
298
|
2026-02-24 |
| CVE-2026-2776 |
CRIT
|
10.0 |
Sandbox escape due to incorrect boundary conditions in the Telemetry component … |
298
|
2026-02-24 |
| CVE-2026-2775 |
CRIT
|
9.8 |
Mitigation bypass in the DOM: HTML Parser component. This vulnerability affects… |
298
|
2026-02-24 |
| CVE-2026-2774 |
CRIT
|
9.8 |
Integer overflow in the Audio/Video component. This vulnerability affects Firef… |
298
|
2026-02-24 |
| CVE-2026-2773 |
CRIT
|
9.8 |
Incorrect boundary conditions in the Web Audio component. This vulnerability af… |
298
|
2026-02-24 |
| CVE-2026-2772 |
CRIT
|
9.8 |
Use-after-free in the Audio/Video: Playback component. This vulnerability affec… |
298
|
2026-02-24 |
| CVE-2026-2771 |
CRIT
|
9.8 |
Undefined behavior in the DOM: Core & HTML component. This vulnerability affect… |
298
|
2026-02-24 |
| CVE-2026-2770 |
CRIT
|
9.8 |
Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability affe… |
298
|
2026-02-24 |
| CVE-2026-2769 |
HIGH
|
8.8 |
Use-after-free in the Storage: IndexedDB component. This vulnerability affects … |
298
|
2026-02-24 |
| CVE-2026-2768 |
CRIT
|
10.0 |
Sandbox escape in the Storage: IndexedDB component. This vulnerability affects … |
298
|
2026-02-24 |
| CVE-2026-2767 |
CRIT
|
9.8 |
Use-after-free in the JavaScript: WebAssembly component. This vulnerability aff… |
298
|
2026-02-24 |
| CVE-2026-2766 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine: JIT component. This vulnerability affe… |
298
|
2026-02-24 |
| CVE-2026-2765 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
298
|
2026-02-24 |
| CVE-2026-2764 |
CRIT
|
9.8 |
JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. Thi… |
298
|
2026-02-24 |
| CVE-2026-2763 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
298
|
2026-02-24 |
| CVE-2026-2762 |
CRIT
|
9.8 |
Integer overflow in the JavaScript: Standard Library component. This vulnerabil… |
298
|
2026-02-24 |
| CVE-2026-2761 |
CRIT
|
10.0 |
Sandbox escape in the Graphics: WebRender component. This vulnerability affects… |
298
|
2026-02-24 |
| CVE-2026-2760 |
CRIT
|
10.0 |
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender … |
298
|
2026-02-24 |
| CVE-2026-2759 |
CRIT
|
9.8 |
Incorrect boundary conditions in the Graphics: ImageLib component. This vulnera… |
298
|
2026-02-24 |
| CVE-2026-2758 |
CRIT
|
9.8 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Fire… |
298
|
2026-02-24 |
| CVE-2026-2757 |
CRIT
|
9.8 |
Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulner… |
298
|
2026-02-24 |
| CVE-2026-2634 |
CRIT
|
9.8 |
Malicious scripts could cause desynchronization between the address bar and web… |
298
|
2026-02-24 |
| CVE-2026-23984 |
MED
|
6.5 |
An Improper Input Validation vulnerability exists in Apache Superset that allow… |
4
|
2026-02-24 |
| CVE-2026-23983 |
MED
|
6.5 |
A Sensitive Data Exposure vulnerability exists in Apache Superset allowing auth… |
4
|
2026-02-24 |
| CVE-2026-23982 |
MED
|
6.5 |
An Improper Authorization vulnerability exists in Apache Superset that allows a… |
4
|
2026-02-24 |
| CVE-2026-23980 |
MED
|
6.5 |
Improper Neutralization of Special Elements used in a SQL Command ('SQL Injecti… |
4
|
2026-02-24 |
| CVE-2026-2664 |
HIGH
|
7.8 |
An out of bounds read vulnerability in the grpcfuse kernel module present in th… |
106
|
2026-02-24 |
| CVE-2025-27555 |
MED
|
6.5 |
Airflow versions before 2.11.1 have a vulnerability that allows authenticated u… |
8
|
2026-02-24 |
| CVE-2024-56373 |
HIGH
|
8.4 |
DAG Author (who already has quite a lot of permissions) could manipulate databa… |
8
|
2026-02-24 |
| CVE-2026-26983 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-26331 |
HIGH
|
8.8 |
yt-dlp is a command-line audio/video downloader. Starting in version 2023.06.21… |
2
|
2026-02-24 |
| CVE-2026-26284 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-26283 |
MED
|
6.2 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-26066 |
MED
|
6.2 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25989 |
HIGH
|
7.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25988 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25987 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25986 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25985 |
HIGH
|
7.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25983 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25982 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25971 |
MED
|
6.2 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25970 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25969 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25968 |
HIGH
|
7.4 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25967 |
HIGH
|
7.4 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25966 |
MED
|
5.9 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25965 |
HIGH
|
8.6 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25898 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25897 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25799 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25798 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25797 |
MED
|
5.7 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25796 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25795 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25794 |
HIGH
|
8.2 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25638 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-25637 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-24 |
| CVE-2026-25576 |
MED
|
5.1 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-24 |
| CVE-2026-24485 |
HIGH
|
7.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-24 |
| CVE-2026-24484 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
53
|
2026-02-24 |
| CVE-2026-24481 |
HIGH
|
7.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
13
|
2026-02-24 |
| CVE-2026-3063 |
MED
|
5.4 |
Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.1… |
206
|
2026-02-23 |
| CVE-2026-3062 |
CRIT
|
9.8 |
Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.763… |
206
|
2026-02-23 |
| CVE-2026-3061 |
CRIT
|
9.1 |
Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a … |
206
|
2026-02-23 |
| CVE-2026-3025 |
HIGH
|
7.3 |
A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1… |
4
|
2026-02-23 |
| CVE-2025-61145 |
MED
|
5.0 |
libtiff up to v4.7.1 was discovered to contain a double free via the component … |
12
|
2026-02-23 |
| CVE-2025-61144 |
HIGH
|
7.3 |
libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSep… |
12
|
2026-02-23 |
| CVE-2025-61143 |
MED
|
5.5 |
libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via t… |
12
|
2026-02-23 |
| CVE-2026-22568 |
MED
|
5.5 |
Improper neutralization of special elements in user-supplied input within the Z… |
1
|
2026-02-23 |
| CVE-2026-22567 |
HIGH
|
7.6 |
Improper validation of user-supplied input in the ZIA Admin UI could allow an a… |
1
|
2026-02-23 |
| CVE-2026-21420 |
HIGH
|
7.3 |
Dell Repository Manager (DRM), versions prior to 3.4.8, contains an Uncontrolle… |
6
|
2026-02-23 |
| CVE-2026-25747 |
HIGH
|
8.8 |
Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB compone… |
1
|
2026-02-23 |
| CVE-2026-27574 |
CRIT
|
9.9 |
OneUptime is a solution for monitoring and managing online services. In version… |
15
|
2026-02-21 |
| CVE-2026-27482 |
MED
|
5.9 |
Ray is an AI compute engine. In versions 2.53.0 and below, thedashboard HTTP se… |
44
|
2026-02-21 |
| CVE-2026-27467 |
LOW
|
2.0 |
BigBlueButton is an open-source virtual classroom. In versions 3.0.19 and below… |
1
|
2026-02-21 |
| CVE-2026-27466 |
HIGH
|
7.2 |
BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below… |
1
|
2026-02-21 |
| CVE-2026-27194 |
CRIT
|
9.8 |
D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are… |
12
|
2026-02-21 |
| CVE-2025-65995 |
MED
|
6.5 |
When a DAG failed during parsing, Airflow’s error-reporting in the UI could inc… |
8
|
2026-02-21 |
| CVE-2026-2048 |
HIGH
|
7.8 |
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. … |
3
|
2026-02-20 |
| CVE-2026-2047 |
HIGH
|
7.8 |
GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnera… |
2
|
2026-02-20 |
| CVE-2026-2045 |
HIGH
|
7.8 |
GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. … |
2
|
2026-02-20 |
| CVE-2026-2044 |
HIGH
|
7.8 |
GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability.… |
2
|
2026-02-20 |
| CVE-2019-25454 |
MED
|
6.1 |
phpMoAdmin 1.1.5 contains a stored cross-site scripting vulnerability that allo… |
12
|
2026-02-20 |
| CVE-2019-25453 |
MED
|
6.1 |
phpMoAdmin 1.1.5 contains a reflected cross-site scripting vulnerability that a… |
12
|
2026-02-20 |
| CVE-2019-25451 |
HIGH
|
8.8 |
phpMoAdmin 1.1.5 contains a cross-site request forgery vulnerability that allow… |
12
|
2026-02-20 |
| CVE-2026-0797 |
HIGH
|
7.8 |
GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerab… |
3
|
2026-02-20 |
| CVE-2026-27190 |
HIGH
|
8.1 |
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a co… |
5
|
2026-02-20 |
| CVE-2026-24892 |
HIGH
|
7.5 |
openITCOCKPIT is an open source monitoring tool built for different monitoring … |
15
|
2026-02-20 |
| CVE-2025-62326 |
MED
|
6.1 |
HCL Digital Experience is susceptible to stored cross-site scripting (XSS) in t… |
54
|
2026-02-20 |
| CVE-2019-25445 |
MED
|
6.1 |
Fiverr Clone Script 1.2.2 contains a cross-site scripting vulnerability that al… |
12
|
2026-02-20 |
| CVE-2019-25444 |
CRIT
|
9.1 |
Fiverr Clone Script 1.2.2 contains an SQL injection vulnerability that allows u… |
12
|
2026-02-20 |
| CVE-2026-24891 |
HIGH
|
7.5 |
openITCOCKPIT is an open source monitoring tool built for different monitoring … |
15
|
2026-02-20 |
| CVE-2026-27506 |
MED
|
6.1 |
SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerabi… |
1
|
2026-02-20 |
| CVE-2026-27505 |
MED
|
6.1 |
SVXportal version 2.5 and prior contain a stored cross-site scripting vulnerabi… |
1
|
2026-02-20 |
| CVE-2026-27504 |
MED
|
6.1 |
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulner… |
1
|
2026-02-20 |
| CVE-2026-27503 |
MED
|
6.1 |
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulner… |
1
|
2026-02-20 |
| CVE-2026-27502 |
MED
|
6.1 |
SVXportal version 2.5 and prior contain a reflected cross-site scripting vulner… |
1
|
2026-02-20 |
| CVE-2025-67438 |
MED
|
6.1 |
A Stored Cross-Site Scripting (XSS) vulnerability in Sync-in Server before 1.9.… |
1
|
2026-02-20 |
| CVE-2026-27017 |
MED
|
5.3 |
uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinti… |
14
|
2026-02-20 |
| CVE-2026-26994 |
MED
|
6.5 |
uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinti… |
14
|
2026-02-20 |
| CVE-2026-26980 |
CRIT
|
9.4 |
Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 al… |
10
|
2026-02-20 |
| CVE-2026-26960 |
HIGH
|
7.1 |
node-tar is a full-featured Tar for Node.js. When using default options in vers… |
23
|
2026-02-20 |
| CVE-2026-26065 |
HIGH
|
8.8 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-02-20 |
| CVE-2026-26064 |
HIGH
|
8.8 |
calibre is a cross-platform e-book manager for viewing, converting, editing, an… |
3
|
2026-02-20 |
| CVE-2026-26975 |
HIGH
|
8.8 |
Music Assistant is an open-source media library manager that integrates streami… |
1
|
2026-02-20 |
| CVE-2026-21535 |
HIGH
|
8.2 |
Improper access control in Microsoft Teams allows an unauthorized attacker to d… |
2286
|
2026-02-19 |
| CVE-2025-9208 |
MED
|
5.4 |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site… |
1
|
2026-02-19 |
| CVE-2026-27013 |
HIGH
|
7.6 |
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.… |
1
|
2026-02-19 |
| CVE-2026-26200 |
HIGH
|
7.8 |
HDF5 is software for managing data. Prior to version 1.14.4-2, an attacker who … |
2
|
2026-02-19 |
| CVE-2026-26057 |
MED
|
6.5 |
Skill Scanner is a security scanner for AI Agent Skills that detects prompt inj… |
68
|
2026-02-19 |
| CVE-2026-26030 |
CRIT
|
9.9 |
Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code exec… |
671
|
2026-02-19 |
| CVE-2026-25940 |
HIGH
|
8.1 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control… |
13
|
2026-02-19 |
| CVE-2026-25755 |
HIGH
|
8.1 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control… |
13
|
2026-02-19 |
| CVE-2026-25535 |
HIGH
|
7.5 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.2.0, user control… |
13
|
2026-02-19 |
| CVE-2025-15563 |
MED
|
5.3 |
Any unauthenticated user can reset the WorkTime on-prem database configuration … |
15
|
2026-02-19 |
| CVE-2025-15562 |
MED
|
6.1 |
The server API endpoint /report/internet/urls reflects received data into the H… |
15
|
2026-02-19 |
| CVE-2025-15561 |
HIGH
|
7.8 |
An attacker can exploit the update behavior of the WorkTime monitoring daemon t… |
15
|
2026-02-19 |
| CVE-2025-15560 |
HIGH
|
8.8 |
An authenticated attacker with minimal permissions can exploit a SQL injection … |
15
|
2026-02-19 |
| CVE-2025-15559 |
CRIT
|
9.8 |
An unauthenticated attacker can inject OS commands when calling a server API en… |
15
|
2026-02-19 |
| CVE-2026-22268 |
MED
|
6.3 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorr… |
56
|
2026-02-19 |
| CVE-2026-22267 |
HIGH
|
8.1 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorr… |
56
|
2026-02-19 |
| CVE-2026-22266 |
MED
|
4.7 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improp… |
56
|
2026-02-19 |
| CVE-2026-26362 |
HIGH
|
8.1 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Relative Path Traver… |
55
|
2026-02-19 |
| CVE-2026-26361 |
MED
|
6.5 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of… |
55
|
2026-02-19 |
| CVE-2026-26360 |
HIGH
|
8.1 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of… |
55
|
2026-02-19 |
| CVE-2026-26359 |
HIGH
|
8.8 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of… |
55
|
2026-02-19 |
| CVE-2026-26358 |
HIGH
|
8.8 |
Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorizatio… |
55
|
2026-02-19 |
| CVE-2026-22269 |
MED
|
4.7 |
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improp… |
56
|
2026-02-19 |
| CVE-2026-2684 |
HIGH
|
7.3 |
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System … |
10
|
2026-02-19 |
| CVE-2026-2683 |
MED
|
4.3 |
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.2… |
10
|
2026-02-18 |
| CVE-2026-2682 |
MED
|
6.3 |
A vulnerability has been found in Tsinghua Unigroup Electronic Archives System … |
10
|
2026-02-18 |
| CVE-2026-25596 |
MED
|
4.8 |
InvoicePlane is a self-hosted open source application for managing invoices, cl… |
1
|
2026-02-18 |
| CVE-2026-25595 |
MED
|
4.8 |
InvoicePlane is a self-hosted open source application for managing invoices, cl… |
1
|
2026-02-18 |
| CVE-2026-25594 |
MED
|
4.8 |
InvoicePlane is a self-hosted open source application for managing invoices, cl… |
1
|
2026-02-18 |
| CVE-2026-25548 |
CRIT
|
9.1 |
InvoicePlane is a self-hosted open source application for managing invoices, cl… |
1
|
2026-02-18 |
| CVE-2026-2672 |
MED
|
4.3 |
A security flaw has been discovered in Tsinghua Unigroup Electronic Archives Sy… |
10
|
2026-02-18 |
| CVE-2026-2669 |
MED
|
6.5 |
A vulnerability was determined in Rongzhitong Visual Integrated Command and Dis… |
19
|
2026-02-18 |
| CVE-2026-2650 |
HIGH
|
8.8 |
Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed … |
202
|
2026-02-18 |
| CVE-2026-2649 |
HIGH
|
8.8 |
Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remot… |
202
|
2026-02-18 |
| CVE-2026-2648 |
HIGH
|
8.8 |
Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed… |
202
|
2026-02-18 |
| CVE-2019-25355 |
HIGH
|
7.5 |
gSOAP 2.8 contains a directory traversal vulnerability that allows unauthentica… |
1
|
2026-02-18 |
| CVE-2026-2668 |
HIGH
|
7.3 |
A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch… |
19
|
2026-02-18 |
| CVE-2026-2667 |
MED
|
5.3 |
A vulnerability has been found in Rongzhitong Visual Integrated Command and Dis… |
19
|
2026-02-18 |
| CVE-2026-1999 |
MED
|
6.5 |
A Server-Side Request Forgery (SSRF) vulnerability was identified in GitHub Ent… |
104
|
2026-02-18 |
| CVE-2026-1355 |
MED
|
6.5 |
A Missing Authorization vulnerability was identified in GitHub Enterprise Serve… |
104
|
2026-02-18 |
| CVE-2026-0573 |
CRIT
|
9.0 |
An URL redirection vulnerability was identified in GitHub Enterprise Server tha… |
104
|
2026-02-18 |
| CVE-2025-12343 |
LOW
|
3.3 |
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_back… |
3
|
2026-02-18 |
| CVE-2025-10256 |
MED
|
5.3 |
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter… |
3
|
2026-02-18 |
| CVE-2026-2661 |
LOW
|
3.3 |
A security flaw has been discovered in Squirrel up to 3.2. This affects the fun… |
3
|
2026-02-18 |
| CVE-2026-25500 |
MED
|
5.4 |
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, … |
17
|
2026-02-18 |
| CVE-2026-23491 |
HIGH
|
7.5 |
InvoicePlane is a self-hosted open source application for managing invoices, cl… |
1
|
2026-02-18 |
| CVE-2026-0875 |
HIGH
|
7.8 |
A maliciously crafted MODEL file, when parsed through certain Autodesk products… |
70
|
2026-02-18 |
| CVE-2026-0874 |
HIGH
|
7.8 |
A maliciously crafted CATPART file, when parsed through certain Autodesk produc… |
70
|
2026-02-18 |
| CVE-2026-22860 |
HIGH
|
7.5 |
Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, … |
17
|
2026-02-18 |
| CVE-2025-70064 |
HIGH
|
8.8 |
PHPGurukul Hospital Management System v4.0 contains a Privilege Escalation vuln… |
12
|
2026-02-18 |
| CVE-2025-70063 |
MED
|
6.5 |
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 cont… |
12
|
2026-02-18 |
| CVE-2025-70062 |
MED
|
6.5 |
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forger… |
12
|
2026-02-18 |
| CVE-2026-2659 |
LOW
|
3.3 |
A vulnerability was determined in Squirrel up to 3.2. Affected by this vulnerab… |
3
|
2026-02-18 |
| CVE-2026-20144 |
MED
|
6.8 |
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, a… |
5
|
2026-02-18 |
| CVE-2026-20142 |
MED
|
6.8 |
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a… |
1
|
2026-02-18 |
| CVE-2026-20139 |
MED
|
4.3 |
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, a… |
5
|
2026-02-18 |
| CVE-2026-20138 |
MED
|
6.8 |
In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a… |
1
|
2026-02-18 |
| CVE-2026-20137 |
LOW
|
3.5 |
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.5, 9.3.7, and 9.2.9, an… |
5
|
2026-02-18 |
| CVE-2025-70147 |
HIGH
|
7.5 |
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectW… |
14
|
2026-02-18 |
| CVE-2025-70146 |
CRIT
|
9.1 |
Missing authentication in multiple administrative action scripts under /admin/ … |
14
|
2026-02-18 |
| CVE-2025-33253 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33252 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33251 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33250 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33249 |
HIGH
|
7.8 |
NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-pre… |
1
|
2026-02-18 |
| CVE-2025-33246 |
HIGH
|
7.8 |
NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Eva… |
1
|
2026-02-18 |
| CVE-2025-33245 |
HIGH
|
8.0 |
NVIDIA NeMo Framework contains a vulnerability where malicious data could cause… |
1
|
2026-02-18 |
| CVE-2025-33243 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33241 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause re… |
1
|
2026-02-18 |
| CVE-2025-33236 |
HIGH
|
7.8 |
NVIDIA NeMo Framework contains a vulnerability where malicious data created by … |
1
|
2026-02-18 |
| CVE-2026-27171 |
LOW
|
2.9 |
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_… |
7
|
2026-02-18 |
| CVE-2026-1344 |
MED
|
6.5 |
Tanium addressed an insecure file permissions vulnerability in Enforce Recovery… |
9
|
2026-02-18 |
| CVE-2026-26119 |
HIGH
|
8.8 |
Improper authentication in Windows Admin Center allows an authorized attacker t… |
2160
|
2026-02-17 |
| CVE-2026-22769 |
CRIT
|
10.0 |
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain … |
55
|
2026-02-17 |
| CVE-2026-0102 |
LOW
|
3.1 |
Under specific conditions, a malicious webpage may trigger autofill population … |
2143
|
2026-02-17 |
| CVE-2025-32355 |
HIGH
|
7.3 |
Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle inc… |
6
|
2026-02-17 |
| CVE-2025-59793 |
CRIT
|
9.9 |
Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/servi… |
6
|
2026-02-17 |
| CVE-2024-55270 |
HIGH
|
8.8 |
phpgurukul Student Management System 1.0 is vulnerable to SQL Injection in stud… |
12
|
2026-02-17 |
| CVE-2024-55271 |
LOW
|
3.5 |
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in phpgur… |
12
|
2026-02-17 |
| CVE-2025-70828 |
HIGH
|
8.8 |
An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via t… |
15
|
2026-02-17 |
| CVE-2025-70829 |
MED
|
5.7 |
An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticate… |
15
|
2026-02-17 |
| CVE-2026-2447 |
HIGH
|
8.8 |
Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, F… |
296
|
2026-02-16 |
| CVE-2026-2032 |
MED
|
4.3 |
Malicious scripts that interrupt new tab page loading could cause desynchroniza… |
298
|
2026-02-16 |
| CVE-2026-1046 |
HIGH
|
7.6 |
Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help link… |
12
|
2026-02-16 |
| CVE-2026-26269 |
MED
|
5.4 |
Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buf… |
13
|
2026-02-13 |
| CVE-2026-2441 |
HIGH
|
8.8 |
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote … |
200
|
2026-02-13 |
| CVE-2025-66676 |
MED
|
6.2 |
An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Serv… |
1
|
2026-02-13 |
| CVE-2026-2026 |
MED
|
6.1 |
A vulnerability has been identified where weak file permissions in the Nessus A… |
3
|
2026-02-13 |
| CVE-2026-26268 |
HIGH
|
8.0 |
Cursor is a code editor built for programming with AI. Sandbox escape via writi… |
26
|
2026-02-13 |
| CVE-2026-2443 |
MED
|
5.3 |
A flaw was identified in libsoup, a widely used HTTP library in GNOME-based sys… |
15
|
2026-02-13 |
| CVE-2026-26020 |
HIGH
|
8.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-12 |
| CVE-2026-24895 |
CRIT
|
9.8 |
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, FrankenPHP’… |
12
|
2026-02-12 |
| CVE-2026-24894 |
HIGH
|
7.5 |
FrankenPHP is a modern application server for PHP. Prior to 1.11.2, when runnin… |
12
|
2026-02-12 |
| CVE-2019-25347 |
HIGH
|
7.5 |
thesystem App 1.0 contains a SQL injection vulnerability that allows attackers … |
86
|
2026-02-12 |
| CVE-2019-25346 |
HIGH
|
7.5 |
TheSystem 1.0 contains a SQL injection vulnerability that allows attackers to b… |
86
|
2026-02-12 |
| CVE-2026-2007 |
HIGH
|
8.2 |
Heap buffer overflow in PostgreSQL pg_trgm allows a database user to achieve un… |
5
|
2026-02-12 |
| CVE-2026-2006 |
HIGH
|
8.8 |
Missing validation of multibyte character length in PostgreSQL text manipulatio… |
23
|
2026-02-12 |
| CVE-2026-2005 |
HIGH
|
8.8 |
Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to exe… |
23
|
2026-02-12 |
| CVE-2026-2004 |
HIGH
|
8.8 |
Missing validation of type of input in PostgreSQL intarray extension selectivit… |
23
|
2026-02-12 |
| CVE-2026-2003 |
MED
|
4.3 |
Improper validation of type "oidvector" in PostgreSQL allows a database user to… |
23
|
2026-02-12 |
| CVE-2026-21722 |
MED
|
5.3 |
Public dashboards with annotations enabled did not limit their annotation timer… |
2
|
2026-02-12 |
| CVE-2026-23857 |
HIGH
|
8.2 |
Dell Update Package (DUP) Framework, versions 23.12.00 through 24.12.00, contai… |
3
|
2026-02-12 |
| CVE-2026-20676 |
MED
|
5.3 |
This issue was addressed through improved state management. This issue is fixed… |
93
|
2026-02-11 |
| CVE-2026-20660 |
HIGH
|
7.5 |
A path handling issue was addressed with improved logic. This issue is fixed in… |
93
|
2026-02-11 |
| CVE-2026-20656 |
LOW
|
3.3 |
A logic issue was addressed with improved validation. This issue is fixed in Sa… |
93
|
2026-02-11 |
| CVE-2026-20652 |
HIGH
|
7.5 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-02-11 |
| CVE-2026-20644 |
MED
|
6.5 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-02-11 |
| CVE-2026-20636 |
MED
|
6.5 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-02-11 |
| CVE-2026-20635 |
MED
|
4.3 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-02-11 |
| CVE-2026-20608 |
MED
|
5.5 |
This issue was addressed through improved state management. This issue is fixed… |
93
|
2026-02-11 |
| CVE-2026-25990 |
HIGH
|
7.5 |
Pillow is a Python imaging library. From 10.3.0 to before 12.1.1, n out-of-boun… |
7
|
2026-02-11 |
| CVE-2026-2323 |
MED
|
4.3 |
Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.… |
196
|
2026-02-11 |
| CVE-2026-2322 |
MED
|
5.4 |
Inappropriate implementation in File input in Google Chrome prior to 145.0.7632… |
196
|
2026-02-11 |
| CVE-2026-2321 |
HIGH
|
8.8 |
Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remot… |
196
|
2026-02-11 |
| CVE-2026-2320 |
MED
|
6.5 |
Inappropriate implementation in File input in Google Chrome prior to 145.0.7632… |
196
|
2026-02-11 |
| CVE-2026-2319 |
HIGH
|
7.5 |
Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attac… |
196
|
2026-02-11 |
| CVE-2026-2318 |
MED
|
6.5 |
Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.… |
196
|
2026-02-11 |
| CVE-2026-2317 |
MED
|
6.5 |
Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.… |
196
|
2026-02-11 |
| CVE-2026-2316 |
MED
|
6.5 |
Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.… |
196
|
2026-02-11 |
| CVE-2026-2315 |
HIGH
|
8.8 |
Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 … |
196
|
2026-02-11 |
| CVE-2026-2314 |
HIGH
|
8.8 |
Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed … |
196
|
2026-02-11 |
| CVE-2026-2313 |
HIGH
|
8.8 |
Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote … |
196
|
2026-02-11 |
| CVE-2025-69874 |
CRIT
|
9.8 |
nanotar through 0.2.0 has a path traversal vulnerability in parseTar() and pars… |
15
|
2026-02-11 |
| CVE-2023-31324 |
HIGH
|
7.8 |
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor… |
15
|
2026-02-11 |
| CVE-2023-20548 |
HIGH
|
7.8 |
A Time-of-check time-of-use (TOCTOU) race condition in the AMD Secure Processor… |
15
|
2026-02-11 |
| CVE-2026-1458 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.0 … |
54
|
2026-02-11 |
| CVE-2026-1456 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.7… |
54
|
2026-02-11 |
| CVE-2026-1387 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab EE affecting all versions from 15.6 be… |
54
|
2026-02-11 |
| CVE-2026-1282 |
LOW
|
3.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6… |
54
|
2026-02-11 |
| CVE-2026-1094 |
MED
|
4.6 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8… |
54
|
2026-02-11 |
| CVE-2026-1080 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab EE affecting all versions from 16.7 be… |
54
|
2026-02-11 |
| CVE-2026-0958 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4… |
54
|
2026-02-11 |
| CVE-2026-0595 |
HIGH
|
7.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9… |
54
|
2026-02-11 |
| CVE-2025-8099 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.8… |
54
|
2026-02-11 |
| CVE-2025-7659 |
HIGH
|
8.0 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2… |
54
|
2026-02-11 |
| CVE-2025-14594 |
LOW
|
3.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1… |
54
|
2026-02-11 |
| CVE-2025-14592 |
LOW
|
3.7 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6… |
54
|
2026-02-11 |
| CVE-2025-14560 |
HIGH
|
7.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1… |
54
|
2026-02-11 |
| CVE-2025-12575 |
MED
|
5.4 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 be… |
54
|
2026-02-11 |
| CVE-2025-12073 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.0… |
54
|
2026-02-11 |
| CVE-2026-26006 |
MED
|
6.5 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-10 |
| CVE-2026-21349 |
HIGH
|
7.8 |
Lightroom Desktop versions 15.1 and earlier are affected by an out-of-bounds wr… |
164
|
2026-02-10 |
| CVE-2026-21348 |
MED
|
5.5 |
Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bou… |
72
|
2026-02-10 |
| CVE-2026-25506 |
HIGH
|
7.7 |
MUNGE is an authentication service for creating and validating user credentials… |
2
|
2026-02-10 |
| CVE-2026-21355 |
MED
|
5.5 |
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read v… |
72
|
2026-02-10 |
| CVE-2026-21354 |
MED
|
5.5 |
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or … |
72
|
2026-02-10 |
| CVE-2026-21353 |
HIGH
|
7.8 |
DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or … |
72
|
2026-02-10 |
| CVE-2026-21352 |
HIGH
|
7.8 |
DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write … |
72
|
2026-02-10 |
| CVE-2026-21347 |
HIGH
|
7.8 |
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow … |
166
|
2026-02-10 |
| CVE-2026-21346 |
HIGH
|
7.8 |
Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds wri… |
166
|
2026-02-10 |
| CVE-2026-21345 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bound… |
80
|
2026-02-10 |
| CVE-2026-21344 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bound… |
80
|
2026-02-10 |
| CVE-2026-21343 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bound… |
80
|
2026-02-10 |
| CVE-2026-21342 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bound… |
80
|
2026-02-10 |
| CVE-2026-21341 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bound… |
80
|
2026-02-10 |
| CVE-2026-25646 |
HIGH
|
8.1 |
LIBPNG is a reference library for use in applications that read, create, and ma… |
11
|
2026-02-10 |
| CVE-2026-23655 |
MED
|
6.5 |
Cleartext storage of sensitive information in Azure Compute Gallery allows an a… |
844
|
2026-02-10 |
| CVE-2026-21537 |
HIGH
|
8.8 |
Improper control of generation of code ('code injection') in Microsoft Defender… |
2267
|
2026-02-10 |
| CVE-2026-21531 |
CRIT
|
9.8 |
Deserialization of untrusted data in Azure SDK allows an unauthorized attacker … |
571
|
2026-02-10 |
| CVE-2026-21529 |
MED
|
5.7 |
Improper neutralization of input during web page generation ('cross-site script… |
980
|
2026-02-10 |
| CVE-2026-21528 |
MED
|
6.5 |
Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthori… |
573
|
2026-02-10 |
| CVE-2026-21527 |
MED
|
6.5 |
User interface (ui) misrepresentation of critical information in Microsoft Exch… |
1050
|
2026-02-10 |
| CVE-2026-21523 |
HIGH
|
8.0 |
Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual … |
733
|
2026-02-10 |
| CVE-2026-21522 |
MED
|
6.7 |
Improper neutralization of special elements used in a command ('command injecti… |
584
|
2026-02-10 |
| CVE-2026-21518 |
HIGH
|
8.8 |
Improper neutralization of special elements used in a command ('command injecti… |
733
|
2026-02-10 |
| CVE-2026-21517 |
MED
|
4.7 |
Improper link resolution before file access ('link following') in Windows App f… |
1004
|
2026-02-10 |
| CVE-2026-21516 |
HIGH
|
8.8 |
Improper neutralization of special elements used in a command ('command injecti… |
677
|
2026-02-10 |
| CVE-2026-21514 |
HIGH
|
7.8 |
Reliance on untrusted inputs in a security decision in Microsoft Office Word al… |
2267
|
2026-02-10 |
| CVE-2026-21511 |
HIGH
|
7.5 |
Deserialization of untrusted data in Microsoft Office Outlook allows an unautho… |
2273
|
2026-02-10 |
| CVE-2026-21358 |
MED
|
5.5 |
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based… |
198
|
2026-02-10 |
| CVE-2026-21357 |
HIGH
|
7.8 |
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based… |
198
|
2026-02-10 |
| CVE-2026-21351 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulner… |
502
|
2026-02-10 |
| CVE-2026-21350 |
MED
|
5.5 |
After Effects versions 25.6 and earlier are affected by a NULL Pointer Derefere… |
502
|
2026-02-10 |
| CVE-2026-21340 |
MED
|
5.5 |
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bo… |
164
|
2026-02-10 |
| CVE-2026-21339 |
MED
|
5.5 |
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bo… |
164
|
2026-02-10 |
| CVE-2026-21338 |
MED
|
5.5 |
Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Point… |
164
|
2026-02-10 |
| CVE-2026-21337 |
MED
|
5.5 |
Substance3D - Designer versions 15.1.0 and earlier are affected by an Out-of-bo… |
164
|
2026-02-10 |
| CVE-2026-21336 |
MED
|
5.5 |
Substance3D - Designer versions 15.1.0 and earlier are affected by a NULL Point… |
164
|
2026-02-10 |
| CVE-2026-21335 |
HIGH
|
7.8 |
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bo… |
164
|
2026-02-10 |
| CVE-2026-21334 |
HIGH
|
7.8 |
Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bo… |
164
|
2026-02-10 |
| CVE-2026-21332 |
MED
|
5.5 |
InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bo… |
198
|
2026-02-10 |
| CVE-2026-21330 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an Access of Resource U… |
502
|
2026-02-10 |
| CVE-2026-21329 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulner… |
502
|
2026-02-10 |
| CVE-2026-21328 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds write … |
502
|
2026-02-10 |
| CVE-2026-21327 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds write … |
502
|
2026-02-10 |
| CVE-2026-21326 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulner… |
502
|
2026-02-10 |
| CVE-2026-21325 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds read v… |
502
|
2026-02-10 |
| CVE-2026-21324 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds read v… |
502
|
2026-02-10 |
| CVE-2026-21323 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulner… |
502
|
2026-02-10 |
| CVE-2026-21322 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds read v… |
502
|
2026-02-10 |
| CVE-2026-21321 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an Integer Overflow or … |
502
|
2026-02-10 |
| CVE-2026-21320 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by a Use After Free vulner… |
502
|
2026-02-10 |
| CVE-2026-21319 |
MED
|
5.5 |
After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read v… |
502
|
2026-02-10 |
| CVE-2026-21318 |
HIGH
|
7.8 |
After Effects versions 25.6 and earlier are affected by an out-of-bounds write … |
502
|
2026-02-10 |
| CVE-2026-21317 |
MED
|
5.5 |
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulner… |
499
|
2026-02-10 |
| CVE-2026-21316 |
MED
|
5.5 |
Audition versions 25.3 and earlier are affected by an Access of Memory Location… |
499
|
2026-02-10 |
| CVE-2026-21315 |
MED
|
5.5 |
Audition versions 25.3 and earlier are affected by an Out-of-bounds Read vulner… |
499
|
2026-02-10 |
| CVE-2026-21314 |
MED
|
5.5 |
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulner… |
499
|
2026-02-10 |
| CVE-2026-21313 |
MED
|
5.5 |
Audition versions 25.3 and earlier are affected by an out-of-bounds read vulner… |
499
|
2026-02-10 |
| CVE-2026-21312 |
HIGH
|
7.8 |
Audition versions 25.3 and earlier are affected by an out-of-bounds write vulne… |
499
|
2026-02-10 |
| CVE-2026-21261 |
MED
|
5.5 |
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to… |
2274
|
2026-02-10 |
| CVE-2026-21260 |
HIGH
|
7.5 |
Exposure of sensitive information to an unauthorized actor in Microsoft Office … |
2273
|
2026-02-10 |
| CVE-2026-21259 |
HIGH
|
7.8 |
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized att… |
2274
|
2026-02-10 |
| CVE-2026-21258 |
MED
|
5.5 |
Improper input validation in Microsoft Office Excel allows an unauthorized atta… |
2274
|
2026-02-10 |
| CVE-2026-21257 |
HIGH
|
8.0 |
Improper neutralization of special elements used in a command ('command injecti… |
571
|
2026-02-10 |
| CVE-2026-21256 |
HIGH
|
8.8 |
Improper neutralization of special elements used in a command ('command injecti… |
571
|
2026-02-10 |
| CVE-2026-21229 |
HIGH
|
8.0 |
Improper input validation in Power BI allows an authorized attacker to execute … |
1020
|
2026-02-10 |
| CVE-2026-21228 |
HIGH
|
8.1 |
Improper certificate validation in Azure Local allows an unauthorized attacker … |
2160
|
2026-02-10 |
| CVE-2026-21218 |
HIGH
|
7.5 |
Improper handling of missing special element in .NET allows an unauthorized att… |
571
|
2026-02-10 |
| CVE-2026-20841 |
HIGH
|
7.8 |
Improper neutralization of special elements used in a command ('command injecti… |
1004
|
2026-02-10 |
| CVE-2025-32003 |
MED
|
6.5 |
Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet Network Ad… |
17
|
2026-02-10 |
| CVE-2025-27535 |
MED
|
5.3 |
Exposed ioctl with insufficient access control in the firmware for some Intel(R… |
17
|
2026-02-10 |
| CVE-2025-27243 |
MED
|
6.0 |
Out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810 … |
17
|
2026-02-10 |
| CVE-2025-24851 |
MED
|
6.0 |
Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet Controller… |
17
|
2026-02-10 |
| CVE-2025-62676 |
HIGH
|
7.1 |
An Improper Link Resolution Before File Access ('Link Following') vulnerability… |
1
|
2026-02-10 |
| CVE-2026-25656 |
HIGH
|
7.8 |
A vulnerability has been identified in SINEC NMS (All versions), User Managemen… |
4
|
2026-02-10 |
| CVE-2026-23906 |
CRIT
|
9.8 |
Affected Products and Versions
* Apache Druid
* Affected Versions: 0.17.0… |
4
|
2026-02-10 |
| CVE-2026-23720 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-23719 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-23718 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-23717 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-23716 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-23715 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512), … |
4
|
2026-02-10 |
| CVE-2026-22923 |
HIGH
|
7.8 |
A vulnerability has been identified in NX (All versions < V2512), NX (Managed M… |
7
|
2026-02-10 |
| CVE-2026-2099 |
MED
|
5.4 |
AgentFlow developed by Flowring has a Stored Cross-Site Scripting vulnerability… |
8
|
2026-02-10 |
| CVE-2026-2098 |
MED
|
6.1 |
AgentFlow developed by Flowring has a Reflected Cross-site Scripting vulnerabil… |
8
|
2026-02-10 |
| CVE-2026-2097 |
HIGH
|
8.8 |
Agentflow developed by Flowring has an Arbitrary File Upload vulnerability, all… |
8
|
2026-02-10 |
| CVE-2026-2096 |
CRIT
|
9.8 |
Agentflow developed by Flowring has a Missing Authentication vulnerability, all… |
8
|
2026-02-10 |
| CVE-2026-2095 |
CRIT
|
9.8 |
Agentflow developed by Flowring has an Authentication Bypass vulnerability, all… |
8
|
2026-02-10 |
| CVE-2025-12063 |
MED
|
5.7 |
An insecure direct object reference allowed a non-admin user to modify or remov… |
1
|
2026-02-10 |
| CVE-2025-13064 |
MED
|
4.5 |
A server-side injection was possible for a malicious admin to manipulate the ap… |
1
|
2026-02-10 |
| CVE-2025-12757 |
MED
|
4.6 |
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-… |
1
|
2026-02-10 |
| CVE-2025-11547 |
HIGH
|
7.8 |
AXIS Camera Station Pro contained a flaw to perform a privilege escalation atta… |
1
|
2026-02-10 |
| CVE-2026-24328 |
MED
|
6.1 |
SAP TAF_APPLAUNCHER within Business Server Pages allows unauthenticated attacke… |
23
|
2026-02-10 |
| CVE-2026-24324 |
MED
|
6.5 |
SAP BusinessObjects Business Intelligence Platform (AdminTools) allows an authe… |
4
|
2026-02-10 |
| CVE-2026-24323 |
MED
|
6.1 |
The BSP applications allow an unauthenticated user to inject malicious script c… |
151
|
2026-02-10 |
| CVE-2026-24322 |
HIGH
|
7.7 |
SAP Solution Tools Plug-In (ST-PI) contains a function module that does not per… |
46
|
2026-02-10 |
| CVE-2026-23681 |
MED
|
4.3 |
Due to missing authorization check in a function module in SAP Support Tools Pl… |
46
|
2026-02-10 |
| CVE-2026-0508 |
HIGH
|
7.3 |
The SAP BusinessObjects Business Intelligence Platform allows an authenticated … |
4
|
2026-02-10 |
| CVE-2026-0505 |
MED
|
6.1 |
The BSP applications allow an unauthenticated user to manipulate user-controlle… |
151
|
2026-02-10 |
| CVE-2026-0490 |
HIGH
|
7.5 |
SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a s… |
4
|
2026-02-10 |
| CVE-2026-0486 |
MED
|
5.0 |
In ABAP based SAP systems a remote enabled function module does not perform nec… |
46
|
2026-02-10 |
| CVE-2026-0485 |
HIGH
|
7.5 |
SAP BusinessObjects BI Platform allows an unauthenticated attacker to send spec… |
4
|
2026-02-10 |
| CVE-2025-15310 |
HIGH
|
7.8 |
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint T… |
10
|
2026-02-10 |
| CVE-2026-25934 |
MED
|
4.3 |
go-git is a highly extensible git implementation library written in pure Go. Pr… |
96
|
2026-02-09 |
| CVE-2025-15319 |
HIGH
|
7.8 |
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint T… |
9
|
2026-02-09 |
| CVE-2026-25961 |
HIGH
|
7.5 |
SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, Sumatr… |
1
|
2026-02-09 |
| CVE-2026-25920 |
MED
|
5.5 |
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, a heap o… |
3
|
2026-02-09 |
| CVE-2026-25892 |
HIGH
|
7.5 |
Adminer is open-source database management software. Adminer v5.4.1 and earlier… |
4
|
2026-02-09 |
| CVE-2026-25880 |
HIGH
|
7.8 |
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF … |
3
|
2026-02-09 |
| CVE-2025-15317 |
MED
|
6.5 |
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium S… |
5
|
2026-02-09 |
| CVE-2025-15316 |
MED
|
6.7 |
Tanium addressed a local privilege escalation vulnerability in Tanium Server. |
5
|
2026-02-09 |
| CVE-2025-15315 |
MED
|
6.7 |
Tanium addressed a local privilege escalation vulnerability in Tanium Module Se… |
5
|
2026-02-09 |
| CVE-2026-25878 |
MED
|
5.3 |
FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the A… |
1
|
2026-02-09 |
| CVE-2026-25480 |
MED
|
6.5 |
Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to… |
23
|
2026-02-09 |
| CVE-2026-25479 |
MED
|
6.5 |
Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to… |
23
|
2026-02-09 |
| CVE-2026-25478 |
HIGH
|
7.4 |
Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to… |
23
|
2026-02-09 |
| CVE-2026-24684 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24683 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. ainput_send_in… |
1
|
2026-02-09 |
| CVE-2026-24682 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24681 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24680 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24679 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24678 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24677 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24676 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24675 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-24491 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-23948 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.… |
1
|
2026-02-09 |
| CVE-2026-25848 |
CRIT
|
9.1 |
In JetBrains Hub before 2025.3.119807 authentication bypass allowing administra… |
45
|
2026-02-09 |
| CVE-2026-25847 |
HIGH
|
8.2 |
In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was… |
29
|
2026-02-09 |
| CVE-2026-25846 |
MED
|
6.5 |
In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Ma… |
30
|
2026-02-09 |
| CVE-2026-2226 |
MED
|
4.7 |
A vulnerability has been found in DouPHP up to 1.9. This issue affects some unk… |
12
|
2026-02-09 |
| CVE-2025-66598 |
HIGH
|
7.5 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66597 |
HIGH
|
7.5 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66596 |
MED
|
6.1 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66595 |
MED
|
5.4 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66594 |
MED
|
5.3 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66608 |
HIGH
|
7.5 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66607 |
MED
|
5.3 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66606 |
CRIT
|
9.6 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66605 |
MED
|
5.3 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66604 |
MED
|
5.3 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66603 |
CRIT
|
9.8 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66602 |
CRIT
|
9.8 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2025-66601 |
MED
|
6.1 |
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corp… |
46
|
2026-02-09 |
| CVE-2026-2179 |
MED
|
4.7 |
A vulnerability was determined in PHPGurukul Hospital Management System 4.0. Th… |
12
|
2026-02-08 |
| CVE-2026-2178 |
MED
|
6.3 |
A vulnerability was found in r-huijts xcode-mcp-server up to f3419f00117aa9949e… |
13
|
2026-02-08 |
| CVE-2026-2134 |
MED
|
4.7 |
A security vulnerability has been detected in PHPGurukul Hospital Management Sy… |
12
|
2026-02-08 |
| CVE-2026-2130 |
MED
|
6.3 |
A vulnerability was determined in BurtTheCoder mcp-maigret up to 1.0.12. This a… |
1
|
2026-02-08 |
| CVE-2026-2088 |
HIGH
|
7.3 |
A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1… |
12
|
2026-02-07 |
| CVE-2020-37079 |
MED
|
4.3 |
Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery (C… |
1
|
2026-02-07 |
| CVE-2026-25793 |
HIGH
|
8.1 |
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2,… |
1
|
2026-02-06 |
| CVE-2026-25749 |
MED
|
6.6 |
Vim is an open source, command line text editor. Prior to version 9.1.2132, a h… |
13
|
2026-02-06 |
| CVE-2026-1731 |
CRIT
|
9.8 |
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote… |
125
|
2026-02-06 |
| CVE-2026-25731 |
HIGH
|
7.8 |
calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection … |
3
|
2026-02-06 |
| CVE-2026-25636 |
HIGH
|
8.2 |
calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerabil… |
3
|
2026-02-06 |
| CVE-2026-25635 |
HIGH
|
8.6 |
calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a p… |
3
|
2026-02-06 |
| CVE-2026-25727 |
MED
|
6.5 |
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when… |
14
|
2026-02-06 |
| CVE-2026-25642 |
MED
|
4.3 |
HedgeDoc is an open source, real-time, collaborative, markdown notes applicatio… |
19
|
2026-02-06 |
| CVE-2026-25650 |
HIGH
|
7.5 |
MCP Salesforce Connector is a Model Context Protocol (MCP) server implementatio… |
8
|
2026-02-06 |
| CVE-2026-24050 |
MED
|
5.4 |
Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some … |
1
|
2026-02-06 |
| CVE-2026-25725 |
CRIT
|
10.0 |
Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bu… |
44
|
2026-02-06 |
| CVE-2026-25724 |
HIGH
|
7.5 |
Claude Code is an agentic coding tool. Prior to version 2.1.7, Claude Code fail… |
44
|
2026-02-06 |
| CVE-2026-25723 |
MED
|
6.5 |
Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code fai… |
44
|
2026-02-06 |
| CVE-2026-25722 |
CRIT
|
9.1 |
Claude Code is an agentic coding tool. Prior to version 2.0.57, Claude Code fai… |
44
|
2026-02-06 |
| CVE-2026-24903 |
MED
|
5.4 |
OrcaStatLLM Researcher is an LLM Based Research Paper Generator. A Stored Cross… |
8
|
2026-02-06 |
| CVE-2026-2058 |
HIGH
|
7.3 |
A flaw has been found in mathurvishal CloudClassroom-PHP-Project up to 5dadec09… |
12
|
2026-02-06 |
| CVE-2026-21643 |
CRIT
|
9.8 |
An improper neutralization of special elements used in an sql command ('sql inj… |
1
|
2026-02-06 |
| CVE-2026-1998 |
LOW
|
3.3 |
A flaw has been found in micropython up to 1.27.0. This vulnerability affects t… |
4
|
2026-02-06 |
| CVE-2026-24302 |
HIGH
|
8.6 |
Azure Arc Elevation of Privilege Vulnerability |
2267
|
2026-02-05 |
| CVE-2026-24300 |
CRIT
|
9.8 |
Azure Front Door Elevation of Privilege Vulnerability |
2267
|
2026-02-05 |
| CVE-2026-21532 |
HIGH
|
8.2 |
Azure Function Information Disclosure Vulnerability |
2267
|
2026-02-05 |
| CVE-2026-0391 |
MED
|
6.5 |
User interface (ui) misrepresentation of critical information in Microsoft Edge… |
2134
|
2026-02-05 |
| CVE-2025-68458 |
LOW
|
3.7 |
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experi… |
2
|
2026-02-05 |
| CVE-2025-68157 |
LOW
|
3.7 |
Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experi… |
2
|
2026-02-05 |
| CVE-2025-32393 |
MED
|
6.5 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-05 |
| CVE-2025-15343 |
MED
|
6.5 |
Tanium addressed an incorrect default permissions vulnerability in Enforce. |
8
|
2026-02-05 |
| CVE-2025-15339 |
MED
|
6.5 |
Tanium addressed an incorrect default permissions vulnerability in Discover. |
1
|
2026-02-05 |
| CVE-2025-15337 |
MED
|
6.5 |
Tanium addressed an incorrect default permissions vulnerability in Patch. |
9
|
2026-02-05 |
| CVE-2025-15331 |
MED
|
4.3 |
Tanium addressed an uncontrolled resource consumption vulnerability in Connect. |
1
|
2026-02-05 |
| CVE-2025-15328 |
MED
|
5.0 |
Tanium addressed an improper link resolution before file access vulnerability i… |
8
|
2026-02-05 |
| CVE-2025-15326 |
MED
|
4.3 |
Tanium addressed an improper access controls vulnerability in Patch. |
9
|
2026-02-05 |
| CVE-2025-15325 |
MED
|
6.3 |
Tanium addressed an improper input validation vulnerability in Discover. |
3
|
2026-02-05 |
| CVE-2026-1707 |
HIGH
|
7.4 |
pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disc… |
1
|
2026-02-05 |
| CVE-2025-68121 |
CRIT
|
10.0 |
During session resumption in crypto/tls, if the underlying Config has its Clien… |
129
|
2026-02-05 |
| CVE-2025-58190 |
MED
|
5.3 |
The html.Parse function in golang.org/x/net/html has an infinite parsing loop w… |
122
|
2026-02-05 |
| CVE-2025-47911 |
MED
|
5.3 |
The html.Parse function in golang.org/x/net/html has quadratic parsing complexi… |
122
|
2026-02-05 |
| CVE-2020-37152 |
MED
|
6.1 |
PHP-Fusion 9.03.50 panels.php is vulnerable to cross-site scripting (XSS) via t… |
12
|
2026-02-05 |
| CVE-2020-37137 |
MED
|
6.1 |
PHP-Fusion 9.03.50 contains a remote code execution vulnerability in the 'add_p… |
12
|
2026-02-05 |
| CVE-2020-37133 |
HIGH
|
7.5 |
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Rep… |
4
|
2026-02-05 |
| CVE-2020-37132 |
MED
|
6.2 |
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in its pas… |
4
|
2026-02-05 |
| CVE-2020-37151 |
HIGH
|
8.2 |
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php p… |
12
|
2026-02-05 |
| CVE-2025-61732 |
HIGH
|
8.6 |
A discrepancy between how Go and C/C++ comments were parsed allowed for code sm… |
129
|
2026-02-05 |
| CVE-2026-22038 |
HIGH
|
8.1 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-04 |
| CVE-2025-62616 |
CRIT
|
9.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-04 |
| CVE-2025-62615 |
CRIT
|
9.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-02-04 |
| CVE-2025-22873 |
LOW
|
3.8 |
It was possible to improperly access the parent directory of an os.Root by open… |
129
|
2026-02-04 |
| CVE-2026-25517 |
LOW
|
2.7 |
Wagtail is an open source content management system built on Django. Prior to v… |
8
|
2026-02-04 |
| CVE-2026-1554 |
MED
|
4.2 |
XML Injection (aka Blind XPath Injection) vulnerability in Drupal Central Authe… |
1
|
2026-02-04 |
| CVE-2026-0944 |
MED
|
5.3 |
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Gr… |
1
|
2026-02-04 |
| CVE-2026-0536 |
HIGH
|
7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause… |
32
|
2026-02-04 |
| CVE-2026-20123 |
MED
|
4.3 |
A vulnerability in the web-based management interface of Cisco Evolved Programm… |
87
|
2026-02-04 |
| CVE-2026-20111 |
MED
|
4.8 |
A vulnerability in the web-based management interface of Cisco Prime Infrastruc… |
87
|
2026-02-04 |
| CVE-2026-20098 |
HIGH
|
8.8 |
A vulnerability in the Certificate Management feature of Cisco Meeting Manageme… |
87
|
2026-02-04 |
| CVE-2026-0662 |
HIGH
|
7.8 |
A maliciously crafted project directory, when opening a max file in Autodesk 3d… |
32
|
2026-02-04 |
| CVE-2026-0661 |
HIGH
|
7.8 |
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force… |
32
|
2026-02-04 |
| CVE-2026-0660 |
HIGH
|
7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can cause… |
32
|
2026-02-04 |
| CVE-2026-0538 |
HIGH
|
7.8 |
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force… |
32
|
2026-02-04 |
| CVE-2026-0537 |
HIGH
|
7.8 |
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force… |
32
|
2026-02-04 |
| CVE-2026-22549 |
MED
|
4.9 |
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow e… |
3
|
2026-02-04 |
| CVE-2026-22548 |
MED
|
5.9 |
When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual se… |
2
|
2026-02-04 |
| CVE-2026-20732 |
LOW
|
3.1 |
A vulnerability exists in an undisclosed BIG-IP Configuration utility page that… |
20
|
2026-02-04 |
| CVE-2026-20730 |
LOW
|
3.3 |
A vulnerability exists in BIG-IP Edge Client and browser VPN clients on Windows… |
2
|
2026-02-04 |
| CVE-2026-1642 |
MED
|
5.9 |
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to … |
3
|
2026-02-04 |
| CVE-2026-24887 |
HIGH
|
8.8 |
Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error… |
44
|
2026-02-03 |
| CVE-2026-24053 |
MED
|
6.5 |
Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash c… |
44
|
2026-02-03 |
| CVE-2026-24052 |
HIGH
|
7.4 |
Claude Code is an agentic coding tool. Prior to version 1.0.111, Claude Code co… |
8
|
2026-02-03 |
| CVE-2026-1862 |
HIGH
|
8.8 |
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote … |
192
|
2026-02-03 |
| CVE-2026-1861 |
HIGH
|
8.8 |
Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed… |
192
|
2026-02-03 |
| CVE-2026-1801 |
MED
|
5.3 |
A flaw was found in libsoup, an HTTP client/server library. This HTTP Request S… |
15
|
2026-02-03 |
| CVE-2026-24774 |
MED
|
4.3 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24773 |
HIGH
|
7.5 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24674 |
MED
|
4.7 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24673 |
MED
|
4.3 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24672 |
HIGH
|
7.3 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24671 |
MED
|
6.1 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24670 |
MED
|
6.5 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24669 |
HIGH
|
7.8 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24668 |
MED
|
6.5 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24667 |
MED
|
5.0 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24666 |
MED
|
6.5 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24665 |
HIGH
|
8.7 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2026-24664 |
MED
|
5.3 |
The Open eClass platform (formerly known as GUnet eClass) is a complete course … |
7
|
2026-02-03 |
| CVE-2025-70560 |
HIGH
|
8.4 |
Boltz 2.0.0 contains an insecure deserialization vulnerability in its molecule … |
8
|
2026-02-03 |
| CVE-2025-60865 |
HIGH
|
7.8 |
Insecure Permissions vulnerability in avanquest Driver Updater v.9.1.57803.1174… |
2
|
2026-02-03 |
| CVE-2020-37116 |
HIGH
|
8.8 |
GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows re… |
4
|
2026-02-03 |
| CVE-2020-37115 |
MED
|
6.5 |
GUnet OpenEclass 1.7.3 stores user credentials in plaintext, allowing administr… |
4
|
2026-02-03 |
| CVE-2020-37114 |
MED
|
4.3 |
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access… |
4
|
2026-02-03 |
| CVE-2020-37113 |
HIGH
|
8.8 |
GUnet OpenEclass 1.7.3 allows authenticated users to bypass file extension rest… |
4
|
2026-02-03 |
| CVE-2020-37112 |
HIGH
|
7.1 |
GUnet OpenEclass 1.7.3 contains multiple SQL injection vulnerabilities that all… |
4
|
2026-02-03 |
| CVE-2019-25261 |
HIGH
|
7.8 |
AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows se… |
5
|
2026-02-03 |
| CVE-2026-1592 |
MED
|
6.3 |
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulne… |
18
|
2026-02-03 |
| CVE-2026-1591 |
MED
|
6.3 |
Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulne… |
18
|
2026-02-03 |
| CVE-2026-25228 |
MED
|
5.0 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
1
|
2026-02-02 |
| CVE-2026-24737 |
HIGH
|
8.1 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control… |
13
|
2026-02-02 |
| CVE-2026-24133 |
MED
|
6.5 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control… |
13
|
2026-02-02 |
| CVE-2026-24043 |
MED
|
5.4 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, user control… |
13
|
2026-02-02 |
| CVE-2026-24040 |
MED
|
4.8 |
jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS me… |
13
|
2026-02-02 |
| CVE-2026-23515 |
CRIT
|
9.9 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
1
|
2026-02-02 |
| CVE-2025-66480 |
CRIT
|
9.8 |
Wildfire IM is an instant messaging and real-time audio/video solution. Prior t… |
1
|
2026-02-02 |
| CVE-2025-13096 |
HIGH
|
7.1 |
IBM Business Automation Workflow containers V25.0.0 through V25.0.0-IF007, V24.… |
8
|
2026-02-02 |
| CVE-2026-1751 |
LOW
|
3.1 |
A vulnerability has been discovered in GitLab CE/EE affecting all versions star… |
54
|
2026-02-02 |
| CVE-2026-20418 |
CRIT
|
9.8 |
In Thread, there is a possible out of bounds write due to a missing bounds chec… |
117
|
2026-02-02 |
| CVE-2026-25202 |
CRIT
|
9.8 |
The database account and password are hardcoded, allowing login with the accoun… |
1
|
2026-02-02 |
| CVE-2026-25201 |
HIGH
|
8.8 |
An unauthenticated user can upload arbitrary files to execute remote code, lead… |
1
|
2026-02-02 |
| CVE-2026-25200 |
CRIT
|
9.8 |
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML fil… |
1
|
2026-02-02 |
| CVE-2021-47919 |
MED
|
6.4 |
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in … |
12
|
2026-02-01 |
| CVE-2021-47918 |
HIGH
|
8.1 |
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privil… |
12
|
2026-02-01 |
| CVE-2021-47917 |
MED
|
6.4 |
Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user… |
12
|
2026-02-01 |
| CVE-2021-47915 |
HIGH
|
8.1 |
PHP Melody version 3.0 contains a remote SQL injection vulnerability in the vid… |
12
|
2026-02-01 |
| CVE-2021-47914 |
MED
|
6.4 |
PHP Melody version 3.0 contains a persistent cross-site scripting vulnerability… |
12
|
2026-02-01 |
| CVE-2021-47913 |
MED
|
6.4 |
PHP Melody 3.0 contains a persistent cross-site scripting vulnerability in the … |
12
|
2026-02-01 |
| CVE-2021-47912 |
MED
|
6.4 |
PHP Melody version 3.0 contains multiple non-persistent cross-site scripting vu… |
12
|
2026-02-01 |
| CVE-2026-25154 |
MED
|
6.1 |
LocalSend is a free, open-source app that allows users to share files and messa… |
2
|
2026-01-30 |
| CVE-2025-51958 |
CRIT
|
9.8 |
aelsantex runcommand 2014-04-01, a plugin for DokuWiki, allows unauthenticated … |
7
|
2026-01-30 |
| CVE-2026-22277 |
HIGH
|
7.8 |
Dell UnityVSA, version(s) 5.4 and prior, contain(s) an Improper Neutralization … |
34
|
2026-01-30 |
| CVE-2026-21418 |
HIGH
|
7.8 |
Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization o… |
34
|
2026-01-30 |
| CVE-2025-15322 |
MED
|
4.3 |
Tanium addressed an improper access controls vulnerability in Tanium Server. |
5
|
2026-01-30 |
| CVE-2026-25061 |
HIGH
|
7.5 |
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61,… |
59
|
2026-01-29 |
| CVE-2026-25047 |
HIGH
|
8.8 |
deepHas provides a test for the existence of a nested object key and optionally… |
1
|
2026-01-29 |
| CVE-2026-24846 |
MED
|
5.5 |
malcontent discovers supply-chain compromises through. context, differential an… |
1
|
2026-01-29 |
| CVE-2026-24845 |
MED
|
6.5 |
malcontent discovers supply-chain compromises through. context, differential an… |
4
|
2026-01-29 |
| CVE-2026-24780 |
HIGH
|
8.8 |
AutoGPT is a platform that allows users to create, deploy, and manage continuou… |
4
|
2026-01-29 |
| CVE-2026-24414 |
MED
|
5.5 |
The Icinga PowerShell Framework provides configuration and check possibilities … |
3
|
2026-01-29 |
| CVE-2025-62514 |
HIGH
|
8.3 |
Parsec is a cloud-based application for cryptographically secure file sharing. … |
1
|
2026-01-29 |
| CVE-2026-22764 |
MED
|
4.3 |
Dell OpenManage Network Integration, versions prior to 3.9, contains an Imprope… |
6
|
2026-01-29 |
| CVE-2026-23571 |
MED
|
6.8 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2026-01-29 |
| CVE-2026-23570 |
MED
|
6.5 |
A missing validation of a user-controlled value in the TeamViewer DEX Client (f… |
96
|
2026-01-29 |
| CVE-2026-23569 |
MED
|
6.5 |
An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Cli… |
96
|
2026-01-29 |
| CVE-2026-23568 |
MED
|
5.4 |
An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Cli… |
96
|
2026-01-29 |
| CVE-2026-23567 |
MED
|
6.5 |
An integer underflow in the UDP command handler of the TeamViewer DEX Client (f… |
96
|
2026-01-29 |
| CVE-2026-23566 |
MED
|
6.5 |
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribut… |
96
|
2026-01-29 |
| CVE-2026-23565 |
MED
|
6.5 |
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribut… |
96
|
2026-01-29 |
| CVE-2026-23564 |
MED
|
6.5 |
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribut… |
96
|
2026-01-29 |
| CVE-2026-23563 |
MED
|
5.7 |
Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore… |
96
|
2026-01-29 |
| CVE-2026-25067 |
MED
|
5.3 |
SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticat… |
46
|
2026-01-29 |
| CVE-2026-1550 |
MED
|
6.3 |
A security flaw has been discovered in PHPGurukul Hospital Management System 1.… |
12
|
2026-01-28 |
| CVE-2026-24888 |
MED
|
6.5 |
Maker.js is a 2D vector line drawing and shape modeling for CNC and laser cutte… |
578
|
2026-01-28 |
| CVE-2026-24835 |
HIGH
|
7.1 |
Podman Desktop is a graphical tool for developing on containers and Kubernetes.… |
12
|
2026-01-28 |
| CVE-2025-68119 |
HIGH
|
7.0 |
Downloading and building modules with malicious version strings can cause local… |
129
|
2026-01-28 |
| CVE-2025-61731 |
HIGH
|
7.8 |
Building a malicious file with cmd/go can cause can cause a write to an attacke… |
129
|
2026-01-28 |
| CVE-2025-61730 |
MED
|
5.3 |
During the TLS 1.3 handshake if multiple messages are sent in records that span… |
129
|
2026-01-28 |
| CVE-2025-61728 |
MED
|
6.5 |
archive/zip uses a super-linear file name indexing algorithm that is invoked th… |
129
|
2026-01-28 |
| CVE-2025-61726 |
HIGH
|
7.5 |
The net/url package does not set a limit on the number of query parameters in a… |
129
|
2026-01-28 |
| CVE-2025-46691 |
HIGH
|
7.8 |
Dell PremierColor Panel Driver, versions prior to 1.0.0.1 A01, contains an Impr… |
3
|
2026-01-28 |
| CVE-2025-13982 |
HIGH
|
8.1 |
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Login Time Restrictio… |
14
|
2026-01-28 |
| CVE-2025-13981 |
MED
|
4.4 |
Improper Neutralization of Input During Web Page Generation ("Cross-site Script… |
8
|
2026-01-28 |
| CVE-2025-13979 |
MED
|
5.4 |
Privilege Defined With Unsafe Actions vulnerability in Drupal Mini site allows … |
96
|
2026-01-28 |
| CVE-2025-57796 |
MED
|
6.8 |
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption w… |
6
|
2026-01-28 |
| CVE-2025-57795 |
CRIT
|
9.9 |
Explorance Blue versions prior to 8.14.13 contain an authenticated remote file … |
6
|
2026-01-28 |
| CVE-2025-57794 |
CRIT
|
9.1 |
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted … |
6
|
2026-01-28 |
| CVE-2025-57793 |
HIGH
|
8.6 |
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability … |
6
|
2026-01-28 |
| CVE-2025-57792 |
CRIT
|
10.0 |
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability … |
6
|
2026-01-28 |
| CVE-2025-46316 |
MED
|
4.3 |
An out-of-bounds read was addressed with improved input validation. This issue … |
92
|
2026-01-28 |
| CVE-2025-46306 |
MED
|
5.5 |
The issue was addressed with improved bounds checks. This issue is fixed in Key… |
92
|
2026-01-28 |
| CVE-2026-1539 |
MED
|
5.8 |
A flaw was found in the libsoup HTTP library that can cause proxy authenticatio… |
15
|
2026-01-28 |
| CVE-2026-1536 |
MED
|
5.8 |
A flaw was found in libsoup. An attacker who can control the input for the Cont… |
15
|
2026-01-28 |
| CVE-2026-0818 |
MED
|
4.3 |
When a user explicitly requested Thunderbird to decrypt an inline OpenPGP messa… |
277
|
2026-01-28 |
| CVE-2026-24842 |
HIGH
|
8.2 |
node-tar,a Tar for Node.js, contains a vulnerability in versions prior to 7.5.7… |
23
|
2026-01-28 |
| CVE-2026-21569 |
HIGH
|
7.9 |
This High severity XXE (XML External Entity Injection) vulnerability was introd… |
4
|
2026-01-28 |
| CVE-2026-24778 |
HIGH
|
8.8 |
Ghost is an open source content management system. In Ghost versions 5.43.0 thr… |
10
|
2026-01-27 |
| CVE-2026-24765 |
HIGH
|
7.8 |
PHPUnit is a testing framework for PHP. A vulnerability has been discovered in … |
18
|
2026-01-27 |
| CVE-2026-24747 |
HIGH
|
8.8 |
PyTorch is a Python package that provides tensor computation. Prior to version … |
8
|
2026-01-27 |
| CVE-2026-1504 |
MED
|
6.5 |
Inappropriate implementation in Background Fetch API in Google Chrome prior to … |
189
|
2026-01-27 |
| CVE-2026-24858 |
CRIT
|
9.8 |
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-… |
1
|
2026-01-27 |
| CVE-2026-24883 |
LOW
|
3.7 |
In GnuPG before 2.5.17, a long signature packet length causes parse_signature t… |
10
|
2026-01-27 |
| CVE-2026-24882 |
HIGH
|
8.4 |
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon duri… |
10
|
2026-01-27 |
| CVE-2026-24881 |
HIGH
|
8.1 |
In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying a… |
10
|
2026-01-27 |
| CVE-2026-24116 |
MED
|
5.5 |
Wasmtime is a runtime for WebAssembly. Starting in version 29.0.0 and prior to … |
14
|
2026-01-27 |
| CVE-2026-22264 |
HIGH
|
7.4 |
Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.1… |
1
|
2026-01-27 |
| CVE-2026-22263 |
MED
|
5.3 |
Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and pr… |
1
|
2026-01-27 |
| CVE-2026-22262 |
MED
|
5.9 |
Suricata is a network IDS, IPS and NSM engine. While saving a dataset a stack b… |
1
|
2026-01-27 |
| CVE-2026-22261 |
LOW
|
3.7 |
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.… |
1
|
2026-01-27 |
| CVE-2026-22260 |
HIGH
|
7.5 |
Suricata is a network IDS, IPS and NSM engine. Starting in version 8.0.0 and pr… |
1
|
2026-01-27 |
| CVE-2026-22259 |
HIGH
|
7.5 |
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.… |
1
|
2026-01-27 |
| CVE-2026-22258 |
HIGH
|
7.5 |
Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.… |
1
|
2026-01-27 |
| CVE-2026-24869 |
HIGH
|
8.8 |
Use-after-free in the Layout: Scrolling and Overflow component. This vulnerabil… |
293
|
2026-01-27 |
| CVE-2026-24868 |
MED
|
6.5 |
Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability a… |
293
|
2026-01-27 |
| CVE-2026-22796 |
MED
|
5.3 |
Issue summary: A type confusion vulnerability exists in the signature
verificat… |
31
|
2026-01-27 |
| CVE-2026-22795 |
MED
|
5.5 |
Issue summary: An invalid or NULL pointer dereference can happen in
an applicat… |
31
|
2026-01-27 |
| CVE-2025-69421 |
HIGH
|
7.5 |
Issue summary: Processing a malformed PKCS#12 file can trigger a NULL pointer
d… |
31
|
2026-01-27 |
| CVE-2025-69420 |
HIGH
|
7.5 |
Issue summary: A type confusion vulnerability exists in the TimeStamp Response
… |
31
|
2026-01-27 |
| CVE-2025-69419 |
HIGH
|
7.4 |
Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously
craf… |
31
|
2026-01-27 |
| CVE-2025-69418 |
MED
|
4.0 |
Issue summary: When using the low-level OCB API directly with AES-NI or<br>othe… |
31
|
2026-01-27 |
| CVE-2025-68670 |
CRIT
|
9.1 |
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthentica… |
6
|
2026-01-27 |
| CVE-2025-68160 |
MED
|
4.7 |
Issue summary: Writing large, newline-free data into a BIO chain using the
line… |
31
|
2026-01-27 |
| CVE-2025-66199 |
MED
|
5.9 |
Issue summary: A TLS 1.3 connection using certificate compression can be
forced… |
27
|
2026-01-27 |
| CVE-2025-28164 |
MED
|
5.5 |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker t… |
11
|
2026-01-27 |
| CVE-2025-28162 |
MED
|
5.5 |
Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker t… |
11
|
2026-01-27 |
| CVE-2025-15469 |
MED
|
5.5 |
Issue summary: The 'openssl dgst' command-line tool silently truncates input
da… |
27
|
2026-01-27 |
| CVE-2025-15468 |
MED
|
5.9 |
Issue summary: If an application using the SSL_CIPHER_find() function in
a QUIC… |
27
|
2026-01-27 |
| CVE-2025-15467 |
HIGH
|
8.8 |
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with
mali… |
30
|
2026-01-27 |
| CVE-2025-11187 |
MED
|
6.1 |
Issue summary: PBMAC1 parameters in PKCS#12 files are missing validation
which … |
27
|
2026-01-27 |
| CVE-2026-21417 |
HIGH
|
7.0 |
Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plai… |
56
|
2026-01-27 |
| CVE-2026-1467 |
MED
|
5.8 |
A flaw was found in libsoup, an HTTP client library. This vulnerability, known … |
15
|
2026-01-27 |
| CVE-2026-24811 |
CRIT
|
9.8 |
Vulnerability in root-project root (builtins/zlib modules). This vulnerability … |
1
|
2026-01-27 |
| CVE-2026-21720 |
HIGH
|
7.5 |
Every uncached /avatar/:hash request spawns a goroutine that refreshes the Grav… |
2
|
2026-01-27 |
| CVE-2026-24486 |
HIGH
|
8.6 |
Python-Multipart is a streaming multipart parser for Python. Prior to version 0… |
4
|
2026-01-27 |
| CVE-2026-24408 |
N/A
|
— |
sigstore-python is a Python tool for generating and verifying Sigstore signatur… |
79
|
2026-01-26 |
| CVE-2026-0810 |
HIGH
|
7.1 |
A flaw was found in gix-date. The `gix_date::parse::TimeBuf::as_str` function c… |
54
|
2026-01-26 |
| CVE-2026-21509 |
HIGH
|
7.8 |
Reliance on untrusted inputs in a security decision in Microsoft Office allows … |
2272
|
2026-01-26 |
| CVE-2026-1446 |
MED
|
5.0 |
There is a Cross‑Site Scripting (XSS) issue in Esri ArcGIS Pro versions 3.6.0 a… |
17
|
2026-01-26 |
| CVE-2026-1224 |
MED
|
4.9 |
Tanium addressed an uncontrolled resource consumption vulnerability in Discover. |
1
|
2026-01-26 |
| CVE-2026-0925 |
LOW
|
2.7 |
Tanium addressed an improper input validation vulnerability in Discover. |
1
|
2026-01-26 |
| CVE-2025-50537 |
MED
|
5.5 |
Stack overflow vulnerability in eslint before 9.26.0 when serializing objects w… |
2
|
2026-01-26 |
| CVE-2016-15057 |
CRIT
|
9.9 |
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements use… |
4
|
2026-01-26 |
| CVE-2026-1429 |
MED
|
5.4 |
Single Sign-On Portal System developed by WellChoose has a Reflected Cross-site… |
1
|
2026-01-26 |
| CVE-2026-1428 |
HIGH
|
8.8 |
Single Sign-On Portal System developed by WellChoose has a OS Command Injection… |
1
|
2026-01-26 |
| CVE-2026-1427 |
HIGH
|
8.8 |
Single Sign-On Portal System developed by WellChoose has a OS Command Injection… |
1
|
2026-01-26 |
| CVE-2026-1424 |
MED
|
4.7 |
A vulnerability was identified in PHPGurukul News Portal 1.0. This affects an u… |
12
|
2026-01-26 |
| CVE-2026-24422 |
MED
|
5.3 |
phpMyFAQ is an open source FAQ web application. In versions 4.0.16 and below, m… |
12
|
2026-01-24 |
| CVE-2026-24420 |
MED
|
6.5 |
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below allow… |
12
|
2026-01-24 |
| CVE-2026-24421 |
MED
|
6.5 |
phpMyFAQ is an open source FAQ web application. Versions 4.0.16 and below have … |
12
|
2026-01-24 |
| CVE-2026-24401 |
MED
|
6.5 |
Avahi is a system which facilitates service discovery on a local network via th… |
9
|
2026-01-24 |
| CVE-2026-22586 |
CRIT
|
9.8 |
Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engage… |
8
|
2026-01-24 |
| CVE-2026-22585 |
CRIT
|
9.8 |
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Ma… |
8
|
2026-01-24 |
| CVE-2026-22583 |
CRIT
|
9.8 |
Improper Neutralization of Argument Delimiters in a Command ('Argument Injectio… |
8
|
2026-01-24 |
| CVE-2026-22582 |
CRIT
|
9.8 |
Improper Neutralization of Argument Delimiters in a Command ('Argument Injectio… |
8
|
2026-01-24 |
| CVE-2026-24423 |
CRIT
|
9.8 |
SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticate… |
46
|
2026-01-23 |
| CVE-2025-67231 |
MED
|
5.9 |
A reflected cross-site scripting (XSS) vulnerability in ToDesktop Builder v0.33… |
12
|
2026-01-23 |
| CVE-2025-67230 |
HIGH
|
7.1 |
Improper permissions in the handler for the Custom URL Scheme in ToDesktop Buil… |
12
|
2026-01-23 |
| CVE-2025-67229 |
CRIT
|
9.8 |
An improper certificate validation vulnerability exists in ToDesktop Builder v0… |
12
|
2026-01-23 |
| CVE-2025-67124 |
MED
|
6.8 |
A TOCTOU and symlink race in svenstaro/miniserve 0.32.0 upload finalization (wh… |
15
|
2026-01-23 |
| CVE-2026-22276 |
MED
|
5.5 |
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior… |
12
|
2026-01-23 |
| CVE-2026-22275 |
MED
|
4.4 |
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior… |
12
|
2026-01-23 |
| CVE-2026-22274 |
MED
|
6.5 |
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior… |
12
|
2026-01-23 |
| CVE-2026-22273 |
HIGH
|
8.8 |
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior… |
12
|
2026-01-23 |
| CVE-2025-46699 |
MED
|
4.3 |
Dell Data Protection Advisor, versions prior to 19.12, contains an Improper Neu… |
3
|
2026-01-23 |
| CVE-2026-22271 |
HIGH
|
7.5 |
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior… |
12
|
2026-01-23 |
| CVE-2025-15351 |
HIGH
|
7.8 |
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Co… |
15
|
2026-01-23 |
| CVE-2025-15350 |
HIGH
|
7.8 |
Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Co… |
15
|
2026-01-23 |
| CVE-2025-15059 |
HIGH
|
7.8 |
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerab… |
2
|
2026-01-23 |
| CVE-2025-11002 |
HIGH
|
7.8 |
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability.… |
4
|
2026-01-23 |
| CVE-2026-24304 |
CRIT
|
9.9 |
Improper access control in Azure Resource Manager allows an authorized attacker… |
2267
|
2026-01-23 |
| CVE-2026-20613 |
HIGH
|
7.8 |
The ArchiveReader.extractContents() function used by cctl image load and contai… |
91
|
2026-01-23 |
| CVE-2025-9290 |
MED
|
5.9 |
An authentication weakness was identified in Omada Controllers, Gateways and Ac… |
1
|
2026-01-23 |
| CVE-2026-24307 |
CRIT
|
9.3 |
Improper validation of specified type of input in M365 Copilot allows an unauth… |
2267
|
2026-01-22 |
| CVE-2026-24306 |
CRIT
|
9.8 |
Improper access control in Azure Front Door (AFD) allows an unauthorized attack… |
2267
|
2026-01-22 |
| CVE-2026-24305 |
CRIT
|
9.3 |
Azure Entra ID Elevation of Privilege Vulnerability |
2267
|
2026-01-22 |
| CVE-2026-24124 |
CRIT
|
9.8 |
Dragonfly is an open source P2P-based file distribution and image acceleration … |
2
|
2026-01-22 |
| CVE-2026-21524 |
HIGH
|
7.4 |
Exposure of sensitive information to an unauthorized actor in Azure Data Explor… |
2267
|
2026-01-22 |
| CVE-2026-21521 |
HIGH
|
7.4 |
Improper neutralization of escape, meta, or control sequences in Copilot allows… |
2267
|
2026-01-22 |
| CVE-2026-21520 |
HIGH
|
7.5 |
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio al… |
2267
|
2026-01-22 |
| CVE-2026-21264 |
CRIT
|
9.3 |
Improper neutralization of input during web page generation ('cross-site script… |
2267
|
2026-01-22 |
| CVE-2026-21227 |
HIGH
|
8.2 |
Improper limitation of a pathname to a restricted directory ('path traversal') … |
2267
|
2026-01-22 |
| CVE-2026-24058 |
CRIT
|
9.8 |
Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 … |
19
|
2026-01-22 |
| CVE-2026-23988 |
HIGH
|
7.3 |
Rufus is a utility that helps format and create bootable USB flash drives. Vers… |
5
|
2026-01-22 |
| CVE-2026-20912 |
CRIT
|
9.1 |
Gitea does not properly validate repository ownership when linking attachments … |
54
|
2026-01-22 |
| CVE-2026-20904 |
MED
|
6.5 |
Gitea does not properly validate ownership when toggling OpenID URI visibility.… |
54
|
2026-01-22 |
| CVE-2026-20897 |
CRIT
|
9.1 |
Gitea does not properly validate repository ownership when deleting Git LFS loc… |
54
|
2026-01-22 |
| CVE-2026-20888 |
MED
|
4.3 |
Gitea does not properly verify authorization when canceling scheduled auto-merg… |
54
|
2026-01-22 |
| CVE-2026-20883 |
MED
|
6.5 |
Gitea's stopwatch API does not re-validate repository access permissions. After… |
54
|
2026-01-22 |
| CVE-2026-20800 |
MED
|
6.5 |
Gitea's notification API does not re-validate repository access permissions whe… |
54
|
2026-01-22 |
| CVE-2026-20750 |
CRIT
|
9.1 |
Gitea does not properly validate project ownership in organization project oper… |
54
|
2026-01-22 |
| CVE-2026-20736 |
HIGH
|
7.5 |
Gitea does not properly verify repository context when deleting attachments. A … |
54
|
2026-01-22 |
| CVE-2026-0798 |
LOW
|
3.5 |
Gitea may send release notification emails for private repositories to users wh… |
54
|
2026-01-22 |
| CVE-2025-9289 |
MED
|
4.7 |
A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Oma… |
1
|
2026-01-22 |
| CVE-2026-22281 |
LOW
|
3.5 |
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 throu… |
3
|
2026-01-22 |
| CVE-2026-22280 |
MED
|
5.0 |
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 throu… |
3
|
2026-01-22 |
| CVE-2026-22279 |
MED
|
4.3 |
Dell PowerScale OneFS, versions prior 9.13.0.0, contains an insufficient loggin… |
55
|
2026-01-22 |
| CVE-2026-22278 |
HIGH
|
8.1 |
Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restricti… |
55
|
2026-01-22 |
| CVE-2026-1260 |
HIGH
|
7.8 |
Invalid memory access in Sentencepiece versions less than 0.2.1 when using a vu… |
117
|
2026-01-22 |
| CVE-2026-0535 |
HIGH
|
7.1 |
A maliciously crafted HTML payload, stored in a component’s description and cli… |
77
|
2026-01-22 |
| CVE-2026-0534 |
HIGH
|
7.1 |
A maliciously crafted HTML payload, stored in a part’s attribute and clicked by… |
77
|
2026-01-22 |
| CVE-2026-0533 |
HIGH
|
7.1 |
A maliciously crafted HTML payload in a design name, when displayed during the … |
77
|
2026-01-22 |
| CVE-2025-70899 |
MED
|
6.5 |
PHPgurukul Online Course Registration v3.1 lacks Cross-Site Request Forgery (CS… |
12
|
2026-01-22 |
| CVE-2025-36588 |
HIGH
|
8.8 |
Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutra… |
55
|
2026-01-22 |
| CVE-2026-23760 |
CRIT
|
9.8 |
SmarterTools SmarterMail versions prior to build 9511 contain an authentication… |
46
|
2026-01-22 |
| CVE-2026-1102 |
MED
|
5.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3… |
54
|
2026-01-22 |
| CVE-2026-0723 |
HIGH
|
7.4 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6… |
54
|
2026-01-22 |
| CVE-2025-13928 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7… |
54
|
2026-01-22 |
| CVE-2025-13927 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9… |
54
|
2026-01-22 |
| CVE-2026-1332 |
MED
|
5.3 |
MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulner… |
37
|
2026-01-22 |
| CVE-2025-13335 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.1… |
54
|
2026-01-22 |
| CVE-2026-1331 |
CRIT
|
9.8 |
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulner… |
37
|
2026-01-22 |
| CVE-2026-1330 |
HIGH
|
7.5 |
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerab… |
37
|
2026-01-22 |
| CVE-2026-24055 |
MED
|
5.3 |
Langfuse is an open source large language model engineering platform. In versio… |
12
|
2026-01-22 |
| CVE-2026-23952 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
52
|
2026-01-22 |
| CVE-2026-23951 |
MED
|
5.5 |
SumatraPDF is a multi-format reader for Windows. All versions contain an off-by… |
3
|
2026-01-22 |
| CVE-2026-23960 |
MED
|
5.4 |
Argo Workflows is an open source container-native workflow engine for orchestra… |
8
|
2026-01-21 |
| CVE-2026-21852 |
HIGH
|
7.5 |
Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability i… |
44
|
2026-01-21 |
| CVE-2025-12781 |
MED
|
5.3 |
When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64deco… |
80
|
2026-01-21 |
| CVE-2025-66960 |
HIGH
|
7.5 |
An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of serv… |
3
|
2026-01-21 |
| CVE-2025-66959 |
HIGH
|
7.5 |
An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of serv… |
3
|
2026-01-21 |
| CVE-2026-20045 |
HIGH
|
8.2 |
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Uni… |
104
|
2026-01-21 |
| CVE-2025-57681 |
MED
|
5.4 |
The WorklogPRO - Timesheets for Jira plugin in Jira Data Center before version … |
23
|
2026-01-21 |
| CVE-2026-0663 |
MED
|
4.9 |
Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 … |
16
|
2026-01-21 |
| CVE-2026-24061 |
CRIT
|
9.8 |
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a … |
28
|
2026-01-21 |
| CVE-2026-21990 |
HIGH
|
8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21989 |
HIGH
|
8.1 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21988 |
HIGH
|
8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21987 |
HIGH
|
8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21986 |
HIGH
|
7.1 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21985 |
MED
|
6.0 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21984 |
HIGH
|
7.5 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21983 |
HIGH
|
7.5 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21982 |
HIGH
|
7.5 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21981 |
MED
|
4.6 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21980 |
MED
|
6.5 |
Vulnerability in the Oracle Life Sciences Central Coding product of Oracle Heal… |
140
|
2026-01-20 |
| CVE-2026-21978 |
MED
|
6.5 |
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financ… |
141
|
2026-01-20 |
| CVE-2026-21976 |
HIGH
|
7.1 |
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of… |
140
|
2026-01-20 |
| CVE-2026-21975 |
MED
|
4.5 |
Vulnerability in the Java VM component of Oracle Database Server. Supported ve… |
140
|
2026-01-20 |
| CVE-2026-21974 |
MED
|
5.3 |
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle He… |
140
|
2026-01-20 |
| CVE-2026-21973 |
HIGH
|
8.1 |
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Finan… |
140
|
2026-01-20 |
| CVE-2026-21972 |
MED
|
5.3 |
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (co… |
140
|
2026-01-20 |
| CVE-2026-21971 |
MED
|
5.4 |
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle Peo… |
140
|
2026-01-20 |
| CVE-2026-21970 |
MED
|
6.5 |
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle He… |
140
|
2026-01-20 |
| CVE-2026-21969 |
CRIT
|
9.8 |
Vulnerability in the Oracle Agile Product Lifecycle Management for Process prod… |
140
|
2026-01-20 |
| CVE-2026-21968 |
MED
|
6.5 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: O… |
144
|
2026-01-20 |
| CVE-2026-21967 |
HIGH
|
8.6 |
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality A… |
140
|
2026-01-20 |
| CVE-2026-21966 |
MED
|
6.1 |
Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Or… |
140
|
2026-01-20 |
| CVE-2026-21965 |
LOW
|
2.7 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: P… |
142
|
2026-01-20 |
| CVE-2026-21964 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: T… |
144
|
2026-01-20 |
| CVE-2026-21963 |
MED
|
6.0 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21962 |
CRIT
|
10.0 |
Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in p… |
140
|
2026-01-20 |
| CVE-2026-21961 |
MED
|
6.1 |
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracl… |
140
|
2026-01-20 |
| CVE-2026-21960 |
MED
|
6.5 |
Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite… |
140
|
2026-01-20 |
| CVE-2026-21959 |
MED
|
4.9 |
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (compon… |
140
|
2026-01-20 |
| CVE-2026-21957 |
HIGH
|
7.5 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21956 |
HIGH
|
8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21955 |
HIGH
|
8.2 |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (com… |
140
|
2026-01-20 |
| CVE-2026-21952 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: P… |
142
|
2026-01-20 |
| CVE-2026-21951 |
MED
|
6.1 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle People… |
140
|
2026-01-20 |
| CVE-2026-21950 |
MED
|
6.5 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: O… |
142
|
2026-01-20 |
| CVE-2026-21949 |
MED
|
6.5 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: O… |
142
|
2026-01-20 |
| CVE-2026-21948 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: O… |
144
|
2026-01-20 |
| CVE-2026-21947 |
LOW
|
3.1 |
Vulnerability in Oracle Java SE (component: JavaFX). Supported versions that a… |
140
|
2026-01-20 |
| CVE-2026-21946 |
MED
|
6.1 |
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edward… |
140
|
2026-01-20 |
| CVE-2026-21945 |
HIGH
|
7.5 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ent… |
142
|
2026-01-20 |
| CVE-2026-21944 |
MED
|
6.5 |
Vulnerability in the Oracle Agile Product Lifecycle Management for Process prod… |
140
|
2026-01-20 |
| CVE-2026-21943 |
MED
|
6.1 |
Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (compo… |
140
|
2026-01-20 |
| CVE-2026-21941 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: O… |
144
|
2026-01-20 |
| CVE-2026-21940 |
HIGH
|
7.5 |
Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component… |
140
|
2026-01-20 |
| CVE-2026-21939 |
HIGH
|
7.0 |
Vulnerability in the SQLcl component of Oracle Database Server. Supported vers… |
140
|
2026-01-20 |
| CVE-2026-21938 |
MED
|
6.1 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle People… |
140
|
2026-01-20 |
| CVE-2026-21937 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: D… |
144
|
2026-01-20 |
| CVE-2026-21936 |
MED
|
4.9 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). … |
144
|
2026-01-20 |
| CVE-2026-21934 |
MED
|
5.4 |
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle People… |
140
|
2026-01-20 |
| CVE-2026-21933 |
MED
|
6.1 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ent… |
142
|
2026-01-20 |
| CVE-2026-21932 |
HIGH
|
7.4 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ent… |
142
|
2026-01-20 |
| CVE-2026-21931 |
MED
|
5.4 |
Vulnerability in the Oracle APEX Sample Applications product of Oracle APEX (co… |
140
|
2026-01-20 |
| CVE-2026-21930 |
LOW
|
2.3 |
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems… |
140
|
2026-01-20 |
| CVE-2026-21929 |
MED
|
5.3 |
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: P… |
142
|
2026-01-20 |
| CVE-2026-21926 |
HIGH
|
7.5 |
Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM (compon… |
158
|
2026-01-20 |
| CVE-2026-21925 |
MED
|
4.8 |
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ent… |
142
|
2026-01-20 |
| CVE-2026-21924 |
MED
|
5.4 |
Vulnerability in the Oracle Utilities Application Framework product of Oracle U… |
140
|
2026-01-20 |
| CVE-2026-21923 |
MED
|
6.5 |
Vulnerability in the Oracle Life Sciences Central Designer product of Oracle He… |
140
|
2026-01-20 |
| CVE-2026-21922 |
MED
|
4.2 |
Vulnerability in the Oracle Planning and Budgeting Cloud Service product of Ora… |
140
|
2026-01-20 |
| CVE-2026-21664 |
MED
|
6.1 |
HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a refl… |
4
|
2026-01-20 |
| CVE-2026-21663 |
MED
|
6.1 |
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vuln… |
4
|
2026-01-20 |
| CVE-2026-21642 |
MED
|
6.1 |
HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vuln… |
8
|
2026-01-20 |
| CVE-2026-21641 |
MED
|
6.5 |
HackerOne community member Jad Ghamloush (0xjad) has reported an authorization … |
8
|
2026-01-20 |
| CVE-2026-21640 |
LOW
|
2.7 |
HackerOne community member Faraz Ahmed (PakCyberbot) has reported a format stri… |
4
|
2026-01-20 |
| CVE-2026-21637 |
HIGH
|
7.5 |
A flaw in Node.js TLS error handling allows remote attackers to crash or exhaus… |
73
|
2026-01-20 |
| CVE-2025-63648 |
HIGH
|
7.5 |
A NULL pointer dereference in the dacp_reply_playqueueedit_move function (src/h… |
1
|
2026-01-20 |
| CVE-2025-63647 |
HIGH
|
7.5 |
A NULL pointer dereference in the parse_meta function (src/httpd_daap.c) of own… |
1
|
2026-01-20 |
| CVE-2025-59466 |
HIGH
|
7.5 |
We have identified a bug in Node.js error handling where "Maximum call stack si… |
31
|
2026-01-20 |
| CVE-2025-59465 |
HIGH
|
7.5 |
A malformed `HTTP/2 HEADERS` frame with oversized, invalid `HPACK` data can cau… |
31
|
2026-01-20 |
| CVE-2025-59464 |
HIGH
|
7.5 |
A memory leak in Node.js’s OpenSSL integration occurs when converting `X.509` c… |
5
|
2026-01-20 |
| CVE-2025-57156 |
HIGH
|
7.5 |
NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/… |
1
|
2026-01-20 |
| CVE-2025-57155 |
HIGH
|
7.5 |
NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c … |
1
|
2026-01-20 |
| CVE-2025-55132 |
MED
|
5.3 |
A flaw in Node.js's permission model allows a file's access and modification ti… |
31
|
2026-01-20 |
| CVE-2025-55130 |
CRIT
|
9.1 |
A flaw in Node.js’s Permissions model allows attackers to bypass `--allow-fs-re… |
31
|
2026-01-20 |
| CVE-2025-56353 |
HIGH
|
7.5 |
In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a mem… |
1
|
2026-01-20 |
| CVE-2025-15281 |
HIGH
|
7.5 |
Calling wordexp with WRDE_REUSE in conjunction with WRDE_APPEND in the GNU C Li… |
42
|
2026-01-20 |
| CVE-2026-0908 |
HIGH
|
8.8 |
Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remot… |
184
|
2026-01-20 |
| CVE-2026-0907 |
CRIT
|
9.8 |
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 all… |
184
|
2026-01-20 |
| CVE-2026-0906 |
CRIT
|
9.8 |
Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allow… |
184
|
2026-01-20 |
| CVE-2026-0905 |
CRIT
|
9.8 |
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559… |
184
|
2026-01-20 |
| CVE-2026-0904 |
MED
|
5.4 |
Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.75… |
184
|
2026-01-20 |
| CVE-2026-0903 |
MED
|
5.4 |
Inappropriate implementation in Downloads in Google Chrome on Windows prior to … |
184
|
2026-01-20 |
| CVE-2026-0902 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allo… |
184
|
2026-01-20 |
| CVE-2026-0901 |
MED
|
5.4 |
Inappropriate implementation in Blink in Google Chrome on Android prior to 144.… |
183
|
2026-01-20 |
| CVE-2026-0900 |
HIGH
|
8.8 |
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allo… |
184
|
2026-01-20 |
| CVE-2026-0899 |
HIGH
|
8.8 |
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allow… |
184
|
2026-01-20 |
| CVE-2026-23950 |
HIGH
|
8.8 |
node-tar,a Tar for Node.js, has a race condition vulnerability in versions up t… |
23
|
2026-01-20 |
| CVE-2026-23876 |
HIGH
|
8.1 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2026-01-20 |
| CVE-2026-23874 |
MED
|
5.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2026-01-20 |
| CVE-2026-22770 |
MED
|
6.5 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2026-01-20 |
| CVE-2026-23884 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23883 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23732 |
HIGH
|
7.5 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23534 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23533 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23532 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23531 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-23530 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2026-01-19 |
| CVE-2026-1160 |
HIGH
|
7.3 |
A security vulnerability has been detected in PHPGurukul Directory Management S… |
12
|
2026-01-19 |
| CVE-2026-1007 |
HIGH
|
7.6 |
Incorrect Authorization vulnerability in virtual gateway component in Devolutio… |
1
|
2026-01-19 |
| CVE-2026-0610 |
CRIT
|
9.8 |
SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue… |
1
|
2026-01-19 |
| CVE-2026-1142 |
MED
|
4.3 |
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted… |
12
|
2026-01-19 |
| CVE-2026-1141 |
MED
|
6.3 |
A vulnerability was identified in PHPGurukul News Portal 1.0. The affected elem… |
12
|
2026-01-19 |
| CVE-2026-0943 |
HIGH
|
7.5 |
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with… |
9
|
2026-01-19 |
| CVE-2026-0518 |
MED
|
4.8 |
CVE-2026-0518 is a cross-site scripting vulnerability in versions of
Secure Ac… |
1
|
2026-01-17 |
| CVE-2026-0517 |
HIGH
|
7.5 |
CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure
Acces… |
1
|
2026-01-17 |
| CVE-2026-23745 |
MED
|
6.1 |
node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) fails to sanitiz… |
23
|
2026-01-16 |
| CVE-2026-21223 |
HIGH
|
7.1 |
Improper privilege management in Microsoft Edge (Chromium-based) allows an auth… |
2139
|
2026-01-16 |
| CVE-2026-20960 |
HIGH
|
8.0 |
Improper authorization in Microsoft Power Apps allows an authorized attacker to… |
926
|
2026-01-16 |
| CVE-2026-23643 |
MED
|
5.4 |
CakePHP is a rapid development framework for PHP. The PaginatorHelper::limitCon… |
12
|
2026-01-16 |
| CVE-2025-31186 |
LOW
|
3.3 |
A permissions issue was addressed with additional restrictions. This issue is f… |
92
|
2026-01-16 |
| CVE-2026-23523 |
CRIT
|
9.6 |
Dive is an open-source MCP Host Desktop Application that enables integration wi… |
4
|
2026-01-16 |
| CVE-2026-0696 |
MED
|
6.5 |
In ConnectWise PSA versions older than 2026.1, certain session cookies were not… |
2
|
2026-01-16 |
| CVE-2026-0695 |
HIGH
|
8.7 |
In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the T… |
2
|
2026-01-16 |
| CVE-2025-68675 |
HIGH
|
7.5 |
In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy field… |
8
|
2026-01-16 |
| CVE-2021-47793 |
HIGH
|
7.5 |
Telegram Desktop 2.9.2 contains a denial of service vulnerability that allows a… |
31
|
2026-01-16 |
| CVE-2021-47783 |
MED
|
5.4 |
Phpwcms 1.9.30 contains a file upload vulnerability that allows authenticated a… |
12
|
2026-01-16 |
| CVE-2026-22864 |
HIGH
|
8.1 |
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prio… |
5
|
2026-01-15 |
| CVE-2026-22863 |
HIGH
|
7.5 |
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.6.0, node:c… |
5
|
2026-01-15 |
| CVE-2026-0915 |
HIGH
|
7.5 |
Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that spe… |
42
|
2026-01-15 |
| CVE-2025-67823 |
HIGH
|
8.2 |
A vulnerability in the Multimedia Email component of Mitel MiContact Center Bus… |
8
|
2026-01-15 |
| CVE-2025-70893 |
HIGH
|
8.8 |
A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe … |
12
|
2026-01-15 |
| CVE-2025-70892 |
CRIT
|
9.8 |
Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerabi… |
12
|
2026-01-15 |
| CVE-2025-70891 |
MED
|
6.1 |
A stored cross-site scripting (XSS) vulnerability exists in Phpgurukul Cyber Ca… |
12
|
2026-01-15 |
| CVE-2025-70890 |
MED
|
6.1 |
A stored cross-site scripting (XSS) vulnerability exists in Cyber Cafe Manageme… |
12
|
2026-01-15 |
| CVE-2026-22803 |
HIGH
|
7.5 |
SvelteKit is a framework for rapidly developing robust, performant web applicat… |
2
|
2026-01-15 |
| CVE-2026-0227 |
HIGH
|
7.5 |
A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticate… |
122
|
2026-01-15 |
| CVE-2025-67647 |
CRIT
|
9.1 |
SvelteKit is a framework for rapidly developing robust, performant web applicat… |
2
|
2026-01-15 |
| CVE-2026-23496 |
MED
|
5.4 |
Pimcore Web2Print Tools Bundle adds tools for web-to-print use cases to Pimcore… |
46
|
2026-01-15 |
| CVE-2026-20076 |
MED
|
4.8 |
A vulnerability in the web-based management interface of Cisco Identity Service… |
87
|
2026-01-15 |
| CVE-2026-20075 |
MED
|
4.8 |
A vulnerability in the web-based management interface of Cisco Evolved Programm… |
87
|
2026-01-15 |
| CVE-2026-20047 |
MED
|
4.8 |
A vulnerability in the web-based management interface of Cisco Identity Service… |
87
|
2026-01-15 |
| CVE-2021-47769 |
MED
|
4.8 |
Isshue Shopping Cart 3.5 contains a persistent cross-site scripting vulnerabili… |
4
|
2026-01-15 |
| CVE-2021-47753 |
CRIT
|
9.8 |
phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability th… |
12
|
2026-01-15 |
| CVE-2025-67084 |
CRIT
|
9.9 |
File upload vulnerability in InvoicePlane through 1.6.3 allows authenticated at… |
1
|
2026-01-15 |
| CVE-2025-67083 |
MED
|
5.3 |
Directory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthen… |
1
|
2026-01-15 |
| CVE-2025-67082 |
MED
|
6.5 |
An SQL injection vulnerability in InvoicePlane through 1.6.3 has been identifie… |
1
|
2026-01-15 |
| CVE-2025-67081 |
MED
|
4.9 |
An SQL injection vulnerability in Itflow through 25.06 has been identified in t… |
8
|
2026-01-15 |
| CVE-2026-23512 |
HIGH
|
8.6 |
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is… |
3
|
2026-01-14 |
| CVE-2026-0962 |
MED
|
5.3 |
SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.… |
16
|
2026-01-14 |
| CVE-2026-0961 |
MED
|
5.5 |
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows de… |
14
|
2026-01-14 |
| CVE-2026-0960 |
MED
|
4.7 |
HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denia… |
14
|
2026-01-14 |
| CVE-2026-0959 |
MED
|
5.3 |
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4… |
14
|
2026-01-14 |
| CVE-2026-0861 |
HIGH
|
8.4 |
Passing too large an alignment to the memalign suite of functions (memalign, po… |
38
|
2026-01-14 |
| CVE-2025-11224 |
HIGH
|
7.7 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1… |
54
|
2026-01-14 |
| CVE-2026-22859 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22858 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22857 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22856 |
HIGH
|
8.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22855 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22854 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22853 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22852 |
CRIT
|
9.8 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22851 |
MED
|
5.9 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.… |
1
|
2026-01-14 |
| CVE-2026-22708 |
CRIT
|
9.8 |
Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cu… |
18
|
2026-01-14 |
| CVE-2025-37185 |
MED
|
5.5 |
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orc… |
16
|
2026-01-14 |
| CVE-2025-37184 |
CRIT
|
9.8 |
A vulnerability exists in an Orchestrator service that could allow an unauthent… |
16
|
2026-01-14 |
| CVE-2025-37183 |
HIGH
|
7.2 |
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orc… |
16
|
2026-01-14 |
| CVE-2025-37182 |
HIGH
|
7.2 |
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orc… |
16
|
2026-01-14 |
| CVE-2025-37181 |
HIGH
|
7.2 |
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orc… |
16
|
2026-01-14 |
| CVE-2025-56226 |
MED
|
5.3 |
Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_… |
8
|
2026-01-14 |
| CVE-2023-54331 |
HIGH
|
7.8 |
Outline 1.6.0 contains an unquoted service path vulnerability that allows local… |
1
|
2026-01-13 |
| CVE-2022-50931 |
HIGH
|
7.8 |
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows… |
32
|
2026-01-13 |
| CVE-2022-50806 |
HIGH
|
7.2 |
4images 1.9 contains a remote command execution vulnerability that allows authe… |
22
|
2026-01-13 |
| CVE-2021-47751 |
HIGH
|
7.5 |
CuteEditor for PHP (now referred to as Rich Text Editor) 6.6 contains a directo… |
12
|
2026-01-13 |
| CVE-2021-47750 |
MED
|
6.1 |
YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows att… |
12
|
2026-01-13 |
| CVE-2021-47749 |
MED
|
5.5 |
YouPHPTube <= 7.8 contains a local file inclusion vulnerability that allows una… |
12
|
2026-01-13 |
| CVE-2026-21303 |
MED
|
5.5 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bou… |
72
|
2026-01-13 |
| CVE-2026-21302 |
MED
|
5.5 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bou… |
72
|
2026-01-13 |
| CVE-2026-21301 |
MED
|
5.5 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointe… |
72
|
2026-01-13 |
| CVE-2026-21300 |
MED
|
5.5 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by a NULL Pointe… |
72
|
2026-01-13 |
| CVE-2026-21299 |
HIGH
|
7.8 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bou… |
72
|
2026-01-13 |
| CVE-2026-21298 |
HIGH
|
7.8 |
Substance3D - Modeler versions 1.22.4 and earlier are affected by an out-of-bou… |
72
|
2026-01-13 |
| CVE-2026-0543 |
MED
|
6.5 |
Improper Input Validation (CWE-20) in Kibana's Email Connector can allow an att… |
1
|
2026-01-13 |
| CVE-2026-0531 |
MED
|
6.5 |
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet … |
1
|
2026-01-13 |
| CVE-2026-0530 |
MED
|
6.5 |
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet … |
1
|
2026-01-13 |
| CVE-2026-0528 |
MED
|
6.5 |
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an … |
1
|
2026-01-13 |
| CVE-2026-22809 |
MED
|
4.4 |
tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, … |
15
|
2026-01-13 |
| CVE-2026-21308 |
MED
|
5.5 |
Substance3D - Designer versions 15.0.3 and earlier are affected by an Out-of-bo… |
164
|
2026-01-13 |
| CVE-2026-21307 |
HIGH
|
7.8 |
Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bo… |
164
|
2026-01-13 |
| CVE-2026-21306 |
HIGH
|
7.8 |
Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-boun… |
100
|
2026-01-13 |
| CVE-2026-21305 |
HIGH
|
7.8 |
Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bou… |
158
|
2026-01-13 |
| CVE-2026-21287 |
HIGH
|
7.8 |
Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Fre… |
79
|
2026-01-13 |
| CVE-2026-21304 |
HIGH
|
7.8 |
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based… |
191
|
2026-01-13 |
| CVE-2026-21288 |
MED
|
5.5 |
Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer De… |
83
|
2026-01-13 |
| CVE-2026-21283 |
HIGH
|
7.8 |
Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Ov… |
165
|
2026-01-13 |
| CVE-2026-21281 |
HIGH
|
7.8 |
InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Ov… |
189
|
2026-01-13 |
| CVE-2026-21280 |
HIGH
|
8.6 |
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Sear… |
83
|
2026-01-13 |
| CVE-2026-21278 |
MED
|
5.5 |
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bo… |
191
|
2026-01-13 |
| CVE-2026-21277 |
HIGH
|
7.8 |
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based… |
191
|
2026-01-13 |
| CVE-2026-21276 |
HIGH
|
7.8 |
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of… |
191
|
2026-01-13 |
| CVE-2026-21275 |
HIGH
|
7.8 |
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of… |
191
|
2026-01-13 |
| CVE-2026-21274 |
HIGH
|
7.8 |
Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Auth… |
232
|
2026-01-13 |
| CVE-2026-21272 |
HIGH
|
8.6 |
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input… |
232
|
2026-01-13 |
| CVE-2026-21271 |
HIGH
|
8.6 |
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input… |
232
|
2026-01-13 |
| CVE-2026-21268 |
HIGH
|
8.6 |
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input… |
232
|
2026-01-13 |
| CVE-2026-21267 |
HIGH
|
8.6 |
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutr… |
232
|
2026-01-13 |
| CVE-2026-21226 |
HIGH
|
7.5 |
Deserialization of untrusted data in Azure Core shared client library for Pytho… |
658
|
2026-01-13 |
| CVE-2026-21224 |
HIGH
|
7.8 |
Stack-based buffer overflow in Azure Connected Machine Agent allows an authoriz… |
680
|
2026-01-13 |
| CVE-2026-21219 |
HIGH
|
7.0 |
Use after free in Inbox COM Objects allows an unauthorized attacker to execute … |
572
|
2026-01-13 |
| CVE-2026-20965 |
HIGH
|
7.5 |
Improper verification of cryptographic signature in Windows Admin Center allows… |
579
|
2026-01-13 |
| CVE-2026-20963 |
CRIT
|
9.8 |
Deserialization of untrusted data in Microsoft Office SharePoint allows an unau… |
1723
|
2026-01-13 |
| CVE-2026-20959 |
MED
|
4.6 |
Improper neutralization of input during web page generation ('cross-site script… |
1723
|
2026-01-13 |
| CVE-2026-20958 |
MED
|
5.4 |
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an aut… |
1723
|
2026-01-13 |
| CVE-2026-20957 |
HIGH
|
7.8 |
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unau… |
2274
|
2026-01-13 |
| CVE-2026-20956 |
HIGH
|
7.8 |
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized … |
2267
|
2026-01-13 |
| CVE-2026-20955 |
HIGH
|
7.8 |
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized … |
2274
|
2026-01-13 |
| CVE-2026-20953 |
HIGH
|
8.4 |
Use after free in Microsoft Office allows an unauthorized attacker to execute c… |
2272
|
2026-01-13 |
| CVE-2026-20952 |
HIGH
|
8.4 |
Use after free in Microsoft Office allows an unauthorized attacker to execute c… |
2272
|
2026-01-13 |
| CVE-2026-20951 |
HIGH
|
7.8 |
Improper input validation in Microsoft Office SharePoint allows an unauthorized… |
1723
|
2026-01-13 |
| CVE-2026-20950 |
HIGH
|
7.8 |
Use after free in Microsoft Office Excel allows an unauthorized attacker to exe… |
2274
|
2026-01-13 |
| CVE-2026-20949 |
HIGH
|
7.8 |
Improper access control in Microsoft Office Excel allows an unauthorized attack… |
2267
|
2026-01-13 |
| CVE-2026-20948 |
HIGH
|
7.8 |
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized a… |
2272
|
2026-01-13 |
| CVE-2026-20947 |
HIGH
|
8.8 |
Improper neutralization of special elements used in an sql command ('sql inject… |
1723
|
2026-01-13 |
| CVE-2026-20946 |
HIGH
|
7.8 |
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to… |
2272
|
2026-01-13 |
| CVE-2026-20944 |
HIGH
|
8.4 |
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to … |
2267
|
2026-01-13 |
| CVE-2026-20943 |
HIGH
|
7.0 |
Untrusted search path in Microsoft Office allows an unauthorized attacker to ex… |
1797
|
2026-01-13 |
| CVE-2026-20803 |
HIGH
|
7.2 |
Missing authentication for critical function in SQL Server allows an authorized… |
571
|
2026-01-13 |
| CVE-2025-65784 |
MED
|
6.5 |
Insecure permissions in Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 all… |
2
|
2026-01-13 |
| CVE-2025-59922 |
HIGH
|
7.2 |
An improper neutralization of special elements used in an SQL command ('SQL Inj… |
1
|
2026-01-13 |
| CVE-2025-46685 |
HIGH
|
7.5 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation … |
52
|
2026-01-13 |
| CVE-2025-46684 |
MED
|
6.6 |
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation … |
52
|
2026-01-13 |
| CVE-2025-69992 |
CRIT
|
9.8 |
phpgurukul News Portal Project V4.1 has File Upload Vulnerability via upload.ph… |
12
|
2026-01-13 |
| CVE-2025-69991 |
CRIT
|
9.8 |
phpgurukul News Portal Project V4.1 is vulnerable to SQL Injection in check_ava… |
12
|
2026-01-13 |
| CVE-2025-69990 |
CRIT
|
9.1 |
phpgurukul News Portal Project V4.1 has an Arbitrary File Deletion Vulnerabilit… |
12
|
2026-01-13 |
| CVE-2025-65783 |
CRIT
|
9.8 |
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hu… |
2
|
2026-01-13 |
| CVE-2026-0892 |
CRIT
|
9.8 |
Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bu… |
290
|
2026-01-13 |
| CVE-2026-0891 |
HIGH
|
8.1 |
Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox… |
290
|
2026-01-13 |
| CVE-2026-0890 |
MED
|
5.4 |
Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnera… |
290
|
2026-01-13 |
| CVE-2026-0889 |
HIGH
|
7.5 |
Denial-of-service in the DOM: Service Workers component. This vulnerability aff… |
290
|
2026-01-13 |
| CVE-2026-0888 |
MED
|
5.3 |
Information disclosure in the XML component. This vulnerability affects Firefox… |
290
|
2026-01-13 |
| CVE-2026-0887 |
MED
|
4.3 |
Clickjacking issue, information disclosure in the PDF Viewer component. This vu… |
290
|
2026-01-13 |
| CVE-2026-0886 |
MED
|
5.3 |
Incorrect boundary conditions in the Graphics component. This vulnerability aff… |
290
|
2026-01-13 |
| CVE-2026-0885 |
MED
|
6.5 |
Use-after-free in the JavaScript: GC component. This vulnerability affects Fire… |
290
|
2026-01-13 |
| CVE-2026-0884 |
CRIT
|
9.8 |
Use-after-free in the JavaScript Engine component. This vulnerability affects F… |
290
|
2026-01-13 |
| CVE-2026-0883 |
MED
|
5.3 |
Information disclosure in the Networking component. This vulnerability affects … |
290
|
2026-01-13 |
| CVE-2026-0882 |
HIGH
|
8.8 |
Use-after-free in the IPC component. This vulnerability affects Firefox < 147, … |
290
|
2026-01-13 |
| CVE-2026-0881 |
CRIT
|
10.0 |
Sandbox escape in the Messaging System component. This vulnerability affects Fi… |
290
|
2026-01-13 |
| CVE-2026-0880 |
HIGH
|
8.8 |
Sandbox escape due to integer overflow in the Graphics component. This vulnerab… |
290
|
2026-01-13 |
| CVE-2026-0879 |
CRIT
|
9.8 |
Sandbox escape due to incorrect boundary conditions in the Graphics component. … |
290
|
2026-01-13 |
| CVE-2026-0878 |
HIGH
|
8.0 |
Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebG… |
290
|
2026-01-13 |
| CVE-2026-0877 |
HIGH
|
8.1 |
Mitigation bypass in the DOM: Security component. This vulnerability affects Fi… |
290
|
2026-01-13 |
| CVE-2025-11669 |
HIGH
|
8.1 |
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro version… |
86
|
2026-01-13 |
| CVE-2025-40942 |
HIGH
|
8.8 |
A vulnerability has been identified in TeleControl Server Basic (All versions <… |
1
|
2026-01-13 |
| CVE-2026-22801 |
MED
|
6.8 |
LIBPNG is a reference library for use in applications that read, create, and ma… |
11
|
2026-01-12 |
| CVE-2026-22695 |
MED
|
6.1 |
LIBPNG is a reference library for use in applications that read, create, and ma… |
11
|
2026-01-12 |
| CVE-2025-15514 |
HIGH
|
7.5 |
Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer derefer… |
8
|
2026-01-12 |
| CVE-2025-68471 |
MED
|
6.5 |
Avahi is a system which facilitates service discovery on a local network via th… |
9
|
2026-01-12 |
| CVE-2025-68468 |
MED
|
6.5 |
Avahi is a system which facilitates service discovery on a local network via th… |
9
|
2026-01-12 |
| CVE-2025-68276 |
MED
|
5.5 |
Avahi is a system which facilitates service discovery on a local network via th… |
9
|
2026-01-12 |
| CVE-2025-66689 |
MED
|
6.5 |
A path traversal vulnerability exists in Zen MCP Server before 9.8.2 that allow… |
1
|
2026-01-12 |
| CVE-2025-67813 |
MED
|
5.3 |
Quest KACE Desktop Authority through 11.3.1 has Insecure Permissions on the Nam… |
55
|
2026-01-12 |
| CVE-2025-52694 |
CRIT
|
10.0 |
Successful exploitation of the SQL injection vulnerability could allow an unaut… |
45
|
2026-01-12 |
| CVE-2026-22702 |
MED
|
4.5 |
virtualenv is a tool for creating isolated virtual python environments. Prior t… |
2
|
2026-01-10 |
| CVE-2026-22693 |
MED
|
5.3 |
HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dere… |
9
|
2026-01-10 |
| CVE-2026-22597 |
LOW
|
2.7 |
Ghost is a Node.js content management system. In versions 5.38.0 through 5.130.… |
10
|
2026-01-10 |
| CVE-2026-22596 |
MED
|
6.7 |
Ghost is a Node.js content management system. In versions 5.90.0 through 5.130.… |
10
|
2026-01-10 |
| CVE-2026-22595 |
HIGH
|
8.1 |
Ghost is a Node.js content management system. In versions 5.121.0 through 5.130… |
10
|
2026-01-10 |
| CVE-2026-22594 |
HIGH
|
8.1 |
Ghost is a Node.js content management system. In versions 5.105.0 through 5.130… |
10
|
2026-01-10 |
| CVE-2025-61686 |
CRIT
|
9.1 |
React Router is a router for React. In @react-router/node versions 7.0.0 throug… |
5
|
2026-01-10 |
| CVE-2026-22584 |
CRIT
|
9.8 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Sale… |
8
|
2026-01-09 |
| CVE-2025-46299 |
MED
|
4.3 |
A memory initialization issue was addressed with improved memory handling. This… |
93
|
2026-01-09 |
| CVE-2025-46298 |
MED
|
6.5 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2026-01-09 |
| CVE-2025-15495 |
MED
|
4.7 |
A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unk… |
12
|
2026-01-09 |
| CVE-2025-15494 |
MED
|
6.3 |
A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects a… |
2
|
2026-01-09 |
| CVE-2025-15493 |
MED
|
6.3 |
A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is… |
2
|
2026-01-09 |
| CVE-2026-0803 |
MED
|
6.3 |
A vulnerability was found in PHPGurukul Online Course Registration System up to… |
12
|
2026-01-09 |
| CVE-2025-67282 |
MED
|
5.4 |
In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerab… |
8
|
2026-01-09 |
| CVE-2025-67281 |
MED
|
5.4 |
In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities… |
8
|
2026-01-09 |
| CVE-2025-67280 |
MED
|
5.4 |
In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language inje… |
8
|
2026-01-09 |
| CVE-2025-67279 |
MED
|
5.3 |
An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a … |
8
|
2026-01-09 |
| CVE-2025-67278 |
MED
|
6.5 |
An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a … |
8
|
2026-01-09 |
| CVE-2025-15492 |
MED
|
6.3 |
A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected ele… |
2
|
2026-01-09 |
| CVE-2025-14598 |
CRIT
|
9.8 |
BeeS Software Solutions BET Portal contains an SQL injection vulnerability in t… |
1
|
2026-01-09 |
| CVE-2025-9222 |
HIGH
|
8.7 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2… |
54
|
2026-01-09 |
| CVE-2025-3950 |
LOW
|
3.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.3… |
54
|
2026-01-09 |
| CVE-2025-13781 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.5 be… |
54
|
2026-01-09 |
| CVE-2025-13772 |
HIGH
|
7.1 |
GitLab has remediated an issue in GitLab EE affecting all versions from 18.4 be… |
54
|
2026-01-09 |
| CVE-2025-13761 |
HIGH
|
8.0 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.6… |
54
|
2026-01-09 |
| CVE-2025-11246 |
MED
|
5.4 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.4… |
54
|
2026-01-09 |
| CVE-2025-10569 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 … |
54
|
2026-01-09 |
| CVE-2025-69195 |
HIGH
|
7.6 |
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflo… |
24
|
2026-01-09 |
| CVE-2025-69194 |
HIGH
|
8.8 |
A security issue was discovered in GNU Wget2 when handling Metalink documents. … |
24
|
2026-01-09 |
| CVE-2026-20975 |
MED
|
5.5 |
Improper handling of insufficient permission in Samsung Cloud prior to version … |
67
|
2026-01-09 |
| CVE-2026-0733 |
MED
|
6.3 |
A vulnerability was determined in PHPGurukul Online Course Registration System … |
12
|
2026-01-09 |
| CVE-2026-0730 |
LOW
|
2.4 |
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affe… |
12
|
2026-01-08 |
| CVE-2026-0747 |
LOW
|
3.3 |
Exposure of sensitive information in the TeamViewer entry dashboard component i… |
12
|
2026-01-08 |
| CVE-2026-22253 |
MED
|
5.4 |
Soft Serve is a self-hostable Git server for the command line. Prior to version… |
19
|
2026-01-08 |
| CVE-2026-22234 |
CRIT
|
9.8 |
OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker t… |
1
|
2026-01-08 |
| CVE-2025-50334 |
HIGH
|
7.5 |
An issue in Technitium DNS Server v.13.5 allows a remote attacker to cause a de… |
1
|
2026-01-08 |
| CVE-2025-63611 |
HIGH
|
8.7 |
Cross-Site Scripting in phpgurukul Hostel Management System v2.1 user-provided … |
12
|
2026-01-08 |
| CVE-2025-67936 |
HIGH
|
8.1 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP… |
25
|
2026-01-08 |
| CVE-2025-15224 |
LOW
|
3.1 |
When doing SSH-based transfers using either SCP or SFTP, and asked to do
public… |
28
|
2026-01-08 |
| CVE-2025-15079 |
MED
|
5.3 |
When doing SSH-based transfers using either SCP or SFTP, and setting the
known_… |
28
|
2026-01-08 |
| CVE-2025-14819 |
MED
|
5.3 |
When doing TLS related transfers with reused easy or multi handles and
altering… |
27
|
2026-01-08 |
| CVE-2025-14524 |
MED
|
5.3 |
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer
… |
28
|
2026-01-08 |
| CVE-2025-14017 |
MED
|
6.3 |
When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl,
changin… |
28
|
2026-01-08 |
| CVE-2025-13034 |
MED
|
5.9 |
When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey`
wi… |
26
|
2026-01-08 |
| CVE-2026-22035 |
HIGH
|
7.7 |
Greenshot is an open source Windows screenshot utility. Versions 1.3.310 and be… |
3
|
2026-01-08 |
| CVE-2025-62224 |
MED
|
5.5 |
User interface (ui) misrepresentation of critical information in Microsoft Edge… |
2138
|
2026-01-07 |
| CVE-2026-21441 |
HIGH
|
7.5 |
urllib3 is an HTTP client library for Python. urllib3's streaming API is design… |
7
|
2026-01-07 |
| CVE-2025-13151 |
HIGH
|
7.5 |
Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to… |
34
|
2026-01-07 |
| CVE-2026-22184 |
HIGH
|
7.8 |
zlib versions up to and including 1.3.1.2 include a global buffer overflow in t… |
7
|
2026-01-07 |
| CVE-2026-21856 |
HIGH
|
7.2 |
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to comm… |
23
|
2026-01-07 |
| CVE-2026-21855 |
CRIT
|
9.3 |
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 J… |
23
|
2026-01-07 |
| CVE-2026-21854 |
CRIT
|
9.8 |
The Tarkov Data Manager is a tool to manage the Tarkov item data. Prior to 02 J… |
23
|
2026-01-07 |
| CVE-2025-58441 |
MED
|
6.5 |
Knowage is an open source analytics and business intelligence suite. Prior to v… |
12
|
2026-01-07 |
| CVE-2026-0618 |
MED
|
6.1 |
Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This iss… |
3
|
2026-01-07 |
| CVE-2025-66837 |
MED
|
6.8 |
A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execu… |
1
|
2026-01-07 |
| CVE-2025-12543 |
CRIT
|
9.6 |
A flaw was found in the Undertow HTTP server core, which is used in WildFly, JB… |
19
|
2026-01-07 |
| CVE-2025-66838 |
MED
|
6.5 |
In Aris v10.0.23.0.3587512 and before, the file upload functionality does not e… |
1
|
2026-01-07 |
| CVE-2026-0628 |
HIGH
|
8.8 |
Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.… |
180
|
2026-01-07 |
| CVE-2025-14625 |
MED
|
6.7 |
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard… |
8
|
2026-01-07 |
| CVE-2025-14614 |
MED
|
6.7 |
Insecure Temporary File vulnerability in Altera Quartus Prime Standard
Instal… |
8
|
2026-01-07 |
| CVE-2025-14612 |
MED
|
6.7 |
Insecure Temporary File vulnerability in Altera Quartus Prime Pro
Installer (… |
8
|
2026-01-07 |
| CVE-2025-14605 |
MED
|
6.7 |
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on W… |
8
|
2026-01-07 |
| CVE-2025-14599 |
MED
|
6.7 |
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard… |
8
|
2026-01-07 |
| CVE-2025-14596 |
MED
|
6.7 |
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro
In… |
8
|
2026-01-07 |
| CVE-2025-13744 |
MED
|
5.4 |
An Improper Neutralization of Input During Web Page Generation vulnerability wa… |
56
|
2026-01-06 |
| CVE-2025-15382 |
HIGH
|
8.1 |
A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() functio… |
4
|
2026-01-06 |
| CVE-2025-14942 |
CRIT
|
9.8 |
wolfSSH’s key exchange state machine can be manipulated to leak the client’s pa… |
4
|
2026-01-06 |
| CVE-2025-36589 |
HIGH
|
7.6 |
Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restric… |
3
|
2026-01-06 |
| CVE-2025-46696 |
MED
|
6.4 |
Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) ver… |
3
|
2026-01-06 |
| CVE-2025-14026 |
HIGH
|
7.8 |
Forcepoint One DLP Client, version 23.04.5642 (and possibly newer versions), in… |
8
|
2026-01-06 |
| CVE-2025-68428 |
HIGH
|
7.5 |
jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user… |
13
|
2026-01-05 |
| CVE-2026-21634 |
MED
|
6.5 |
A malicious actor with access to the adjacent network could overflow the UniFi … |
13
|
2026-01-05 |
| CVE-2026-21633 |
HIGH
|
8.8 |
A malicious actor with access to the adjacent network could obtain unauthorized… |
13
|
2026-01-05 |
| CVE-2025-67315 |
MED
|
5.4 |
Cross Site Request Forgery vulnerability in Employee Leave Management System v.… |
12
|
2026-01-05 |
| CVE-2025-64124 |
HIGH
|
8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command … |
4
|
2026-01-03 |
| CVE-2025-64123 |
CRIT
|
9.8 |
Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack C… |
4
|
2026-01-02 |
| CVE-2025-64122 |
MED
|
5.5 |
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Sta… |
4
|
2026-01-02 |
| CVE-2025-64121 |
CRIT
|
9.8 |
Authentication Bypass Using an Alternate Path or Channel vulnerability in Nuvat… |
4
|
2026-01-02 |
| CVE-2025-64120 |
HIGH
|
8.8 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command … |
4
|
2026-01-02 |
| CVE-2026-21445 |
CRIT
|
9.1 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2026-01-02 |
| CVE-2026-21444 |
MED
|
5.5 |
libtpms, a library that provides software emulation of a Trusted Platform Modul… |
5
|
2026-01-02 |
| CVE-2025-69417 |
MED
|
5.0 |
In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-se… |
1
|
2026-01-02 |
| CVE-2025-69416 |
MED
|
5.0 |
In the plex.tv backend for Plex Media Server (PMS) through 2025-12-31, a non-se… |
1
|
2026-01-02 |
| CVE-2025-69415 |
HIGH
|
7.1 |
In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/acco… |
1
|
2026-01-02 |
| CVE-2025-69414 |
HIGH
|
8.5 |
Plex Media Server (PMS) through 1.42.2.10156 allows retrieval of a permanent ac… |
1
|
2026-01-02 |
| CVE-2025-69284 |
MED
|
4.3 |
Plane is an an open-source project management tool. In plane.io, a guest user d… |
1
|
2026-01-02 |
| CVE-2025-62842 |
HIGH
|
7.8 |
An external control of file name or path vulnerability has been reported to aff… |
1
|
2026-01-02 |
| CVE-2025-62840 |
LOW
|
3.3 |
A generation of error message containing sensitive information vulnerability ha… |
1
|
2026-01-02 |
| CVE-2026-0547 |
MED
|
6.3 |
A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. T… |
12
|
2026-01-02 |
| CVE-2025-69203 |
MED
|
6.3 |
Signal K Server is a server application that runs on a central hub in a boat. V… |
1
|
2026-01-01 |
| CVE-2025-68620 |
CRIT
|
9.1 |
Signal K Server is a server application that runs on a central hub in a boat. V… |
1
|
2026-01-01 |
| CVE-2025-68619 |
HIGH
|
7.2 |
Signal K Server is a server application that runs on a central hub in a boat. V… |
1
|
2026-01-01 |
| CVE-2025-68273 |
MED
|
5.3 |
Signal K Server is a server application that runs on a central hub in a boat. A… |
1
|
2026-01-01 |
| CVE-2025-15410 |
HIGH
|
7.3 |
A vulnerability was identified in code-projects Online Guitar Store 1.0. Affect… |
15
|
2026-01-01 |
| CVE-2025-15409 |
HIGH
|
7.3 |
A vulnerability was determined in code-projects Online Guitar Store 1.0. Affect… |
15
|
2026-01-01 |
| CVE-2025-68272 |
HIGH
|
7.5 |
Signal K Server is a server application that runs on a central hub in a boat. A… |
1
|
2026-01-01 |
| CVE-2025-66398 |
CRIT
|
9.6 |
Signal K Server is a server application that runs on a central hub in a boat. P… |
1
|
2026-01-01 |
| CVE-2025-15408 |
HIGH
|
7.3 |
A vulnerability was found in code-projects Online Guitar Store 1.0. Affected is… |
15
|
2026-01-01 |
| CVE-2025-15407 |
HIGH
|
7.3 |
A vulnerability has been found in code-projects Online Guitar Store 1.0. This i… |
15
|
2026-01-01 |
| CVE-2025-15406 |
MED
|
6.3 |
A flaw has been found in PHPGurukul Online Course Registration up to 3.1. This … |
12
|
2026-01-01 |
| CVE-2025-15405 |
MED
|
4.3 |
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an u… |
16
|
2026-01-01 |
| CVE-2025-69413 |
MED
|
5.3 |
In Gitea before 1.25.2, /api/v1/user has different responses for failed authent… |
54
|
2026-01-01 |
| CVE-2025-67711 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67710 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67709 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67708 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67707 |
MED
|
5.6 |
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficientl… |
3
|
2025-12-31 |
| CVE-2025-67706 |
MED
|
5.6 |
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficientl… |
3
|
2025-12-31 |
| CVE-2025-67705 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67704 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-67703 |
MED
|
6.1 |
There is a stored cross site scripting issue in Esri ArcGIS Server 11.4 and ear… |
3
|
2025-12-31 |
| CVE-2025-64699 |
HIGH
|
7.8 |
An incorrect NULL DACL issue exists in SevenCs ORCA G2 2.0.1.35 (EC2007 Kernel … |
8
|
2025-12-31 |
| CVE-2025-61037 |
HIGH
|
7.0 |
A local privilege escalation vulnerability exists in SevenCs ORCA G2 2.0.1.35 (… |
8
|
2025-12-31 |
| CVE-2025-15390 |
MED
|
6.3 |
A security flaw has been discovered in PHPGurukul Small CRM 4.0. This impacts a… |
12
|
2025-12-31 |
| CVE-2025-15223 |
MED
|
4.3 |
A vulnerability was found in Philipinho Simple-PHP-Blog up to 94b5d3e57308bce5d… |
16
|
2025-12-31 |
| CVE-2025-66723 |
HIGH
|
7.5 |
inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to … |
15
|
2025-12-30 |
| CVE-2025-61594 |
HIGH
|
7.5 |
URI is a module providing classes to handle Uniform Resource Identifiers. In ve… |
1
|
2025-12-30 |
| CVE-2025-69261 |
HIGH
|
7.5 |
WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplic… |
8
|
2025-12-30 |
| CVE-2025-66823 |
MED
|
5.4 |
An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the conferenc… |
5
|
2025-12-30 |
| CVE-2025-66834 |
HIGH
|
7.3 |
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a … |
5
|
2025-12-30 |
| CVE-2025-66824 |
HIGH
|
8.7 |
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meeting locatio… |
5
|
2025-12-30 |
| CVE-2025-15263 |
HIGH
|
7.3 |
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an… |
12
|
2025-12-30 |
| CVE-2025-65409 |
HIGH
|
7.5 |
A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 all… |
24
|
2025-12-30 |
| CVE-2025-15262 |
MED
|
4.7 |
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impa… |
12
|
2025-12-30 |
| CVE-2025-69204 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2025-12-30 |
| CVE-2025-68950 |
MED
|
4.0 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2025-12-30 |
| CVE-2025-68618 |
MED
|
5.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
12
|
2025-12-30 |
| CVE-2025-67746 |
MED
|
4.3 |
Composer is a dependency manager for PHP. In versions on the 2.x branch prior t… |
2
|
2025-12-30 |
| CVE-2025-69032 |
MED
|
5.4 |
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes… |
15
|
2025-12-30 |
| CVE-2025-15244 |
LOW
|
3.7 |
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown fu… |
16
|
2025-12-30 |
| CVE-2025-15242 |
LOW
|
3.1 |
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an u… |
16
|
2025-12-30 |
| CVE-2025-68120 |
MED
|
5.4 |
To prevent unexpected untrusted code execution, the Visual Studio Code Go exten… |
122
|
2025-12-30 |
| CVE-2025-66866 |
HIGH
|
7.5 |
An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtil… |
47
|
2025-12-29 |
| CVE-2025-66865 |
HIGH
|
7.5 |
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in… |
47
|
2025-12-29 |
| CVE-2025-66864 |
HIGH
|
7.5 |
An issue was discovered in function d_print_comp_inner in file cp-demangle.c in… |
47
|
2025-12-29 |
| CVE-2025-66863 |
HIGH
|
7.5 |
An issue was discovered in function d_discriminator in file cp-demangle.c in Bi… |
47
|
2025-12-29 |
| CVE-2025-66862 |
HIGH
|
7.5 |
A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in … |
47
|
2025-12-29 |
| CVE-2025-66861 |
LOW
|
2.5 |
An issue was discovered in function d_unqualified_name in file cp-demangle.c in… |
47
|
2025-12-29 |
| CVE-2025-69200 |
HIGH
|
7.5 |
phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an… |
12
|
2025-12-29 |
| CVE-2025-68951 |
MED
|
5.4 |
phpMyFAQ is an open source FAQ web application. Versions 4.0.14 and 4.0.15 have… |
12
|
2025-12-29 |
| CVE-2025-15228 |
CRIT
|
9.8 |
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vuln… |
8
|
2025-12-29 |
| CVE-2025-15227 |
HIGH
|
7.5 |
BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulner… |
8
|
2025-12-29 |
| CVE-2025-15226 |
CRIT
|
9.8 |
WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing u… |
39
|
2025-12-29 |
| CVE-2025-15225 |
HIGH
|
7.5 |
WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing un… |
39
|
2025-12-29 |
| CVE-2025-15170 |
MED
|
4.3 |
A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up… |
1
|
2025-12-29 |
| CVE-2025-15169 |
MED
|
4.7 |
A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by th… |
12
|
2025-12-29 |
| CVE-2025-52691 |
CRIT
|
10.0 |
Successful exploitation of the vulnerability could allow an unauthenticated att… |
46
|
2025-12-29 |
| CVE-2025-68973 |
HIGH
|
7.8 |
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an ind… |
14
|
2025-12-28 |
| CVE-2025-15127 |
HIGH
|
7.3 |
A security vulnerability has been detected in FantasticLBP Hotels_Server up to … |
1
|
2025-12-28 |
| CVE-2025-68972 |
MED
|
5.9 |
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext li… |
14
|
2025-12-27 |
| CVE-2025-14180 |
HIGH
|
7.5 |
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, … |
15
|
2025-12-27 |
| CVE-2025-14178 |
MED
|
6.5 |
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, … |
15
|
2025-12-27 |
| CVE-2025-14177 |
HIGH
|
7.5 |
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, … |
15
|
2025-12-27 |
| CVE-2025-68946 |
MED
|
5.4 |
In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used … |
54
|
2025-12-26 |
| CVE-2025-68945 |
MED
|
5.8 |
In Gitea before 1.21.2, an anonymous user can visit a private user's project. |
54
|
2025-12-26 |
| CVE-2025-68944 |
MED
|
5.0 |
Gitea before 1.22.2 sometimes mishandles the propagation of token scope for acc… |
54
|
2025-12-26 |
| CVE-2025-68943 |
MED
|
5.3 |
Gitea before 1.21.8 inadvertently discloses users' login times by allowing (for… |
54
|
2025-12-26 |
| CVE-2025-68942 |
MED
|
5.4 |
Gitea before 1.22.2 allows XSS because the search input box (for creating tags … |
54
|
2025-12-26 |
| CVE-2025-68941 |
MED
|
4.9 |
Gitea before 1.22.3 mishandles access to a private resource upon receiving an A… |
54
|
2025-12-26 |
| CVE-2025-68940 |
LOW
|
3.1 |
In Gitea before 1.22.5, branch deletion permissions are not adequately enforced… |
54
|
2025-12-26 |
| CVE-2025-68939 |
HIGH
|
8.2 |
Gitea before 1.23.0 allows attackers to add attachments with forbidden file ext… |
54
|
2025-12-26 |
| CVE-2025-68938 |
MED
|
4.3 |
Gitea before 1.25.2 mishandles authorization for deletion of releases. |
54
|
2025-12-26 |
| CVE-2025-68936 |
MED
|
6.4 |
ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is relat… |
1
|
2025-12-25 |
| CVE-2025-68935 |
MED
|
6.4 |
ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel l… |
1
|
2025-12-25 |
| CVE-2025-14497 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14496 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14495 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14494 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14493 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14492 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14491 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14490 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14489 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14488 |
HIGH
|
7.8 |
RealDefense SUPERAntiSpyware Exposed Dangerous Function Local Privilege Escalat… |
3
|
2025-12-23 |
| CVE-2025-14425 |
HIGH
|
7.8 |
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerab… |
2
|
2025-12-23 |
| CVE-2025-14424 |
HIGH
|
7.8 |
GIMP XCF File Parsing Use-After-Free Remote Code Execution Vulnerability. This … |
2
|
2025-12-23 |
| CVE-2025-14423 |
HIGH
|
7.8 |
GIMP LBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnera… |
2
|
2025-12-23 |
| CVE-2025-14422 |
HIGH
|
7.8 |
GIMP PNM File Parsing Integer Overflow Remote Code Execution Vulnerability. Thi… |
2
|
2025-12-23 |
| CVE-2025-14414 |
HIGH
|
7.8 |
Soda PDF Desktop Word File Insufficient UI Warning Remote Code Execution Vulner… |
12
|
2025-12-23 |
| CVE-2025-14413 |
HIGH
|
7.8 |
Soda PDF Desktop CBZ File Parsing Directory Traversal Remote Code Execution Vul… |
12
|
2025-12-23 |
| CVE-2025-14936 |
HIGH
|
7.8 |
NSF Unidata NetCDF-C Attribute Name Stack-based Buffer Overflow Remote Code Exe… |
1
|
2025-12-23 |
| CVE-2025-14935 |
HIGH
|
7.8 |
NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote Code Exec… |
1
|
2025-12-23 |
| CVE-2025-14934 |
HIGH
|
7.8 |
NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote Code Exec… |
1
|
2025-12-23 |
| CVE-2025-14933 |
HIGH
|
7.8 |
NSF Unidata NetCDF-C NC Variable Integer Overflow Remote Code Execution Vulnera… |
1
|
2025-12-23 |
| CVE-2025-14932 |
HIGH
|
7.8 |
NSF Unidata NetCDF-C Time Unit Stack-based Buffer Overflow Remote Code Executio… |
1
|
2025-12-23 |
| CVE-2025-68615 |
CRIT
|
9.8 |
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9… |
1
|
2025-12-23 |
| CVE-2023-53975 |
HIGH
|
7.5 |
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allow… |
54
|
2025-12-22 |
| CVE-2023-53972 |
HIGH
|
7.5 |
WebTareas 2.4 contains a SQL injection vulnerability in the webTareasSID cookie… |
15
|
2025-12-22 |
| CVE-2023-53971 |
HIGH
|
8.8 |
WebTareas 2.4 contains a file upload vulnerability that allows authenticated us… |
15
|
2025-12-22 |
| CVE-2025-65790 |
MED
|
6.1 |
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when… |
14
|
2025-12-22 |
| CVE-2025-63664 |
HIGH
|
7.5 |
Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge… |
19
|
2025-12-22 |
| CVE-2025-63663 |
HIGH
|
7.5 |
Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI… |
19
|
2025-12-22 |
| CVE-2025-63662 |
HIGH
|
7.5 |
Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2… |
19
|
2025-12-22 |
| CVE-2025-26787 |
MED
|
4.7 |
An error in the SignServer container startup logic was found in Keyfactor SignS… |
1
|
2025-12-22 |
| CVE-2025-14591 |
HIGH
|
7.5 |
In Delphix Continuous Compliance version 2025.3.0 and later, following a recent… |
8
|
2025-12-20 |
| CVE-2025-68478 |
HIGH
|
7.1 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2025-12-19 |
| CVE-2025-68477 |
HIGH
|
7.7 |
Langflow is a tool for building and deploying AI-powered agents and workflows. … |
5
|
2025-12-19 |
| CVE-2025-66580 |
CRIT
|
9.6 |
Dive is an open-source MCP Host Desktop Application that enables integration wi… |
4
|
2025-12-19 |
| CVE-2025-63665 |
CRIT
|
9.8 |
An issue in GT Edge AI Community Edition Versions before v2.0.12 allows attacke… |
19
|
2025-12-19 |
| CVE-2025-1928 |
CRIT
|
9.1 |
Improper Restriction of Excessive Authentication Attempts vulnerability in Rest… |
1
|
2025-12-19 |
| CVE-2025-1927 |
HIGH
|
7.1 |
Cross-Site Request Forgery (CSRF) vulnerability in Restajet Information Technol… |
1
|
2025-12-19 |
| CVE-2025-1885 |
MED
|
5.4 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Restajet I… |
1
|
2025-12-19 |
| CVE-2025-66522 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs fun… |
18
|
2025-12-19 |
| CVE-2025-66521 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com… |
18
|
2025-12-19 |
| CVE-2025-66520 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in the Portfolio featu… |
18
|
2025-12-19 |
| CVE-2025-66519 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com… |
18
|
2025-12-19 |
| CVE-2025-66502 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com… |
18
|
2025-12-19 |
| CVE-2025-66501 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com… |
18
|
2025-12-19 |
| CVE-2025-66500 |
MED
|
6.3 |
A stored cross-site scripting (XSS) vulnerability exists in webplugins.foxit.co… |
18
|
2025-12-19 |
| CVE-2025-66499 |
HIGH
|
7.8 |
A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit P… |
17
|
2025-12-19 |
| CVE-2025-66498 |
MED
|
5.3 |
A memory corruption vulnerability exists in the 3D annotation handling of Foxit… |
16
|
2025-12-19 |
| CVE-2025-66497 |
MED
|
5.3 |
A memory corruption vulnerability exists in the 3D annotation handling of Foxit… |
17
|
2025-12-19 |
| CVE-2025-66496 |
MED
|
5.3 |
A memory corruption vulnerability exists in the 3D annotation handling of Foxit… |
16
|
2025-12-19 |
| CVE-2025-66495 |
HIGH
|
7.8 |
A use-after-free vulnerability exists in the annotation handling of Foxit PDF R… |
17
|
2025-12-19 |
| CVE-2025-66494 |
HIGH
|
7.8 |
A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Read… |
16
|
2025-12-19 |
| CVE-2025-66493 |
HIGH
|
7.8 |
A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Rea… |
16
|
2025-12-19 |
| CVE-2025-14267 |
MED
|
4.9 |
Incomplete removal of sensitive information before transfer vulnerability in M-… |
16
|
2025-12-19 |
| CVE-2025-13941 |
HIGH
|
8.8 |
A local privilege escalation vulnerability exists in the Foxit PDF Reader/Edito… |
16
|
2025-12-19 |
| CVE-2025-64675 |
HIGH
|
8.3 |
Improper neutralization of input during web page generation ('cross-site script… |
2267
|
2025-12-19 |
| CVE-2025-68422 |
MED
|
4.3 |
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CA… |
1
|
2025-12-18 |
| CVE-2025-68390 |
MED
|
4.9 |
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch… |
1
|
2025-12-18 |
| CVE-2025-68389 |
MED
|
6.5 |
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can al… |
1
|
2025-12-18 |
| CVE-2025-68387 |
MED
|
6.1 |
Improper neutralization of input during web page generation ('Cross-site Script… |
1
|
2025-12-18 |
| CVE-2025-68386 |
MED
|
4.3 |
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CA… |
1
|
2025-12-18 |
| CVE-2025-68385 |
HIGH
|
7.2 |
Improper neutralization of input during web page generation ('Cross-site Script… |
1
|
2025-12-18 |
| CVE-2025-68384 |
MED
|
6.5 |
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch… |
1
|
2025-12-18 |
| CVE-2025-68383 |
MED
|
6.5 |
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285)… |
4
|
2025-12-18 |
| CVE-2025-65046 |
LOW
|
3.1 |
Microsoft Edge (Chromium-based) Spoofing Vulnerability |
2137
|
2025-12-18 |
| CVE-2025-65041 |
CRIT
|
10.0 |
Improper authorization in Microsoft Partner Center allows an unauthorized attac… |
2267
|
2025-12-18 |
| CVE-2025-65037 |
CRIT
|
10.0 |
Improper control of generation of code ('code injection') in Azure Container Ap… |
2267
|
2025-12-18 |
| CVE-2025-64677 |
HIGH
|
8.2 |
Improper neutralization of input during web page generation ('cross-site script… |
2267
|
2025-12-18 |
| CVE-2025-64676 |
HIGH
|
7.2 |
'.../...//' in Microsoft Purview allows an authorized attacker to execute code … |
2267
|
2025-12-18 |
| CVE-2025-64663 |
CRIT
|
9.9 |
Custom Question Answering Elevation of Privilege Vulnerability |
2267
|
2025-12-18 |
| CVE-2025-68161 |
MED
|
4.8 |
The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does… |
1
|
2025-12-18 |
| CVE-2025-63951 |
HIGH
|
7.5 |
An insecure deserialization vulnerability exists in the rss-mp3.php script of t… |
1
|
2025-12-18 |
| CVE-2025-63948 |
MED
|
5.4 |
A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the database_… |
12
|
2025-12-18 |
| CVE-2025-63947 |
MED
|
5.4 |
A Reflected Cross-Site Scripting (XSS) vulnerability exists in phpMsAdmin versi… |
12
|
2025-12-18 |
| CVE-2025-59529 |
MED
|
5.5 |
Avahi is a system which facilitates service discovery on a local network via th… |
9
|
2025-12-18 |
| CVE-2023-53944 |
MED
|
6.5 |
EasyPHP Webserver 14.1 contains a path traversal vulnerability that allows remo… |
12
|
2025-12-18 |
| CVE-2023-53941 |
CRIT
|
9.8 |
EasyPHP Webserver 14.1 contains an OS command injection vulnerability that allo… |
12
|
2025-12-18 |
| CVE-2025-68469 |
LOW
|
3.3 |
ImageMagick is free and open-source software used for editing and manipulating … |
11
|
2025-12-18 |
| CVE-2025-64724 |
HIGH
|
7.3 |
Arduino IDE is an integrated development environment. Prior to version 2.3.7, A… |
5
|
2025-12-18 |
| CVE-2025-64723 |
MED
|
4.4 |
Arduino IDE is an integrated development environment. Prior to version 2.3.7, A… |
5
|
2025-12-18 |
| CVE-2025-63389 |
CRIT
|
9.8 |
A critical authentication bypass vulnerability exists in Ollama platform's API … |
9
|
2025-12-18 |
| CVE-2025-7358 |
HIGH
|
7.5 |
Use of Hard-coded Credentials vulnerability in Utarit Informatics Services Inc.… |
23
|
2025-12-18 |
| CVE-2025-7047 |
MED
|
4.3 |
Missing Authorization vulnerability in Utarit Informatics Services Inc. SoliClu… |
23
|
2025-12-18 |
| CVE-2025-64469 |
HIGH
|
7.8 |
There is a stack-based buffer overflow vulnerability in NI LabVIEW in LVResFile… |
12
|
2025-12-18 |
| CVE-2025-64468 |
HIGH
|
7.8 |
There is a use-after-free vulnerability in sentry!sentry_span_set_data() when p… |
12
|
2025-12-18 |
| CVE-2025-64467 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::FindRs… |
12
|
2025-12-18 |
| CVE-2025-64466 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedPr… |
12
|
2025-12-18 |
| CVE-2025-64465 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in lvre!DataSizeTDR(… |
12
|
2025-12-18 |
| CVE-2025-64464 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in lvre!VisaWriteFro… |
12
|
2025-12-18 |
| CVE-2025-64463 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in LVResource::Detac… |
12
|
2025-12-18 |
| CVE-2025-64462 |
HIGH
|
7.8 |
There is an out of bounds read vulnerability in NI LabVIEW in LVResFile::RGetMe… |
12
|
2025-12-18 |
| CVE-2025-64461 |
HIGH
|
7.8 |
There is an out of bounds write vulnerability in NI LabVIEW in mgocre_SH_25_3!R… |
12
|
2025-12-18 |
| CVE-2025-63757 |
HIGH
|
7.5 |
Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswsc… |
3
|
2025-12-18 |
| CVE-2025-1031 |
HIGH
|
7.5 |
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Inform… |
15
|
2025-12-18 |
| CVE-2025-1030 |
HIGH
|
7.5 |
Exposure of Private Personal Information to an Unauthorized Actor vulnerability… |
15
|
2025-12-18 |
| CVE-2025-1029 |
HIGH
|
7.5 |
Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc.… |
15
|
2025-12-18 |
| CVE-2025-14861 |
HIGH
|
8.8 |
Memory safety bugs present in Firefox 146. Some of these bugs showed evidence o… |
289
|
2025-12-18 |
| CVE-2025-14860 |
CRIT
|
9.8 |
Use-after-free in the Disability Access APIs component. This vulnerability affe… |
289
|
2025-12-18 |
| CVE-2025-14744 |
MED
|
6.5 |
Unicode RTLO characters could allow malicious websites to spoof filenames in th… |
283
|
2025-12-18 |
| CVE-2025-40898 |
HIGH
|
8.1 |
A path traversal vulnerability was discovered in the Import Arc data archive fu… |
3
|
2025-12-18 |
| CVE-2025-40893 |
MED
|
6.1 |
A Stored HTML Injection vulnerability was discovered in the Asset List function… |
3
|
2025-12-18 |
| CVE-2025-40892 |
HIGH
|
8.9 |
A Stored Cross-Site Scripting vulnerability was discovered in the Reports funct… |
3
|
2025-12-18 |
| CVE-2025-40891 |
MED
|
4.7 |
A Stored HTML Injection vulnerability was discovered in the Time Machine Snapsh… |
3
|
2025-12-18 |
| CVE-2025-60180 |
CRIT
|
9.8 |
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms S… |
8
|
2025-12-18 |
| CVE-2025-60046 |
HIGH
|
8.1 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP… |
15
|
2025-12-18 |
| CVE-2025-58899 |
HIGH
|
8.1 |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP… |
9
|
2025-12-18 |
| CVE-2025-14318 |
MED
|
4.3 |
Improper access checks in M-Files Server before 25.12.15491.7 allows users to d… |
16
|
2025-12-18 |
| CVE-2023-53929 |
HIGH
|
8.8 |
phpMyFAQ 3.1.12 contains a CSV injection vulnerability that allows authenticate… |
12
|
2025-12-17 |
| CVE-2023-53928 |
MED
|
5.4 |
PHPFusion 9.10.30 contains a stored cross-site scripting vulnerability in the f… |
12
|
2025-12-17 |
| CVE-2023-53927 |
MED
|
5.4 |
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability … |
12
|
2025-12-17 |
| CVE-2023-53926 |
CRIT
|
9.8 |
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column… |
12
|
2025-12-17 |
| CVE-2025-68129 |
MED
|
6.8 |
Auth0-PHP is a PHP SDK for Auth0 Authentication and Management APIs. In applica… |
16
|
2025-12-17 |
| CVE-2025-68118 |
CRIT
|
9.1 |
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versi… |
1
|
2025-12-17 |
| CVE-2025-68114 |
MED
|
4.8 |
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unc… |
2
|
2025-12-17 |
| CVE-2025-67873 |
MED
|
4.8 |
Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipda… |
2
|
2025-12-17 |
| CVE-2025-53000 |
HIGH
|
7.8 |
The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various ot… |
1
|
2025-12-17 |
| CVE-2025-46282 |
MED
|
5.5 |
The issue was addressed with additional permissions checks. This issue is fixed… |
93
|
2025-12-17 |
| CVE-2025-43541 |
MED
|
4.3 |
A type confusion issue was addressed with improved state handling. This issue i… |
93
|
2025-12-17 |
| CVE-2025-43536 |
MED
|
4.3 |
A use-after-free issue was addressed with improved memory management. This issu… |
93
|
2025-12-17 |
| CVE-2025-43535 |
MED
|
4.3 |
The issue was addressed with improved memory handling. This issue is fixed in S… |
93
|
2025-12-17 |
| CVE-2025-43531 |
LOW
|
3.1 |
A race condition was addressed with improved state handling. This issue is fixe… |
93
|
2025-12-17 |
| CVE-2025-43529 |
HIGH
|
8.8 |
A use-after-free issue was addressed with improved memory management. This issu… |
93
|
2025-12-17 |
| CVE-2025-43526 |
CRIT
|
9.8 |
This issue was addressed with improved URL validation. This issue is fixed in S… |
93
|
2025-12-17 |
| CVE-2025-43501 |
MED
|
4.3 |
A buffer overflow issue was addressed with improved memory handling. This issue… |
93
|
2025-12-17 |
| CVE-2025-13326 |
LOW
|
3.9 |
Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on t… |
53
|
2025-12-17 |
| CVE-2025-13321 |
LOW
|
3.3 |
Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information f… |
53
|
2025-12-17 |
| CVE-2025-53919 |
HIGH
|
7.8 |
An issue was discovered in the Portrait Dell Color Management application throu… |
2
|
2025-12-17 |
| CVE-2025-53398 |
HIGH
|
7.8 |
The Portrait Dell Color Management application 3.3.8 for Dell monitors has Inse… |
2
|
2025-12-17 |
| CVE-2025-14727 |
HIGH
|
8.3 |
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target a… |
2
|
2025-12-17 |
| CVE-2024-29371 |
HIGH
|
7.5 |
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) conditi… |
8
|
2025-12-17 |
| CVE-2024-29370 |
MED
|
5.3 |
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an atta… |
12
|
2025-12-17 |
| CVE-2022-23851 |
CRIT
|
9.8 |
Netaxis API Orchestrator (APIO) before 0.19.3 allows server side template injec… |
8
|
2025-12-17 |
| CVE-2025-67895 |
CRIT
|
9.8 |
Edge3 Worker RPC RCE on Airflow 2.
This issue affects Apache Airflow Providers… |
24
|
2025-12-17 |
| CVE-2025-14701 |
HIGH
|
7.1 |
An input neutralization vulnerability in the Server MOTD component of Crafty Co… |
1
|
2025-12-17 |
| CVE-2025-14766 |
HIGH
|
8.8 |
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 all… |
178
|
2025-12-16 |
| CVE-2025-14765 |
HIGH
|
8.8 |
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a rem… |
178
|
2025-12-16 |
| CVE-2025-68150 |
MED
|
6.5 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2025-12-16 |
| CVE-2025-46296 |
MED
|
5.4 |
An authorization bypass vulnerability in FileMaker Server Admin Console allowed… |
2
|
2025-12-16 |
| CVE-2025-46295 |
CRIT
|
9.8 |
Apache Commons Text versions prior to 1.10.0 included interpolation features th… |
2
|
2025-12-16 |
| CVE-2025-46294 |
MED
|
5.3 |
To enhance security, the FileMaker Server 22.0.4 installer now includes an opti… |
2
|
2025-12-16 |
| CVE-2025-33226 |
HIGH
|
7.8 |
NVIDIA NeMo Framework for all platforms contains a vulnerability where maliciou… |
1
|
2025-12-16 |
| CVE-2025-33212 |
HIGH
|
7.3 |
NVIDIA NeMo Framework contains a vulnerability in model loading that could allo… |
1
|
2025-12-16 |
| CVE-2023-53894 |
CRIT
|
9.8 |
phpfm 1.7.9 contains an authentication bypass vulnerability that allows attacke… |
12
|
2025-12-16 |
| CVE-2025-68269 |
MED
|
5.4 |
In JetBrains IntelliJ IDEA before 2025.3 missing confirmation allowed opening o… |
28
|
2025-12-16 |
| CVE-2025-68268 |
MED
|
5.4 |
In JetBrains TeamCity before 2025.11.1 reflected XSS was possible on the storag… |
30
|
2025-12-16 |
| CVE-2025-68267 |
MED
|
6.5 |
In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due t… |
30
|
2025-12-16 |
| CVE-2025-68166 |
MED
|
5.4 |
In JetBrains TeamCity before 2025.11 a DOM-based XSS was possible on the OAuth … |
30
|
2025-12-16 |
| CVE-2025-68165 |
MED
|
5.4 |
In JetBrains TeamCity before 2025.11 reflected XSS was possible on VCS Root set… |
30
|
2025-12-16 |
| CVE-2025-68164 |
LOW
|
2.7 |
In JetBrains TeamCity before 2025.11 port enumeration was possible via the Perf… |
30
|
2025-12-16 |
| CVE-2025-68163 |
LOW
|
3.5 |
In JetBrains TeamCity before 2025.11 stored XSS was possible on agentpushInstal… |
30
|
2025-12-16 |
| CVE-2025-68162 |
LOW
|
2.7 |
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions … |
30
|
2025-12-16 |
| CVE-2025-65319 |
CRIT
|
9.1 |
When using the attachment interaction functionality, Blue Mail 1.140.103 and be… |
1
|
2025-12-16 |
| CVE-2025-10450 |
HIGH
|
7.5 |
Exposure of Private Personal Information to an Unauthorized Actor vulnerability… |
6
|
2025-12-16 |
| CVE-2025-65076 |
MED
|
6.1 |
WaveView client allows users to execute restricted set of predefined commands a… |
1
|
2025-12-16 |
| CVE-2025-65075 |
MED
|
6.5 |
WaveView client allows users to execute restricted set of predefined commands a… |
1
|
2025-12-16 |
| CVE-2025-65074 |
HIGH
|
7.2 |
WaveView client allows users to execute restricted set of predefined commands a… |
1
|
2025-12-16 |
| CVE-2025-68115 |
MED
|
6.1 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2025-12-16 |
| CVE-2025-9460 |
HIGH
|
7.8 |
A maliciously crafted SLDPRT file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-9459 |
HIGH
|
7.8 |
A maliciously crafted SLDPRT file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-9457 |
HIGH
|
7.8 |
A maliciously crafted PRT file, when parsed through certain Autodesk products, … |
70
|
2025-12-16 |
| CVE-2025-9456 |
HIGH
|
7.8 |
A maliciously crafted SLDPRT file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-9455 |
HIGH
|
7.8 |
A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk pro… |
70
|
2025-12-16 |
| CVE-2025-9454 |
HIGH
|
7.8 |
A maliciously crafted PRT file, when parsed through certain Autodesk products, … |
70
|
2025-12-16 |
| CVE-2025-9453 |
HIGH
|
7.8 |
A maliciously crafted PRT file, when parsed through certain Autodesk products, … |
70
|
2025-12-16 |
| CVE-2025-9452 |
HIGH
|
7.8 |
A maliciously crafted SLDPRT file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-14593 |
HIGH
|
7.8 |
A maliciously crafted CATPART file, when parsed through certain Autodesk produc… |
70
|
2025-12-16 |
| CVE-2025-10900 |
HIGH
|
7.8 |
AA maliciously crafted MODEL file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-10899 |
HIGH
|
7.8 |
AA maliciously crafted MODEL file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-10898 |
HIGH
|
7.8 |
AA maliciously crafted MODEL file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-10889 |
HIGH
|
7.8 |
A maliciously crafted CATPART file, when parsed through certain Autodesk produc… |
70
|
2025-12-16 |
| CVE-2025-10888 |
HIGH
|
7.8 |
AA maliciously crafted MODEL file, when parsed through certain Autodesk product… |
70
|
2025-12-16 |
| CVE-2025-10887 |
HIGH
|
7.8 |
A maliciously crafted MODEL file, when parsed through certain Autodesk products… |
70
|
2025-12-16 |
| CVE-2025-10886 |
HIGH
|
7.8 |
A maliciously crafted MODEL file, when parsed through certain Autodesk products… |
70
|
2025-12-16 |
| CVE-2025-10884 |
HIGH
|
7.8 |
AA maliciously crafted CATPART file, when parsed through certain Autodesk produ… |
70
|
2025-12-16 |
| CVE-2025-10883 |
HIGH
|
7.8 |
A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk pro… |
70
|
2025-12-16 |
| CVE-2025-10882 |
HIGH
|
7.8 |
AA maliciously crafted X_T file, when parsed through certain Autodesk products,… |
70
|
2025-12-16 |
| CVE-2025-10881 |
HIGH
|
7.8 |
A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk pro… |
70
|
2025-12-16 |
| CVE-2023-53877 |
CRIT
|
9.8 |
Bus Reservation System 1.1 contains a SQL injection vulnerability in the pickup… |
12
|
2025-12-15 |
| CVE-2023-53875 |
HIGH
|
8.8 |
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in its In… |
1
|
2025-12-15 |
| CVE-2023-53874 |
CRIT
|
9.8 |
GOM Player 2.3.90.5360 contains a buffer overflow vulnerability in the equalize… |
1
|
2025-12-15 |
| CVE-2025-65213 |
CRIT
|
9.8 |
MooreThreads torch_musa through all versions contains an unsafe deserialization… |
8
|
2025-12-15 |
| CVE-2025-37732 |
MED
|
5.4 |
Improper neutralization of input during web page generation ('Cross-site Script… |
1
|
2025-12-15 |
| CVE-2025-37731 |
MED
|
6.8 |
Improper Authentication in Elasticsearch PKI realm can lead to user impersonati… |
1
|
2025-12-15 |
| CVE-2025-14714 |
MED
|
6.5 |
An Authentication Bypass vulnerability existed where the application bundled an… |
1
|
2025-12-15 |
| CVE-2025-14711 |
HIGH
|
7.3 |
A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209b… |
1
|
2025-12-15 |
| CVE-2025-14710 |
HIGH
|
7.3 |
A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab2… |
1
|
2025-12-15 |
| CVE-2025-14023 |
LOW
|
3.1 |
LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies be… |
1
|
2025-12-15 |
| CVE-2025-14022 |
HIGH
|
7.7 |
LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to impro… |
1
|
2025-12-15 |
| CVE-2025-14021 |
MED
|
4.3 |
The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable… |
1
|
2025-12-15 |
| CVE-2025-14020 |
MED
|
5.4 |
LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerab… |
1
|
2025-12-15 |
| CVE-2025-14373 |
MED
|
4.3 |
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 14… |
177
|
2025-12-12 |
| CVE-2025-14372 |
MED
|
6.1 |
Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 all… |
177
|
2025-12-12 |
| CVE-2025-14174 |
HIGH
|
8.8 |
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.749… |
2407
|
2025-12-12 |
| CVE-2025-36746 |
MED
|
5.4 |
SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that a… |
74
|
2025-12-12 |
| CVE-2025-40829 |
HIGH
|
7.8 |
A vulnerability has been identified in Simcenter Femap (All versions < V2512). … |
4
|
2025-12-12 |
| CVE-2025-67727 |
CRIT
|
9.8 |
Parse Server is an open source backend that can be deployed to any infrastructu… |
8
|
2025-12-12 |
| CVE-2025-13670 |
MED
|
6.7 |
The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DL… |
16
|
2025-12-12 |
| CVE-2025-13669 |
MED
|
6.7 |
Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis C… |
8
|
2025-12-12 |
| CVE-2025-13665 |
MED
|
6.7 |
The System Console Utility for Windows is vulnerable to a DLL planting vulnerab… |
16
|
2025-12-12 |
| CVE-2025-13668 |
MED
|
6.7 |
A potential security vulnerability in Quartus® Prime Pro Edition Design Softwar… |
16
|
2025-12-11 |
| CVE-2025-55816 |
MED
|
6.1 |
HotelDruid v3.0.7 and before is vulnerable to Cross Site Scripting (XSS) in the… |
96
|
2025-12-11 |
| CVE-2025-14537 |
HIGH
|
7.3 |
A weakness has been identified in code-projects Class and Exam Timetable Manage… |
14
|
2025-12-11 |
| CVE-2025-13664 |
MED
|
6.7 |
A potential security vulnerability in Quartus® Prime Standard Edition Design So… |
16
|
2025-12-11 |
| CVE-2025-13663 |
MED
|
6.7 |
Under certain circumstances, the Quartus Prime Pro Installer for Windows does n… |
16
|
2025-12-11 |
| CVE-2025-14536 |
HIGH
|
7.3 |
A security flaw has been discovered in code-projects Class and Exam Timetable M… |
14
|
2025-12-11 |
| CVE-2025-13481 |
HIGH
|
8.8 |
IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user t… |
8
|
2025-12-11 |
| CVE-2025-13214 |
HIGH
|
7.6 |
IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A r… |
8
|
2025-12-11 |
| CVE-2025-13211 |
MED
|
5.3 |
IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user t… |
8
|
2025-12-11 |
| CVE-2025-13148 |
HIGH
|
8.1 |
IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authenticated … |
8
|
2025-12-11 |
| CVE-2025-13780 |
CRIT
|
9.1 |
pgAdmin versions up to 9.10 are affected by a Remote Code Execution (RCE) vulne… |
1
|
2025-12-11 |
| CVE-2025-64669 |
HIGH
|
7.8 |
Improper access control in Windows Admin Center allows an authorized attacker t… |
2160
|
2025-12-11 |
| CVE-2025-14046 |
MED
|
6.1 |
An improper neutralization of input vulnerability was identified in GitHub Ente… |
104
|
2025-12-11 |
| CVE-2024-8273 |
HIGH
|
8.8 |
Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity … |
1
|
2025-12-11 |
| CVE-2025-67742 |
LOW
|
3.8 |
In JetBrains TeamCity before 2025.11 path traversal was possible via file upload |
30
|
2025-12-11 |
| CVE-2025-67741 |
MED
|
4.6 |
In JetBrains TeamCity before 2025.11 stored XSS was possible via session attrib… |
30
|
2025-12-11 |
| CVE-2025-67740 |
LOW
|
2.7 |
In JetBrains TeamCity before 2025.11 improper access control could expose GitHu… |
30
|
2025-12-11 |
| CVE-2025-67739 |
LOW
|
3.1 |
In JetBrains TeamCity before 2025.11.2 improper repository URL validation could… |
30
|
2025-12-11 |
| CVE-2025-59803 |
MED
|
5.3 |
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via trigge… |
15
|
2025-12-11 |
| CVE-2025-59802 |
HIGH
|
7.5 |
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. W… |
15
|
2025-12-11 |
| CVE-2025-55314 |
HIGH
|
7.8 |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13… |
14
|
2025-12-11 |
| CVE-2025-55313 |
HIGH
|
7.8 |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13… |
14
|
2025-12-11 |
| CVE-2025-55312 |
HIGH
|
7.8 |
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 202… |
14
|
2025-12-11 |
| CVE-2025-55311 |
MED
|
6.5 |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13… |
14
|
2025-12-11 |
| CVE-2025-55310 |
HIGH
|
7.3 |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13… |
14
|
2025-12-11 |
| CVE-2025-55309 |
MED
|
6.7 |
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13… |
14
|
2025-12-11 |
| CVE-2025-55308 |
MED
|
6.7 |
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 202… |
14
|
2025-12-11 |
| CVE-2025-55307 |
LOW
|
3.3 |
An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 202… |
14
|
2025-12-11 |
| CVE-2025-14265 |
CRIT
|
9.1 |
In versions of ScreenConnect™ prior to 25.8, server-side validation and integri… |
1
|
2025-12-11 |
| CVE-2024-40593 |
MED
|
6.0 |
A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7… |
1
|
2025-12-11 |
| CVE-2025-64995 |
MED
|
6.5 |
A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1… |
96
|
2025-12-11 |
| CVE-2025-64994 |
MED
|
6.5 |
A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1… |
96
|
2025-12-11 |
| CVE-2025-64993 |
MED
|
6.8 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64992 |
MED
|
6.8 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64991 |
MED
|
6.8 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64990 |
MED
|
6.8 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64989 |
HIGH
|
7.2 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64988 |
HIGH
|
7.2 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64987 |
HIGH
|
7.2 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-64986 |
HIGH
|
7.2 |
A command injection vulnerability was discovered in TeamViewer DEX (former 1E D… |
96
|
2025-12-11 |
| CVE-2025-46266 |
MED
|
4.3 |
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribut… |
96
|
2025-12-11 |
| CVE-2025-44016 |
HIGH
|
8.8 |
A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribut… |
96
|
2025-12-11 |
| CVE-2025-12687 |
MED
|
6.5 |
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribut… |
96
|
2025-12-11 |
| CVE-2025-12734 |
LOW
|
3.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.6… |
54
|
2025-12-11 |
| CVE-2025-12029 |
HIGH
|
8.0 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.1… |
54
|
2025-12-11 |
| CVE-2025-14512 |
MED
|
6.5 |
A flaw was found in glib. This vulnerability allows a heap buffer overflow and … |
21
|
2025-12-11 |
| CVE-2025-8405 |
HIGH
|
7.7 |
GitLab has remediated a security issue in GitLab CE/EE affecting all versions f… |
54
|
2025-12-11 |
| CVE-2025-4097 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.1… |
54
|
2025-12-11 |
| CVE-2025-11984 |
MED
|
6.8 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.1… |
54
|
2025-12-11 |
| CVE-2025-11247 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab EE affecting all versions from 13.2 be… |
54
|
2025-12-11 |
| CVE-2025-14157 |
MED
|
6.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 6.3 … |
54
|
2025-12-11 |
| CVE-2025-13978 |
MED
|
4.3 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5… |
54
|
2025-12-11 |
| CVE-2025-12716 |
HIGH
|
8.7 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4… |
54
|
2025-12-11 |
| CVE-2025-12562 |
HIGH
|
7.5 |
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.1… |
54
|
2025-12-11 |
| CVE-2025-67644 |
HIGH
|
7.3 |
LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver t… |
9
|
2025-12-11 |
| CVE-2025-66628 |
HIGH
|
7.5 |
ImageMagick is a software suite to create, edit, compose, or convert bitmap ima… |
12
|
2025-12-10 |
| CVE-2025-67461 |
MED
|
5.0 |
External control of file name or path in Zoom Rooms for macOS before version 6.… |
8
|
2025-12-10 |
| CVE-2025-67460 |
HIGH
|
7.8 |
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows be… |
8
|
2025-12-10 |
| CVE-2020-36900 |
HIGH
|
8.8 |
All-Dynamics Digital Signage System 2.0.2 contains a cross-site request forgery… |
54
|
2025-12-10 |
| CVE-2020-36899 |
HIGH
|
7.5 |
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file disclos… |
54
|
2025-12-10 |
| CVE-2020-36898 |
CRIT
|
9.1 |
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletio… |
1
|
2025-12-10 |