Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 226–250 of 14,631 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-49383 | LOW | Patched | 3.3 | 2026-05-29 | In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible |
| CVE-2026-49381 | LOW | Patched | 3.4 | 2026-05-29 | In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible |
| CVE-2026-49380 | LOW | Patched | 3.1 | 2026-05-29 | In JetBrains TeamCity before 2026.1 open redirect in the SAML plugin was possible |
| CVE-2026-49370 | LOW | Patched | 3.4 | 2026-05-29 | In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests |
| CVE-2026-49318 | LOW | 2.4 | 2026-05-29 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to byp… | |
| CVE-2026-49317 | LOW | 2.4 | 2026-05-29 | Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to byp… | |
| CVE-2026-4916 | LOW | Patched | 2.7 | 2026-04-08 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authe… |
| CVE-2026-4909 | LOW | 2.4 | 2026-03-27 | A weakness has been identified in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/update_s7.php. This manipulation of the argume… | |
| CVE-2026-49009 | LOW | Patched | 3.1 | 2026-05-27 | Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal. |
| CVE-2026-4899 | LOW | 2.4 | 2026-03-26 | A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The… | |
| CVE-2026-48852 | LOW | Patched | 3.7 | 2026-05-25 | PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification. |
| CVE-2026-48851 | LOW | Patched | 3.1 | 2026-05-25 | PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session. |
| CVE-2026-48850 | LOW | Patched | 3.7 | 2026-05-25 | PuTTY 0.72 before 0.84 has a double free in RSA KEX. |
| CVE-2026-48847 | LOW | Patched | 3.7 | 2026-05-25 | Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass. |
| CVE-2026-48832 | LOW | Patched | 3.5 | 2026-05-24 | action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. |
| CVE-2026-4874 | LOW | 3.1 | 2026-03-26 | A flaw was found in Keycloak. An authenticated attacker can perform Server-Side Request Forgery (SSRF) by manipulating the `client_session_host` parameter during refresh to… | |
| CVE-2026-48587 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace fro… |
| CVE-2026-48524 | LOW | Patched | 3.7 | 2026-05-28 | PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an un… |
| CVE-2026-4835 | LOW | 3.5 | 2026-03-26 | A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an unknown function of the file /my_account/add_costumer.php of the component… | |
| CVE-2026-4833 | LOW | 3.3 | 2026-03-26 | A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipul… | |
| CVE-2026-4831 | LOW | 3.7 | 2026-03-26 | A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the … | |
| CVE-2026-4823 | LOW | 2.5 | 2026-03-25 | A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a m… | |
| CVE-2026-48191 | LOW | Patched | 3.5 | 2026-06-01 | An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about num… |
| CVE-2026-48190 | LOW | Patched | 3.5 | 2026-06-01 | An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Plea… |
| CVE-2026-48156 | LOW | Patched | 3.3 | 2026-05-28 | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This require… |