Search
19,069 CVEs
EOL hidden · Show all products
CVEs (19,069, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 226–250 of 19,069 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-49232 | NONE | — | 2026-06-08 | Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of file descriptors. This condition ca… | |
| CVE-2026-43974 | NONE | Patched | — | 2026-06-08 | Unexpected Status Code or Return Value vulnerability in ninenines gun (gun_http module) allows a malicious HTTP server to force the client into raw protocol mode via an uns… |
| CVE-2026-43973 | NONE | Patched | — | 2026-06-08 | Uncontrolled Resource Consumption vulnerability in ninenines gun (gun_http module) allows a malicious server to exhaust client memory via unbounded HTTP/1.1 response buffer… |
| CVE-2026-43972 | NONE | Patched | — | 2026-06-08 | Origin Validation Error vulnerability in ninenines gun (gun_http2 module) allows cross-origin cookie injection via unvalidated HTTP/2 PUSH_PROMISE authority. In gun_http2:… |
| CVE-2026-36789 | HIGH | 7.5 | 2026-06-08 | Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and passw… | |
| CVE-2026-25558 | MEDIUM | 4.8 | 2026-06-08 | QloApps through 1.7.0 contains a stored cross-site scripting vulnerability in the admin file manager that allows authenticated administrators to inject malicious JavaScript… | |
| CVE-2026-11521 | MEDIUM | 6.3 | 2026-06-08 | A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part … | |
| CVE-2026-11520 | LOW | 3.5 | 2026-06-08 | A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes… | |
| CVE-2026-11519 | MEDIUM | 6.3 | 2026-06-08 | A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /Product_Inventory/api/us… | |
| CVE-2026-11518 | MEDIUM | 4.3 | 2026-06-08 | A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The man… | |
| CVE-2026-11517 | HIGH | 8.8 | 2026-06-08 | A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulati… | |
| CVE-2026-11516 | MEDIUM | 5.5 | 2026-06-08 | A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the arg… | |
| CVE-2026-9549 | MEDIUM | 4.8 | 2026-06-08 | Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can c… | |
| CVE-2026-8833 | NONE | — | 2026-06-08 | Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated … | |
| CVE-2026-8078 | MEDIUM | 4.8 | 2026-06-08 | Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change globa… | |
| CVE-2026-7765 | NONE | — | 2026-06-08 | Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather th… | |
| CVE-2026-7186 | MEDIUM | 5.4 | 2026-06-08 | Stored cross-site scripting in the URL dashboard widget in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions t… | |
| CVE-2026-11577 | HIGH | 7.2 | 2026-06-08 | A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This al… | |
| CVE-2026-11515 | MEDIUM | 5.3 | 2026-06-08 | A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file … | |
| CVE-2026-11514 | MEDIUM | 6.3 | 2026-06-08 | A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argu… | |
| CVE-2026-11513 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument… | |
| CVE-2026-11512 | MEDIUM | 4.3 | 2026-06-08 | A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipula… | |
| CVE-2026-11511 | LOW | 3.5 | 2026-06-08 | A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attrib… | |
| CVE-2026-50752 | HIGH | 7.4 | 2026-06-08 | A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certif… | |
| CVE-2026-50751 | CRITICAL | 9.3 | 2026-06-08 | A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user au… |