Search
1,557 CVEs
EOL hidden · Show all products
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 251–275 of 1,557 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-47430 | NONE | Patched | — | 2026-06-08 | ## Summary The iOS implementation of `cordova-plugin-inappbrowser` passes the `id` field from a `WKScriptMessage` body to `commandDelegate sendPluginResult:callbackId:` wi… |
| CVE-2026-3011 | MEDIUM | 6.4 | 2026-06-08 | The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to,… | |
| CVE-2026-11569 | MEDIUM | 5.4 | 2026-06-08 | A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious … | |
| CVE-2026-11510 | MEDIUM | 6.3 | 2026-06-08 | A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add_leave.php. Performing a manipulation of th… | |
| CVE-2026-11509 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.p… | |
| CVE-2026-11508 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assig… | |
| CVE-2026-11507 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was found in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /admin/delete_leave_type.php. The manipulation of the argume… | |
| CVE-2026-11506 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/search_staff_for_deletion.php. The manipulation… | |
| CVE-2026-11505 | MEDIUM | 5.0 | 2026-06-08 | A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executi… | |
| CVE-2026-11504 | HIGH | 8.8 | 2026-06-08 | A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule… | |
| CVE-2026-9506 | NONE | — | 2026-06-08 | This vulnerability exists in Bagisto due to improper validation of user-supplied input in the ImageCacheController component. An unauthenticated remote attacker could explo… | |
| CVE-2026-11503 | HIGH | 8.8 | 2026-06-08 | A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi… | |
| CVE-2026-11502 | LOW | 3.1 | 2026-06-08 | A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main… | |
| CVE-2026-11501 | HIGH | 7.3 | 2026-06-08 | A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Maste… | |
| CVE-2026-11500 | MEDIUM | 5.0 | 2026-06-08 | A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of… | |
| CVE-2024-56123 | NONE | — | 2026-06-08 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2024-56122 | NONE | — | 2026-06-08 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2024-56121 | NONE | — | 2026-06-08 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2024-56120 | NONE | — | 2026-06-08 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2026-41724 | HIGH | 8.0 | 2026-06-08 | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets… | |
| CVE-2026-41723 | HIGH | 8.0 | 2026-06-08 | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets… | |
| CVE-2026-41722 | HIGH | 8.0 | 2026-06-08 | VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets… | |
| CVE-2026-3238 | HIGH | 7.5 | 2026-06-08 | A flaw was found in Samba’s WINS server component when running as an Active Directory Domain Controller. The WINS protocol handlers for certain request types did not proper… | |
| CVE-2026-11499 | CRITICAL | 9.8 | 2026-06-08 | A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulat… | |
| CVE-2026-11498 | HIGH | 8.8 | 2026-06-08 | A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the function asp_voip_OtherSet of the file /boaform/voip_other_set of the co… |