Search
14,633 CVEs · Low severity
CVEs (14,633, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 14,633 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2025-52636 | LOW | Patched | 1.8 | 2026-03-16 | HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumpti… |
| CVE-2025-55250 | LOW | 1.8 | 2026-01-19 | HCL AION version 2 is affected by a Technical Error Disclosure vulnerability. This can expose sensitive technical details, potentially resulting in information disclosure o… | |
| CVE-2025-64345 | LOW | 1.8 | 2025-11-12 | Wasmtime is a runtime for WebAssembly. Prior to version 38.0.4, 37.0.3, 36.0.3, and 24.0.5, Wasmtime's Rust embedder API contains an unsound interaction where a WebAssembly… | |
| CVE-2025-11650 | LOW | Patched | 1.8 | 2025-10-12 | A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. E… |
| CVE-2025-27893 | LOW | Patched | 1.8 | 2025-03-11 | In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercep… |
| CVE-2025-21520 | LOW | Patched | 1.8 | 2025-01-21 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1… |
| CVE-2024-52525 | LOW | Patched | 1.8 | 2024-11-15 | Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is enc… |
| CVE-2024-22477 | LOW | Patched | 1.8 | 2024-07-09 | A cross-site scripting vulnerability exists in the admin console OIDC Policy Management Editor. The impact is contained to admin console users only. |
| CVE-2024-21754 | LOW | Patched | 1.8 | 2024-06-11 | A use of password hash with insufficient computational effort vulnerability [CWE-916] affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all… |
| CVE-2024-36119 | LOW | Patched | 1.8 | 2024-05-30 | Statamic is a, Laravel + Git powered CMS designed for building websites. In affected versions users registering via the `user:register_form` tag will have their password co… |
| CVE-2024-2567 | LOW | 1.8 | 2024-03-17 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown fu… | |
| CVE-2024-2364 | LOW | 1.8 | 2024-03-10 | A vulnerability classified as problematic has been found in Musicshelf 1.0/1.1 on Android. Affected is an unknown function of the file androidmanifest.xml of the component … | |
| CVE-2023-41090 | LOW | Patched | 1.8 | 2024-02-14 | Race condition in some Intel(R) MAS software before version 2.3 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2023-24476 | LOW | Patched | 1.8 | 2023-06-07 | An attacker with local access to the machine could record the traffic, which could allow them to resend requests without the server authenticating that the user or sessi… |
| CVE-2022-40974 | LOW | Patched | 1.8 | 2023-05-10 | Incomplete cleanup in the Intel(R) IPP Cryptography software before version 2021.6 may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2023-21928 | LOW | 1.8 | 2023-04-18 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: IPS repository daemon). The supported version that is affected is 11. Difficult to exploit vulne… | |
| CVE-2022-26329 | LOW | Patched | 1.8 | 2023-01-26 | File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This i… |
| CVE-2022-23006 | LOW | Patched | 1.8 | 2022-09-27 | A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system… |
| CVE-2022-36876 | LOW | Patched | 1.8 | 2022-09-09 | Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. |
| CVE-2021-35618 | LOW | Patched | 1.8 | 2021-10-20 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vu… |
| CVE-2021-23906 | LOW | Patched | 1.8 | 2021-05-13 | An issue was discovered in the Headunit NTG6 in the MBUX Infotainment System on Mercedes-Benz vehicles through 2021. A Message Length is not checked in the HiQnet Protocol,… |
| CVE-2021-2147 | LOW | 1.8 | 2021-04-22 | Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Installation). The supported version that is affected is 8.8. Difficult to explo… | |
| CVE-2019-3008 | LOW | 1.8 | 2019-10-16 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: LDAP Library). The supported version that is affected is 11. Difficult to exploit vulnerability al… | |
| CVE-2016-1586 | LOW | Patched | 1.8 | 2019-04-22 | A malicious webview could install long-lived unload handlers that re-use an incognito BrowserContext that is queued for destruction in versions of Oxide before 1.18.3. |
| CVE-2018-3270 | LOW | 1.8 | 2018-10-17 | Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Difficult to exploit vul… |