Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 276–300 of 1,557 (capped at 500)
| CVE ID | Severity ↓ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-45748 | CRITICAL | Patched | 9.8 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /ssh/tunnel/connect` endpoint in Termix prior to ver… |
| CVE-2026-45746 | CRITICAL | Patched | 9.0 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Manager functionality in Term… |
| CVE-2026-45744 | CRITICAL | Patched | 9.9 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/file_manager/ssh/resolveP… |
| CVE-2026-36500 | CRITICAL | 9.1 | 2026-06-05 | An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted request. | |
| CVE-2025-71317 | CRITICAL | 9.8 | 2026-06-05 | NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authentic… | |
| CVE-2025-71318 | CRITICAL | 9.8 | 2026-06-05 | NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (… | |
| CVE-2026-11362 | CRITICAL | 9.8 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections … | |
| CVE-2026-9270 | CRITICAL | 9.1 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from unt… | |
| CVE-2026-10879 | CRITICAL | Patched | 9.8 | 2026-06-05 | DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to … |
| CVE-2026-49777 | CRITICAL | Patched | 10.0 | 2026-06-05 | Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue af… |
| CVE-2026-6274 | CRITICAL | Patched | 9.8 | 2026-06-05 | Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allow… |
| CVE-2026-7762 | CRITICAL | 9.8 | 2026-06-05 | A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticat… | |
| CVE-2026-7763 | CRITICAL | 9.8 | 2026-06-05 | A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated… | |
| CVE-2026-11293 | CRITICAL | 9.6 | 2026-06-05 | Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… | |
| CVE-2026-11282 | CRITICAL | 9.6 | 2026-06-05 | Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted … | |
| CVE-2026-11250 | CRITICAL | Patched | 9.6 | 2026-06-05 | Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially se… |
| CVE-2026-48567 | CRITICAL | 10.0 | 2026-06-04 | Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network. | |
| CVE-2026-48579 | CRITICAL | 9.1 | 2026-06-04 | Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network. | |
| CVE-2026-11213 | CRITICAL | Patched | 9.6 | 2026-06-04 | Insufficient validation of untrusted input in Reading Mode in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to pot… |
| CVE-2026-11207 | CRITICAL | Patched | 9.6 | 2026-06-04 | Insufficient validation of untrusted input in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via malicio… |
| CVE-2026-11198 | CRITICAL | Patched | 9.6 | 2026-06-04 | Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted… |
| CVE-2026-11165 | CRITICAL | 9.6 | 2026-06-04 | Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromiu… | |
| CVE-2026-11167 | CRITICAL | Patched | 9.6 | 2026-06-04 | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially… |
| CVE-2026-11163 | CRITICAL | Patched | 9.6 | 2026-06-04 | Use after free in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-11152 | CRITICAL | Patched | 9.6 | 2026-06-04 | Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium … |