Search
1,613 CVEs
CVEs (1,613, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 301–325 of 1,613 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-10800 | LOW | 3.6 | 2026-06-04 | A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of t… | |
| CVE-2026-10783 | LOW | 2.5 | 2026-06-04 | A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipu… | |
| CVE-2026-10775 | LOW | 3.6 | 2026-06-03 | A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulatio… | |
| CVE-2026-10766 | LOW | 3.6 | 2026-06-03 | A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py of the c… | |
| CVE-2026-7666 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.core.mail.backends.smtp.EmailBackend` in Django fails to prevent reuse of a partially-init… |
| CVE-2026-8404 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not match `Cache-Control` response … |
| CVE-2026-6873 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. `django.http.HttpRequest.get_signed_cookie` in Django uses a non-injective salt derivation (concat… |
| CVE-2026-48587 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.utils.cache.has_vary_header()` in Django does not strip leading or trailing whitespace fro… |
| CVE-2026-44546 | LOW | Patched | 3.7 | 2026-06-03 | daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, … |
| CVE-2026-35193 | LOW | Patched | 3.1 | 2026-06-03 | An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. `django.middleware.cache.UpdateCacheMiddleware` in Django does not add `Authorization` to the `Var… |
| CVE-2026-10722 | LOW | 3.3 | 2026-06-03 | A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionS… | |
| CVE-2026-10705 | LOW | 3.1 | 2026-06-03 | A flaw has been found in dask up to 3.0. Affected by this issue is the function nunique_approx of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This … | |
| CVE-2024-42206 | LOW | 3.1 | 2026-06-02 | HCL iReflection Third party vulnerable and outdated components issue was detected in the web application | |
| CVE-2026-45683 | LOW | Patched | 3.8 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Java TLS ioctl probe reads user-controlled… |
| CVE-2026-44367 | LOW | Patched | 2.7 | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, a vulnerability exists in the user registration and login mechanisms d… |
| CVE-2026-10565 | LOW | 3.1 | 2026-06-02 | A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmm_state_security_mode of the file src/amf/gmm-sm.c of the component NGAP … | |
| CVE-2026-10567 | LOW | 3.5 | 2026-06-02 | A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/Module… | |
| CVE-2026-10529 | LOW | 2.4 | 2026-06-02 | A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/m… | |
| CVE-2026-10514 | LOW | 2.4 | 2026-06-02 | A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestPar… | |
| CVE-2026-10528 | LOW | 3.3 | 2026-06-02 | A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/F… | |
| CVE-2026-8977 | MEDIUM | 6.4 | 2026-06-09 | The WP GDPR Cookie Consent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ninja_gdpr_ajax_actions' AJAX action in versions up to, and including,… | |
| CVE-2026-8895 | MEDIUM | 6.4 | 2026-06-09 | The kk blog card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'blog-card' shortcode in all versions up to, and including, 1.3. This is… | |
| CVE-2026-8902 | MEDIUM | 4.3 | 2026-06-09 | The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect n… | |
| CVE-2026-8904 | MEDIUM | 4.3 | 2026-06-09 | The FastPicker, an order picker and order management system (oms) for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versio… | |
| CVE-2026-8907 | MEDIUM | 6.1 | 2026-06-09 | The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing nonce validation on the p… |