Search
14,630 CVEs · Low severity
EOL hidden · Show all products
CVEs (14,630, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 301–325 of 14,630 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-8022 | LOW | Patched | 3.1 | 2026-05-06 | Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross… |
| CVE-2026-8017 | LOW | Patched | 3.1 | 2026-05-06 | Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium sec… |
| CVE-2026-7968 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same… |
| CVE-2026-7966 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to by… |
| CVE-2026-7965 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cr… |
| CVE-2026-7959 | LOW | Patched | 3.1 | 2026-05-06 | Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolati… |
| CVE-2026-7954 | LOW | Patched | 3.1 | 2026-05-06 | Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT… |
| CVE-2026-7949 | LOW | Patched | 3.1 | 2026-05-06 | Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafte… |
| CVE-2026-7945 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site… |
| CVE-2026-7944 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to… |
| CVE-2026-7937 | LOW | Patched | 3.1 | 2026-05-06 | Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navi… |
| CVE-2026-7909 | LOW | Patched | 3.1 | 2026-05-06 | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isol… |
| CVE-2025-31974 | LOW | 3.9 | 2026-05-06 | HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modificati… | |
| CVE-2026-8028 | LOW | Patched | 3.7 | 2026-05-06 | A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of t… |
| CVE-2025-31984 | LOW | 3.7 | 2026-05-06 | HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to pe… | |
| CVE-2025-31983 | LOW | 3.7 | 2026-05-06 | HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts incre… | |
| CVE-2025-31982 | LOW | 3.7 | 2026-05-06 | HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of informatio… | |
| CVE-2025-31975 | LOW | 2.6 | 2026-05-06 | HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and sy… | |
| CVE-2025-31959 | LOW | 3.5 | 2026-05-06 | HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive locatio… | |
| CVE-2025-31957 | LOW | 2.6 | 2026-05-06 | HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead to unauthorized changes or exposure of sensitive data. | |
| CVE-2026-8026 | LOW | Patched | 3.7 | 2026-05-06 | A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts… |
| CVE-2025-62345 | LOW | 2.7 | 2026-05-06 | HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling impl… | |
| CVE-2025-59854 | LOW | Patched | 3.1 | 2026-05-06 | HCL DFXAnalytics is affected by an Insecure Security Header Configuration vulnerability where the application utilizes the outdated X-XSS-Protection header, which could all… |
| CVE-2025-59853 | LOW | Patched | 3.1 | 2026-05-06 | HCL DFXAnalytics is affected by an Improper Error Handling vulnerability where the application exposes detailed stack traces in responses, which could allow an attacker to … |
| CVE-2025-59852 | LOW | Patched | 3.7 | 2026-05-06 | HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow … |