Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 14,631 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-4363 | LOW | Patched | 3.7 | 2026-03-25 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could… |
| CVE-2026-4359 | LOW | Patched | 2.0 | 2026-03-17 | A compromised third party cloud server or man-in-the-middle attacker could send a malformed HTTP response and cause a crash in applications using the MongoDB C driver. |
| CVE-2026-4356 | LOW | 2.4 | 2026-03-18 | A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add_result.php. Executing a manipulation of the argumen… | |
| CVE-2026-4355 | LOW | 3.5 | 2026-03-18 | A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educar_servidor_curso_lst.php of the component Endpoint. Pe… | |
| CVE-2026-4354 | LOW | 3.5 | 2026-03-18 | A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub_420A78 of the file apply_sec.cgi of the component Web Inter… | |
| CVE-2026-43529 | LOW | Patched | 2.5 | 2026-05-05 | OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace… |
| CVE-2026-43514 | LOW | Patched | 3.7 | 2026-05-12 | Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 th… |
| CVE-2026-4292 | LOW | Patched | 2.7 | 2026-04-07 | An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using `ModelAdmin.list_editable` incorrectly allowed new inst… |
| CVE-2026-42874 | LOW | Patched | 3.7 | 2026-05-11 | Microdot is a minimalistic Python web framework. Prior to 2.6.1, the Response.set_cookie() method does not sanitize its string arguments, and in particular will not detect … |
| CVE-2026-4286 | LOW | Patched | 3.1 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to check if {{team_id}} was being changed when updating playbooks, allowing users with only {{Manage Playbook… |
| CVE-2026-4285 | LOW | 2.7 | 2026-03-17 | A vulnerability was identified in taoofagi easegen-admin up to 8f87936ac774065b92fb20aab55b274a6ea76433. Impacted is the function recognizeMarkdown of the file yudao-module… | |
| CVE-2026-42791 | LOW | Patched | 3.7 | 2026-05-27 | Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be … |
| CVE-2026-4273 | LOW | Patched | 3.7 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate that the RefreshedToken differs from the original invite token during remote cluster invite confi… |
| CVE-2026-4251 | LOW | 2.5 | 2026-03-16 | A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter… | |
| CVE-2026-4250 | LOW | 2.5 | 2026-03-16 | A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-… | |
| CVE-2026-42448 | LOW | Patched | 3.5 | 2026-05-26 | Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. Prior to 0.24.0, there is a path traversal when a receiver who s… |
| CVE-2026-42445 | LOW | Patched | 3.3 | 2026-05-12 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in Nana… |
| CVE-2026-42444 | LOW | Patched | 3.3 | 2026-05-12 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. T… |
| CVE-2026-42443 | LOW | Patched | 3.3 | 2026-05-12 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulne… |
| CVE-2026-42442 | LOW | Patched | 3.3 | 2026-05-12 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vuln… |
| CVE-2026-4243 | LOW | 2.5 | 2026-03-16 | A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the co… | |
| CVE-2026-4242 | LOW | 2.5 | 2026-03-16 | A security flaw has been discovered in BabyChakra Pregnancy & Parenting App up to 5.4.3.0 on Android. This affects an unknown function of the file file app/babychakra/babyc… | |
| CVE-2026-4239 | LOW | 3.5 | 2026-03-16 | A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an unknown function of the component Datatables. The manipulation results in improperly controlle… | |
| CVE-2026-42355 | LOW | Patched | 3.3 | 2026-05-12 | NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZi… |
| CVE-2026-4225 | LOW | 2.4 | 2026-03-16 | A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module… |