Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-33448 | LOW | Patched | 3.3 | 2026-04-30 | CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can… |
| CVE-2026-3832 | LOW | 3.7 | 2026-04-30 | A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a… | |
| CVE-2026-7390 | LOW | 3.5 | 2026-04-29 | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. … | |
| CVE-2026-22741 | LOW | Patched | 3.1 | 2026-04-29 | Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the follo… |
| CVE-2026-7360 | LOW | Patched | 3.1 | 2026-04-28 | Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to by… |
| CVE-2026-7351 | LOW | Patched | 3.1 | 2026-04-28 | Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chr… |
| CVE-2026-7303 | LOW | 3.7 | 2026-04-28 | A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controll… | |
| CVE-2026-7297 | LOW | 2.4 | 2026-04-28 | A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function save_user of the file /admin/ajax.php?action=save_use… | |
| CVE-2026-7296 | LOW | 2.4 | 2026-04-28 | A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_order of the file /admin/ajax.php?action=save_order. Performing a m… | |
| CVE-2026-7295 | LOW | 2.4 | 2026-04-28 | A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu… | |
| CVE-2026-7294 | LOW | 2.4 | 2026-04-28 | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /admin/index.php?page=save_se… | |
| CVE-2026-41913 | LOW | Patched | 3.7 | 2026-04-28 | OpenClaw before 2026.4.4 contains a race condition vulnerability in shared-secret authentication that allows concurrent asynchronous requests to bypass the per-key rate-lim… |
| CVE-2026-41407 | LOW | Patched | 3.7 | 2026-04-28 | OpenClaw before 2026.4.2 contains a timing side channel vulnerability in shared-secret comparison call sites that use early length-mismatch checks instead of fixed-length c… |
| CVE-2026-41403 | LOW | Patched | 2.9 | 2026-04-28 | OpenClaw before 2026.3.31 misclassifies proxied remote requests as loopback connections in the diffs viewer when allowRemoteViewer is disabled, allowing unauthorized access… |
| CVE-2026-40969 | LOW | Patched | 3.7 | 2026-04-28 | The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obt… |
| CVE-2026-7281 | LOW | 2.4 | 2026-04-28 | A vulnerability was determined in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function supplier of the file /index.php?page=supplier… | |
| CVE-2026-7269 | LOW | 2.4 | 2026-04-28 | A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /index.php?page=product. Performing a manip… | |
| CVE-2026-7233 | LOW | Patched | 3.3 | 2026-04-28 | A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Inde… |
| CVE-2026-7222 | LOW | 3.5 | 2026-04-28 | A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student… | |
| CVE-2026-7110 | LOW | 3.5 | 2026-04-27 | A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/… | |
| CVE-2026-7103 | LOW | 3.7 | 2026-04-27 | A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipul… | |
| CVE-2026-7090 | LOW | 2.4 | 2026-04-27 | A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The man… | |
| CVE-2026-7041 | LOW | 3.7 | 2026-04-26 | A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler… | |
| CVE-2026-7038 | LOW | 3.3 | 2026-04-26 | A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipu… | |
| CVE-2026-7027 | LOW | 2.4 | 2026-04-26 | A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wire… |