Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 351–375 of 1,463 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-45743 | HIGH | Patched | 8.1 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do … |
| CVE-2026-45327 | HIGH | 8.2 | 2026-06-05 | TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injectio… | |
| CVE-2026-45291 | HIGH | Patched | 7.5 | 2026-06-05 | Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260418.124334-32` impacts publicly accessi… |
| CVE-2026-45290 | HIGH | Patched | 7.5 | 2026-06-05 | Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260417.085727-30` impacts publicly accessi… |
| CVE-2026-36501 | NONE | — | 2026-06-05 | An issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafted input. | |
| CVE-2026-36500 | CRITICAL | 9.1 | 2026-06-05 | An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted request. | |
| CVE-2026-2379 | MEDIUM | 5.9 | 2026-06-05 | On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical in… | |
| CVE-2026-11344 | HIGH | 7.3 | 2026-06-05 | A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registratio… | |
| CVE-2026-11342 | HIGH | 7.3 | 2026-06-05 | A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of th… | |
| CVE-2026-11341 | MEDIUM | 6.3 | 2026-06-05 | A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument … | |
| CVE-2025-71318 | CRITICAL | 9.8 | 2026-06-05 | NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (… | |
| CVE-2025-71317 | CRITICAL | 9.8 | 2026-06-05 | NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authentic… | |
| CVE-2026-8714 | NONE | — | 2026-06-05 | A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can… | |
| CVE-2026-7473 | MEDIUM | 5.8 | 2026-06-05 | On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsul… | |
| CVE-2026-48112 | MEDIUM | Patched | 6.5 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap o… |
| CVE-2026-48111 | MEDIUM | Patched | 4.3 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression f… |
| CVE-2026-48104 | MEDIUM | Patched | 4.2 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely … |
| CVE-2026-48103 | MEDIUM | Patched | 4.3 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM (Windows Imaging) archive handl… |
| CVE-2026-11339 | MEDIUM | 6.3 | 2026-06-05 | A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the arg… | |
| CVE-2026-11338 | LOW | 2.4 | 2026-06-05 | A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_… | |
| CVE-2026-11337 | MEDIUM | 4.3 | 2026-06-05 | A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulne… | |
| CVE-2025-5090 | MEDIUM | 6.5 | 2026-06-05 | CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this b… | |
| CVE-2025-5089 | MEDIUM | 6.5 | 2026-06-05 | In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server i… | |
| CVE-2025-5088 | HIGH | 8.3 | 2026-06-05 | An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network acc… | |
| CVE-2026-9270 | CRITICAL | 9.1 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from unt… |