Search
18,975 CVEs
EOL hidden · Show all products
CVEs (18,975, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 18,975 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-48102 | LOW | Patched | 3.1 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File … |
| CVE-2026-48101 | MEDIUM | Patched | 6.5 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) … |
| CVE-2026-11362 | CRITICAL | 9.8 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections … | |
| CVE-2026-11336 | MEDIUM | 6.3 | 2026-06-05 | A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an un… | |
| CVE-2026-6209 | NONE | — | 2026-06-05 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2026-6208 | NONE | — | 2026-06-05 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2026-6207 | NONE | — | 2026-06-05 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |
| CVE-2026-48095 | HIGH | Patched | 8.8 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS comp… |
| CVE-2026-48092 | MEDIUM | Patched | 4.3 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit… |
| CVE-2026-38579 | NONE | — | 2026-06-05 | Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in damasac thaipalliative_lte through version 3.0 allow remote attackers to inject arbitrary web script or HTM… | |
| CVE-2026-37737 | MEDIUM | 6.5 | 2026-06-05 | sanic-cors version 2.2.0 and prior contains an improper regular expression in the try_match() function in sanic_cors/core.py that uses re.match without end-anchoring. This … | |
| CVE-2026-11335 | MEDIUM | 6.3 | 2026-06-05 | A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This impacts the function … | |
| CVE-2026-11334 | HIGH | 7.3 | 2026-06-05 | A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This affects an unk… | |
| CVE-2026-11333 | MEDIUM | 6.3 | 2026-06-05 | A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The i… | |
| CVE-2026-10879 | CRITICAL | Patched | 9.8 | 2026-06-05 | DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to … |
| CVE-2025-59174 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause servic… |
| CVE-2020-25900 | MEDIUM | 5.3 | 2026-06-05 | HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed int… | |
| CVE-2026-50235 | MEDIUM | 6.1 | 2026-06-05 | Lyrion Music Server 9.2.0 contains a reflected cross-site scripting vulnerability in advanced search parameters that fail to properly sanitize user input before displaying … | |
| CVE-2026-50234 | HIGH | 7.5 | 2026-06-05 | Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web… | |
| CVE-2026-50233 | MEDIUM | 5.3 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service (TCP port 9090) and the HTT… | |
| CVE-2026-50232 | HIGH | 7.2 | 2026-06-05 | Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE… | |
| CVE-2026-50231 | HIGH | 7.2 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in the log viewer that allows attackers to inject malicious scripts by explo… | |
| CVE-2026-50230 | MEDIUM | 6.1 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML… | |
| CVE-2026-38500 | NONE | — | 2026-06-05 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a securit… | |
| CVE-2026-11369 | NONE | — | 2026-06-05 | The Comment API (GET /api/Comment and POST /api/Comment) in the affected application fails to perform authorization checks to verify that the requesting user has access to … |