Search
6,811 CVEs
CVEs (6,811, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 6,811 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9330 | HIGH | Patched | 8.5 | 2026-06-01 | IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component… |
| CVE-2026-9319 | CRITICAL | Patched | 9.0 | 2026-06-01 | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security. |
| CVE-2026-9312 | HIGH | Patched | 8.2 | 2026-05-27 | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal … |
| CVE-2026-9311 | CRITICAL | Patched | 9.0 | 2026-06-01 | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. |
| CVE-2026-9309 | MEDIUM | Patched | 5.4 | 2026-06-01 | Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensiti… |
| CVE-2026-9308 | MEDIUM | Patched | 5.4 | 2026-06-01 | Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string tha… |
| CVE-2026-9306 | LOW | 3.7 | 2026-05-23 | A security vulnerability has been detected in QuantumNous new-api up to 0.12.1. This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router… | |
| CVE-2026-9305 | MEDIUM | 6.3 | 2026-05-23 | A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the … | |
| CVE-2026-9304 | MEDIUM | 5.0 | 2026-05-23 | A security flaw has been discovered in calcom cal.diy up to 4.9.4. The affected element is the function validateUrlForSSRF of the file apps/web/app/api/logo/route.ts of the… | |
| CVE-2026-9303 | MEDIUM | 4.3 | 2026-05-23 | A vulnerability was identified in calcom cal.diy up to 4.9.4. Impacted is an unknown function. The manipulation leads to cross-site request forgery. It is possible to initi… | |
| CVE-2026-9302 | MEDIUM | 6.3 | 2026-05-23 | A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/in… | |
| CVE-2026-9301 | MEDIUM | 6.3 | 2026-05-23 | A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation resul… | |
| CVE-2026-9300 | MEDIUM | 6.3 | 2026-05-23 | A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corr… | |
| CVE-2026-9299 | MEDIUM | 6.3 | 2026-05-23 | A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. Th… | |
| CVE-2026-9298 | MEDIUM | 6.3 | 2026-05-23 | A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The man… | |
| CVE-2026-9297 | MEDIUM | 6.3 | 2026-05-23 | A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Hand… | |
| CVE-2026-9296 | MEDIUM | 6.3 | 2026-05-23 | A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a m… | |
| CVE-2026-9295 | HIGH | 8.8 | 2026-05-23 | A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Ha… | |
| CVE-2026-9294 | HIGH | 8.8 | 2026-05-23 | A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST … | |
| CVE-2026-9290 | HIGH | 7.5 | 2026-06-06 | The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.17 via the (pro… | |
| CVE-2026-9284 | HIGH | 8.2 | 2026-05-23 | The WooCommerce PayPal Payments plugin for WordPress is vulnerable to unauthorized order manipulation and information disclosure due to missing authorization checks on the … | |
| CVE-2026-9281 | MEDIUM | 6.4 | 2026-06-06 | The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'j… | |
| CVE-2026-9280 | MEDIUM | 6.1 | 2026-06-06 | The Ad Inserter – Ad Manager & AdSense Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL Parameters in iframe Mode in all versions up to, and… | |
| CVE-2026-9274 | NONE | — | 2026-05-25 | This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this… | |
| CVE-2026-9270 | CRITICAL | 9.1 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from unt… |