Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 1,463 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-41011 | HIGH | Patched | 8.2 | 2026-06-04 | PackagePersister.validate_tgz builds "tar -tf #{tgz} 2>&1" where tgz = File.join(release_dir, 'packages', "#{name}.tgz") and name = package_meta['name'] comes directly from… |
| CVE-2026-8936 | NONE | Patched | — | 2026-06-02 | Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered … |
| CVE-2021-4481 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2021-4480 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2026-48594 | NONE | Patched | — | 2026-06-02 | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodi… |
| CVE-2026-48595 | NONE | Patched | — | 2026-06-02 | Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.Fol… |
| CVE-2026-48597 | NONE | Patched | — | 2026-06-02 | Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Ad… |
| CVE-2026-28299 | HIGH | Patched | 8.2 | 2026-06-02 | SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficie… |
| CVE-2021-4478 | HIGH | Patched | 8.2 | 2026-06-02 | Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can … |
| CVE-2026-48862 | NONE | Patched | — | 2026-06-02 | Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client via PUSH… |
| CVE-2026-49754 | NONE | Patched | — | 2026-06-02 | Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint Mint allows attacker-controlled HTTP/2 servers to exhaust memory in a Mint client (HTTP/2 … |
| CVE-2026-10622 | HIGH | 8.2 | 2026-06-02 | Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints. | |
| CVE-2026-10611 | NONE | — | 2026-06-02 | An authentication bypass vulnerability exists in MISP when LDAP mixed authentication is enabled with OTP enforcement. In deployments configured with LdapAuth.mixedAuth=true… | |
| CVE-2026-46484 | HIGH | Patched | 8.1 | 2026-06-08 | Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the H… |
| CVE-2026-11416 | HIGH | 8.1 | 2026-06-05 | MoviePilot contains a path traversal vulnerability in the AliPan, U115, and Rclone cloud storage download handlers where the local destination path is constructed by concat… | |
| CVE-2026-45749 | HIGH | Patched | 8.1 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The `POST /users/totp/disable` and `POST /users/totp/backup-co… |
| CVE-2026-45743 | HIGH | Patched | 8.1 | 2026-06-05 | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do … |
| CVE-2026-11224 | HIGH | Patched | 8.1 | 2026-06-04 | Use after free in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium s… |
| CVE-2026-11231 | HIGH | Patched | 8.1 | 2026-06-04 | Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious file. (Chro… |
| CVE-2026-11185 | HIGH | Patched | 8.1 | 2026-06-04 | Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sa… |
| CVE-2026-11169 | HIGH | Patched | 8.1 | 2026-06-04 | Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted XML file. (Ch… |
| CVE-2026-11170 | HIGH | Patched | 8.1 | 2026-06-04 | Inappropriate implementation in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to perform OS-level privilege escalation via malicious… |
| CVE-2026-11111 | HIGH | Patched | 8.1 | 2026-06-04 | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium sec… |
| CVE-2026-11015 | HIGH | Patched | 8.1 | 2026-06-04 | Out of bounds read in WebGPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium se… |
| CVE-2026-11011 | HIGH | Patched | 8.1 | 2026-06-04 | Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass sit… |