Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 14,626 (capped at 500)
| CVE ID | Severity ↓ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-3254 | LOW | Patched | 3.5 | 2026-04-22 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that under certain conditions could have allowed an authenticated user to lo… |
| CVE-2026-35375 | LOW | Patched | 3.3 | 2026-04-22 | A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation ut… |
| CVE-2026-35377 | LOW | 3.3 | 2026-04-22 | A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, bac… | |
| CVE-2026-35378 | LOW | Patched | 3.3 | 2026-04-22 | A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phas… |
| CVE-2026-35379 | LOW | Patched | 3.3 | 2026-04-22 | A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly in… |
| CVE-2026-35373 | LOW | 3.3 | 2026-04-22 | A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., l… | |
| CVE-2026-35367 | LOW | 3.3 | 2026-04-22 | The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-… | |
| CVE-2026-35371 | LOW | 3.3 | 2026-04-22 | The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses … | |
| CVE-2026-35361 | LOW | Patched | 3.4 | 2026-04-22 | The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility… |
| CVE-2026-35362 | LOW | Patched | 3.6 | 2026-04-22 | The safe_traversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use (TOCTOU) symlink races using file-descriptor-relative syscalls… |
| CVE-2026-35353 | LOW | Patched | 3.3 | 2026-04-22 | The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions (typically 0755) before … |
| CVE-2026-35342 | LOW | Patched | 3.3 | 2026-04-22 | The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty st… |
| CVE-2026-35343 | LOW | Patched | 3.3 | 2026-04-22 | The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The implementation fails to v… |
| CVE-2026-35344 | LOW | 3.3 | 2026-04-22 | The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mim… | |
| CVE-2026-35346 | LOW | Patched | 3.3 | 2026-04-22 | The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from_utf8_lossy(), whi… |
| CVE-2025-9957 | LOW | Patched | 2.7 | 2026-04-22 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions … |
| CVE-2026-33596 | LOW | Patched | 3.1 | 2026-04-22 | A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are… |
| CVE-2026-33597 | LOW | Patched | 3.7 | 2026-04-22 | PRSD detection denial of service |
| CVE-2026-33599 | LOW | Patched | 3.1 | 2026-04-22 | A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade (Lua) option to newServer or auto… |
| CVE-2026-6842 | LOW | 2.5 | 2026-04-22 | A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions (0777 instead of 0700) for the `~/.lo… | |
| CVE-2026-22746 | LOW | Patched | 3.7 | 2026-04-22 | Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expi… |
| CVE-2026-6392 | LOW | Patched | 2.7 | 2026-04-22 | Tanium addressed an information disclosure vulnerability in Threat Response. |
| CVE-2026-6408 | LOW | Patched | 2.7 | 2026-04-22 | Tanium addressed an information disclosure vulnerability in Tanium Server. |
| CVE-2026-6416 | LOW | Patched | 2.7 | 2026-04-22 | Tanium addressed an uncontrolled resource consumption vulnerability in Interact. |
| CVE-2026-3307 | LOW | Patched | 2.7 | 2026-04-21 | An authorization bypass vulnerability was identified in GitHub Enterprise Server that allowed an attacker with admin access on one repository to modify the secret scanning … |