Search
153,531 CVEs · Medium severity
CVEs (153,531, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 153,531 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-8215 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Inte… | |
| CVE-2026-8214 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the… | |
| CVE-2026-8213 | MEDIUM | Patched | 5.3 | 2026-05-09 | A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component G… |
| CVE-2026-8212 | MEDIUM | Patched | 5.3 | 2026-05-09 | A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipu… |
| CVE-2026-8211 | MEDIUM | 4.7 | 2026-05-09 | A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignActi… | |
| CVE-2026-8210 | MEDIUM | 5.3 | 2026-05-09 | A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.g… | |
| CVE-2026-8205 | MEDIUM | Patched | 5.3 | 2026-05-21 | Concrete CMS 9.5.0 and below is vulnerable to authorization bypass in the Calendar Block since action_get_events does not check canView on the calendar which results in res… |
| CVE-2026-8204 | MEDIUM | Patched | 5.3 | 2026-05-21 | Concrete CMS 9.5.0 and below is vulnerable to authorization Bypass in the Calendar Event Frontend Dialog which can allow cross-calendar data disclosure. A public calendar b… |
| CVE-2026-8203 | MEDIUM | Patched | 5.4 | 2026-05-21 | Concrete CMS 9.5.0 and below has Stored XSS on the height parameter. The controller does not validate or sanitize $height. Any user with editor privileges can inject malici… |
| CVE-2026-8202 | MEDIUM | Patched | 4.3 | 2026-05-13 | Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permiss… |
| CVE-2026-8201 | MEDIUM | Patched | 6.4 | 2026-05-13 | A use-after-free vulnerability exists in MongoDB's Field-Level Encryption (FLE) query analysis component, affecting client-side uses of mongocryptd and crypt_shared. Trigge… |
| CVE-2026-8199 | MEDIUM | Patched | 6.5 | 2026-05-13 | An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contribu… |
| CVE-2026-8198 | MEDIUM | 5.3 | 2026-05-09 | The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in ve… | |
| CVE-2026-8197 | MEDIUM | Patched | 4.8 | 2026-05-21 | Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth authorize template renders the integration name (admin-controlled) through Co… |
| CVE-2026-8195 | MEDIUM | 4.3 | 2026-05-09 | A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/… | |
| CVE-2026-8194 | MEDIUM | 4.3 | 2026-05-09 | A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. T… | |
| CVE-2026-8193 | MEDIUM | 6.3 | 2026-05-09 | A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executi… | |
| CVE-2026-8192 | MEDIUM | 6.3 | 2026-05-09 | A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation … | |
| CVE-2026-8191 | MEDIUM | 6.3 | 2026-05-09 | A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skipl… | |
| CVE-2026-8190 | MEDIUM | 6.3 | 2026-05-09 | A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument … | |
| CVE-2026-8189 | MEDIUM | 6.3 | 2026-05-09 | A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the… | |
| CVE-2026-8188 | MEDIUM | 6.3 | 2026-05-09 | A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argumen… | |
| CVE-2026-8187 | MEDIUM | Patched | 5.3 | 2026-05-09 | A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can l… |
| CVE-2026-8186 | MEDIUM | Patched | 5.3 | 2026-05-09 | A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Perf… |
| CVE-2026-8185 | MEDIUM | Patched | 6.3 | 2026-05-09 | A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipula… |