Search
19,591 CVEs · High severity
CVEs (19,591, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 19,591 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2022-4992 | HIGH | 8.6 | 2026-06-02 | Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected) contain a network messa… | |
| CVE-2021-4481 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2021-4480 | HIGH | 8.2 | 2026-06-02 | Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to … | |
| CVE-2026-49443 | HIGH | Patched | 8.8 | 2026-06-02 | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an accou… |
| CVE-2026-49143 | HIGH | 8.8 | 2026-06-02 | BrowserStack Runner through 0.9.5 contains a remote code execution vulnerability in the /_log HTTP handler that allows unauthenticated network-adjacent attackers to execute… | |
| CVE-2026-47201 | HIGH | Patched | 8.5 | 2026-06-02 | authentik is an open-source identity provider. Prior to versions 2025.12.5, 2026.2.3, and 2026.5.1, authentik's SAML Source ACS endpoint is vulnerable to XML Signature Wrap… |
| CVE-2026-10620 | HIGH | 7.3 | 2026-06-02 | A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did cause… | |
| CVE-2026-10619 | HIGH | 7.3 | 2026-06-02 | A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation result… | |
| CVE-2026-8036 | HIGH | Patched | 7.1 | 2026-06-02 | Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability … |
| CVE-2026-8035 | HIGH | Patched | 7.1 | 2026-06-02 | Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer derefere… |
| CVE-2026-5073 | HIGH | 7.5 | 2026-06-02 | The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'arm_directory_paging_action' AJAX action in all versions up to, a… | |
| CVE-2026-49120 | HIGH | Patched | 8.5 | 2026-06-02 | Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal netwo… |
| CVE-2026-47265 | HIGH | Patched | 7.5 | 2026-06-02 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after… |
| CVE-2026-42342 | HIGH | Patched | 7.5 | 2026-06-02 | React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted reques… |
| CVE-2026-42211 | HIGH | Patched | 8.1 | 2026-06-02 | React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code exe… |
| CVE-2026-41577 | HIGH | Patched | 7.5 | 2026-06-02 | authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor (ResponseProcessor.parse()) does not validate th… |
| CVE-2026-34077 | HIGH | Patched | 7.5 | 2026-06-02 | React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-sid… |
| CVE-2026-33245 | HIGH | Patched | 8.0 | 2026-06-02 | React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-sid… |
| CVE-2026-28299 | HIGH | Patched | 8.2 | 2026-06-02 | SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficie… |
| CVE-2026-1829 | HIGH | 8.8 | 2026-06-02 | The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcod… | |
| CVE-2026-10701 | HIGH | Patched | 7.5 | 2026-06-02 | Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3. |
| CVE-2026-10617 | HIGH | 7.3 | 2026-06-02 | A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component… | |
| CVE-2026-10608 | HIGH | 7.3 | 2026-06-02 | A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des… | |
| CVE-2026-10607 | HIGH | 7.3 | 2026-06-02 | A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument m… | |
| CVE-2025-64390 | HIGH | 7.4 | 2026-06-02 | A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed … |