Search
2,387 CVEs · Low severity
CVEs (2,387, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 2,387 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-6830 | LOW | 3.3 | 2026-04-21 | nesquena hermes-webui contains an environment variable leakage vulnerability where profile switching does not clear environment variables from the previously active profile… | |
| CVE-2026-35250 | LOW | 2.3 | 2026-04-21 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerab… | |
| CVE-2026-35249 | LOW | 3.2 | 2026-04-21 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.2.6. Easily exploitable vulnerab… | |
| CVE-2026-34312 | LOW | Patched | 2.4 | 2026-04-21 | Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privilege… |
| CVE-2026-34268 | LOW | 2.9 | 2026-04-21 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are… | |
| CVE-2026-22018 | LOW | 3.7 | 2026-04-21 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that ar… | |
| CVE-2026-22014 | LOW | 3.8 | 2026-04-21 | Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Workflow and Business Events). Supported versions that are affected are 12.2.7-1… | |
| CVE-2026-22008 | LOW | 3.7 | 2026-04-21 | Vulnerability in Oracle Java SE (component: Libraries). The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauth… | |
| CVE-2026-22007 | LOW | 2.9 | 2026-04-21 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are… | |
| CVE-2026-22001 | LOW | 2.7 | 2026-04-21 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and … | |
| CVE-2026-6745 | LOW | 3.5 | 2026-04-21 | A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulatio… | |
| CVE-2026-6743 | LOW | 3.5 | 2026-04-21 | A vulnerability has been found in WebSystems WebTOTUM 2026. This impacts an unknown function of the component Calendar. The manipulation leads to cross site scripting. The … | |
| CVE-2026-40279 | LOW | Patched | 3.7 | 2026-04-21 | BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c reconstructs a 32-bit signed in… |
| CVE-2026-29179 | LOW | Patched | 3.3 | 2026-04-21 | October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, fine-grained sub-permission checks for asset and blueprint file operations were n… |
| CVE-2026-27937 | LOW | Patched | 3.1 | 2026-04-21 | October is a Content Management System (CMS) and web platform. Prior to 3.7.16 and 4.1.16, a reflected Cross-Site Scripting (XSS) vulnerability was identified in the backen… |
| CVE-2025-31958 | LOW | 3.7 | 2026-04-21 | HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers … | |
| CVE-2026-31369 | LOW | 3.2 | 2026-04-21 | PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability | |
| CVE-2026-40264 | LOW | Patched | 2.7 | 2026-04-21 | OpenBao is an open source identity-based secrets management system. OpenBao's namespaces provide multi-tenant separation. Prior to version 2.5.3, a tenant who leaks token a… |
| CVE-2026-39396 | LOW | Patched | 3.1 | 2026-04-21 | OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, `ExtractPluginFromImage()` in OpenBao's OCI plugin downloader extracts a plugin … |
| CVE-2026-39388 | LOW | Patched | 3.1 | 2026-04-21 | OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested a… |
| CVE-2026-6651 | LOW | 2.4 | 2026-04-20 | A security flaw has been discovered in erponline.xyz ERP Online up to 4.0.0. This vulnerability affects unknown code of the component Inventory Edit Item Page. The manipula… | |
| CVE-2026-6648 | LOW | 3.5 | 2026-04-20 | A vulnerability was found in Qibo CMS 1.0. Affected by this vulnerability is an unknown functionality of the component Internal Message Module. Performing a manipulation re… | |
| CVE-2026-6633 | LOW | 3.5 | 2026-04-20 | A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admi… | |
| CVE-2026-6624 | LOW | 2.4 | 2026-04-20 | A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\_route=pool/add of the component Pool List Inte… | |
| CVE-2026-6623 | LOW | 2.4 | 2026-04-20 | A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?_route=settings/users-view/ of the compone… |