Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 14,626 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-39347 | LOW | Patched | 2.7 | 2026-04-07 | OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source accepts changes to self-appraisal submissions for administrator … |
| CVE-2026-39321 | LOW | Patched | 3.7 | 2026-04-07 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.8.0-alpha.6 and 8.6.74, he login endpoint response time d… |
| CVE-2026-3929 | LOW | Patched | 3.1 | 2026-03-11 | Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-3911 | LOW | 2.7 | 2026-03-11 | A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource component. By accessing a specific administra… | |
| CVE-2026-3832 | LOW | 3.7 | 2026-04-30 | A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a… | |
| CVE-2026-3819 | LOW | 3.5 | 2026-03-09 | A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the com… | |
| CVE-2026-37977 | LOW | 3.7 | 2026-04-06 | A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access (UMA) to… | |
| CVE-2026-3766 | LOW | 3.5 | 2026-03-08 | A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Perfo… | |
| CVE-2026-37602 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php. | |
| CVE-2026-37601 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. | |
| CVE-2026-37600 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php. | |
| CVE-2026-37598 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings. | |
| CVE-2026-37597 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. | |
| CVE-2026-37596 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php. | |
| CVE-2026-37595 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php. | |
| CVE-2026-37594 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php. | |
| CVE-2026-37593 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php. | |
| CVE-2026-37592 | LOW | 2.7 | 2026-04-14 | Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php. | |
| CVE-2026-37591 | LOW | 2.7 | 2026-04-14 | Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php. | |
| CVE-2026-37590 | LOW | 2.7 | 2026-04-14 | SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php. | |
| CVE-2026-37589 | LOW | 2.7 | 2026-04-14 | SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php. | |
| CVE-2026-3743 | LOW | 3.5 | 2026-03-08 | A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/D_singlePageGroup.php. Executing a manipulation of the argument Name ca… | |
| CVE-2026-3742 | LOW | 3.5 | 2026-03-08 | A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/D_singlePage.php. Performing a manipulation of the ar… | |
| CVE-2026-3741 | LOW | 3.5 | 2026-03-08 | A security vulnerability has been detected in YiFang CMS 2.0.5. The affected element is the function update of the file app/db/admin/D_friendLink.php. Such manipulation of … | |
| CVE-2026-3721 | LOW | Patched | 3.5 | 2026-03-08 | A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/… |