Search
1,557 CVEs
CVEs (1,557, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 1,557 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-48104 | MEDIUM | Patched | 4.2 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely … |
| CVE-2026-48111 | MEDIUM | Patched | 4.3 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression f… |
| CVE-2026-11339 | MEDIUM | 6.3 | 2026-06-05 | A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the arg… | |
| CVE-2026-11337 | MEDIUM | 4.3 | 2026-06-05 | A vulnerability was found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected by this vulne… | |
| CVE-2025-5089 | MEDIUM | 6.5 | 2026-06-05 | In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server i… | |
| CVE-2025-5090 | MEDIUM | 6.5 | 2026-06-05 | CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this b… | |
| CVE-2026-11336 | MEDIUM | 6.3 | 2026-06-05 | A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an un… | |
| CVE-2026-48101 | MEDIUM | Patched | 6.5 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) … |
| CVE-2026-48092 | MEDIUM | Patched | 4.3 | 2026-06-05 | 7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit… |
| CVE-2026-11333 | MEDIUM | 6.3 | 2026-06-05 | A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The i… | |
| CVE-2026-11335 | MEDIUM | 6.3 | 2026-06-05 | A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This impacts the function … | |
| CVE-2026-37737 | MEDIUM | 6.5 | 2026-06-05 | sanic-cors version 2.2.0 and prior contains an improper regular expression in the try_match() function in sanic_cors/core.py that uses re.match without end-anchoring. This … | |
| CVE-2025-59174 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Controller (PCC) versions prior to 1.39 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause servic… |
| CVE-2020-25900 | MEDIUM | 5.3 | 2026-06-05 | HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city. Furthermore, these coordinates are placed int… | |
| CVE-2026-50230 | MEDIUM | 6.1 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML… | |
| CVE-2026-50233 | MEDIUM | 5.3 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service (TCP port 9090) and the HTT… | |
| CVE-2026-50235 | MEDIUM | 6.1 | 2026-06-05 | Lyrion Music Server 9.2.0 contains a reflected cross-site scripting vulnerability in advanced search parameters that fail to properly sanitize user input before displaying … | |
| CVE-2026-50262 | MEDIUM | 5.5 | 2026-06-05 | An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled … | |
| CVE-2026-50263 | MEDIUM | 5.5 | 2026-06-05 | A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and f… | |
| CVE-2026-25659 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a sp… |
| CVE-2026-25657 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuo… |
| CVE-2026-25658 | MEDIUM | Patched | 6.5 | 2026-06-05 | Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a sp… |
| CVE-2026-21026 | MEDIUM | 5.5 | 2026-06-05 | Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information. | |
| CVE-2026-21028 | MEDIUM | 5.5 | 2026-06-05 | Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. | |
| CVE-2026-21017 | MEDIUM | 5.5 | 2026-06-05 | Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. |