Search
19,591 CVEs · High severity
CVEs (19,591, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 19,591 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2021-4478 | HIGH | Patched | 8.2 | 2026-06-02 | Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can … |
| CVE-2019-25722 | HIGH | 7.6 | 2026-06-02 | Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain hard-coded plaintext credentials in source code and a denial-of-service vulnerabil… | |
| CVE-2026-40715 | HIGH | Patched | 7.8 | 2026-06-02 | Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exp… |
| CVE-2026-24237 | HIGH | Patched | 7.8 | 2026-06-02 | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to… |
| CVE-2026-24221 | HIGH | Patched | 7.8 | 2026-06-02 | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to… |
| CVE-2026-10606 | HIGH | 7.3 | 2026-06-02 | A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a… | |
| CVE-2026-45686 | HIGH | Patched | 7.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integ… |
| CVE-2026-45685 | HIGH | Patched | 7.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire mes… |
| CVE-2026-45678 | HIGH | Patched | 7.5 | 2026-06-02 | OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND mess… |
| CVE-2026-45553 | HIGH | Patched | 7.5 | 2026-06-02 | NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructured_text() renders reStructuredText server-side with Docutils without disabling file insertion … |
| CVE-2026-42654 | HIGH | 7.1 | 2026-06-02 | Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects… | |
| CVE-2026-40780 | HIGH | Patched | 7.5 | 2026-06-02 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Liquid Web / StellarWP BookIt allows Password Recovery Exploitation. This issue affects BookIt: f… |
| CVE-2026-40619 | HIGH | 7.8 | 2026-06-02 | A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main serve… | |
| CVE-2026-30652 | HIGH | 8.8 | 2026-06-02 | A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-… | |
| CVE-2026-30650 | HIGH | 8.8 | 2026-06-02 | A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firm… | |
| CVE-2026-30649 | HIGH | 7.3 | 2026-06-02 | Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the set_getparam.cgi component | |
| CVE-2026-10629 | HIGH | 7.4 | 2026-06-02 | SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ES… | |
| CVE-2026-10591 | HIGH | Patched | 8.8 | 2026-06-02 | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary comman… |
| CVE-2026-10047 | HIGH | 7.8 | 2026-06-02 | The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handle… | |
| CVE-2026-10046 | HIGH | 7.8 | 2026-06-02 | Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios_han… | |
| CVE-2026-7313 | HIGH | Patched | 8.7 | 2026-06-02 | CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain pla… |
| CVE-2026-7201 | HIGH | Patched | 8.8 | 2026-06-02 | CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.86… |
| CVE-2026-7195 | HIGH | Patched | 8.8 | 2026-06-02 | CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 1… |
| CVE-2026-39555 | HIGH | 8.1 | 2026-06-02 | Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. This issue affects Askka: from n/a through 1.3.1. | |
| CVE-2026-39553 | HIGH | 8.1 | 2026-06-02 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes WaveRide allows PHP Local File Inclus… |