Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 26–50 of 31,027 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9434 | CRITICAL | 9.8 | 2026-05-25 | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component… | |
| CVE-2026-9433 | CRITICAL | 9.8 | 2026-05-25 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component … | |
| CVE-2026-9432 | CRITICAL | 9.8 | 2026-05-25 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of … | |
| CVE-2026-9408 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setStaticDhcpRules of the file /cgi-bin/cstecgi.cgi of the comp… | |
| CVE-2026-9407 | CRITICAL | 9.8 | 2026-05-25 | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cste… | |
| CVE-2026-9406 | CRITICAL | 9.8 | 2026-05-25 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Manageme… | |
| CVE-2026-9405 | CRITICAL | 9.8 | 2026-05-25 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web… | |
| CVE-2026-9404 | CRITICAL | 9.8 | 2026-05-24 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Managemen… | |
| CVE-2026-9388 | CRITICAL | 9.8 | 2026-05-24 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the componen… | |
| CVE-2026-9387 | CRITICAL | 9.8 | 2026-05-24 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the compo… | |
| CVE-2026-9386 | CRITICAL | 9.8 | 2026-05-24 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Manage… | |
| CVE-2026-9385 | CRITICAL | 9.8 | 2026-05-24 | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component W… | |
| CVE-2026-9384 | CRITICAL | 9.8 | 2026-05-24 | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component… | |
| CVE-2026-9319 | CRITICAL | Patched | 9.0 | 2026-06-01 | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security. |
| CVE-2026-9311 | CRITICAL | Patched | 9.0 | 2026-06-01 | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. |
| CVE-2026-9270 | CRITICAL | 9.1 | 2026-06-05 | DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from unt… | |
| CVE-2026-9170 | CRITICAL | 9.8 | 2026-05-26 | IBM HTTP Server 8.5, and 9.0 | |
| CVE-2026-9141 | CRITICAL | 9.8 | 2026-05-20 | Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains an authentication bypass vulnerability in the embedded web configuration interface that allows unauthenticated… | |
| CVE-2026-9139 | CRITICAL | 9.8 | 2026-05-20 | Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is impl… | |
| CVE-2026-9098 | CRITICAL | 9.1 | 2026-05-28 | In Casdoor versions 2.362.0 and earlier, the SAML callback handler in controllers/auth.go accepts any well-formed SAMLResponse sent to /api/acs without verifying that it co… | |
| CVE-2026-9097 | CRITICAL | 9.8 | 2026-05-28 | Casdoor versions 2.362.0 and earlier do not verify that a JWT used for token exchange is still active. The GetTokenExchangeToken() function in object/token_oauth.go validat… | |
| CVE-2026-9094 | CRITICAL | 9.8 | 2026-05-28 | Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validat… | |
| CVE-2026-9093 | CRITICAL | 9.8 | 2026-05-28 | In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function… | |
| CVE-2026-9092 | CRITICAL | 9.1 | 2026-05-28 | Casdoor versions 2.362.0 and earlier contain a vulnerability involving unverified email binding that may enable account takeover. The getExistUserByBindingRule function mat… | |
| CVE-2026-9090 | CRITICAL | 9.1 | 2026-05-28 | Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCert… |