Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 26–50 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2025-5918 | LOW | Patched | 3.9 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the… |
| CVE-2025-27525 | LOW | Patched | 3.9 | 2025-05-15 | Information Exposure vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on Windows.This issue affects JP1/IT Desktop Management 2 - Smart Device Ma… |
| CVE-2025-1939 | LOW | Patched | 3.9 | 2025-03-04 | Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into granting sensitiv… |
| CVE-2025-1693 | LOW | Patched | 3.9 | 2025-02-27 | The MongoDB Shell may be susceptible to control character injection where an attacker with control over the database cluster contents can inject control characters into the… |
| CVE-2024-23563 | LOW | 3.9 | 2025-02-12 | HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improp… | |
| CVE-2025-20643 | LOW | 3.9 | 2025-02-03 | In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the devi… | |
| CVE-2025-0146 | LOW | Patched | 3.9 | 2025-01-30 | Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access. |
| CVE-2025-0575 | LOW | 3.9 | 2025-01-19 | A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting… | |
| CVE-2024-12970 | LOW | Patched | 3.9 | 2025-01-06 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection… |
| CVE-2024-32485 | LOW | Patched | 3.9 | 2024-11-13 | Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2024-32667 | LOW | 3.9 | 2024-11-13 | Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access. | |
| CVE-2024-47814 | LOW | Patched | 3.9 | 2024-10-07 | Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLeave auto command can ca… |
| CVE-2024-41511 | LOW | Patched | 3.9 | 2024-10-04 | A Path Traversal (Local File Inclusion) vulnerability in "BinaryFileRedirector.ashx" in CADClick v1.11.0 and before allows remote attackers to retrieve arbitrary local file… |
| CVE-2024-45617 | LOW | Patched | 3.9 | 2024-09-03 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the sy… |
| CVE-2024-45618 | LOW | Patched | 3.9 | 2024-09-03 | A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted respon… |
| CVE-2024-45620 | LOW | Patched | 3.9 | 2024-09-03 | A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially craft… |
| CVE-2024-45615 | LOW | Patched | 3.9 | 2024-09-03 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as … |
| CVE-2024-45616 | LOW | Patched | 3.9 | 2024-09-03 | A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the sy… |
| CVE-2021-26387 | LOW | 3.9 | 2024-08-13 | Insufficient access controls in ASP kernel may allow a privileged attacker with access to AMD signing keys and the BIOS menu or UEFI shell to map DRAM regions in protected … | |
| CVE-2021-46772 | LOW | 3.9 | 2024-08-13 | Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing … | |
| CVE-2024-41811 | LOW | 3.9 | 2024-08-05 | ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forg… | |
| CVE-2024-38806 | LOW | 3.9 | 2024-07-18 | Failure to properly synchronize user's permissions in UAA in Cloud Foundry Foundation v40.17.0 https://github.com/cloudfoundry/cf-deployment/releases/tag/v40.17.0 , poten… | |
| CVE-2024-6295 | LOW | 3.9 | 2024-06-25 | udn News Android APP stores the unencrypted user session in the local database when user log into the application. A malicious APP or an attacker with physical access to th… | |
| CVE-2024-6294 | LOW | 3.9 | 2024-06-25 | udn News Android APP stores the user session in logcat file when user log into the APP. A malicious APP or an attacker with physical access to the Android device can retrie… | |
| CVE-2024-34274 | LOW | 3.9 | 2024-05-21 | OpenBD 20210306203917-6cbe797 is vulnerable to Deserialization of Untrusted Data. The cookies bdglobals and bdclient_spot of the OpenBD software uses serialized data, which… |