Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 476–500 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-6312 | LOW | Patched | 3.1 | 2026-04-15 | Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origi… |
| CVE-2026-33877 | LOW | Patched | 3.7 | 2026-04-15 | ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a timing side-channel vulnerability in the password reset endpoint (/ap… |
| CVE-2026-21727 | LOW | Patched | 3.3 | 2026-04-15 | --- title: Cross-Tenant Legacy Correlation Disclosure and Deletion draft: false hero: image: /static/img/heros/hero-legal2.svg content: "# Cross-Tenant Legacy Correlati… |
| CVE-2026-33212 | LOW | Patched | 3.1 | 2026-04-15 | Weblate is a web based localization tool. In versions prior to 5.17, the tasks API didn't verify user access for pending tasks. This could expose logs of in-progress operat… |
| CVE-2026-27769 | LOW | Patched | 2.7 | 2026-04-15 | Mattermost versions 10.11.x <= 10.11.12 fail to validate whether users were correctly owned by the correct Connected Workspace which allows a malicious remote server connec… |
| CVE-2025-52641 | LOW | Patched | 2.9 | 2026-04-15 | HCL AION is affected by a vulnerability where certain system behaviours may allow exploration of internal filesystem structures. Exposure of such information may provide in… |
| CVE-2026-34454 | LOW | Patched | 3.5 | 2026-04-14 | OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. A regression introduced in 7.11.0 prevents OAuth2 Proxy from clearing the session cooki… |
| CVE-2026-27308 | LOW | 2.4 | 2026-04-14 | ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-… | |
| CVE-2026-27307 | LOW | 2.4 | 2026-04-14 | ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-… | |
| CVE-2026-27316 | LOW | Patched | 2.7 | 2026-04-14 | A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may … |
| CVE-2026-21741 | LOW | Patched | 2.4 | 2026-04-14 | An URL Redirection to Untrusted Site ('Open Redirect') vulnerability [CWE-601] vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiN… |
| CVE-2026-37602 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/user/manage_user.php. | |
| CVE-2026-37601 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/manage_appointment.php. | |
| CVE-2026-37600 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the file /scheduler/admin/appointments/view_details.php. | |
| CVE-2026-37598 | LOW | 2.7 | 2026-04-14 | SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution (RCE) via /scheduler/classes/SystemSettings.php?f=update_settings. | |
| CVE-2026-37597 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/attendance_list.php. | |
| CVE-2026-37596 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_department.php. | |
| CVE-2026-37595 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/manage_employee.php. | |
| CVE-2026-37594 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_employee.php. | |
| CVE-2026-37593 | LOW | 2.7 | 2026-04-14 | SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injection in the file /wfh_attendance/admin/view_att.php. | |
| CVE-2026-37592 | LOW | 2.7 | 2026-04-14 | Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storage/admin/maintenance/manage_pricing.php. | |
| CVE-2026-37591 | LOW | 2.7 | 2026-04-14 | Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the file /storage/admin/tenants/view_details.php. | |
| CVE-2026-37590 | LOW | 2.7 | 2026-04-14 | SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/rents/manage_rent.php. | |
| CVE-2026-37589 | LOW | 2.7 | 2026-04-14 | SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the file /storage/admin/maintenance/manage_storage_unit.php. | |
| CVE-2025-40745 | LOW | 3.7 | 2026-04-14 | A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.00… |