Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 51–75 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-47282 | LOW | 3.9 | 2024-05-16 | Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalat… | |
| CVE-2023-22656 | LOW | 3.9 | 2024-05-16 | Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privile… | |
| CVE-2024-32021 | LOW | Patched | 3.9 | 2024-05-14 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlink… |
| CVE-2024-32020 | LOW | Patched | 3.9 | 2024-05-14 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target re… |
| CVE-2024-31636 | LOW | 3.9 | 2024-05-03 | An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component. | |
| CVE-2023-48184 | LOW | Patched | 3.9 | 2024-04-23 | QuickJS before 7414e5f has a quickjs.h JS_FreeValueRT use-after-free because of incorrect garbage collection of async functions with closures. |
| CVE-2024-30257 | LOW | Patched | 3.9 | 2024-04-18 | 1Panel is an open source Linux server operation and maintenance management panel. The password verification in the source code uses the != symbol instead hmac.Equal. This m… |
| CVE-2024-27086 | LOW | 3.9 | 2024-04-16 | The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the libr… | |
| CVE-2024-30260 | LOW | Patched | 3.9 | 2024-04-04 | Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did not clear them for `undi… |
| CVE-2024-28853 | LOW | Patched | 3.9 | 2024-03-27 | Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker… |
| CVE-2024-26246 | LOW | Patched | 3.9 | 2024-03-14 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2023-37540 | LOW | Patched | 3.9 | 2024-02-23 | Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensiti… |
| CVE-2024-1784 | LOW | 3.9 | 2024-02-23 | A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this vulnerability is an unknown functionality of the file main_admin.php. The manipulatio… | |
| CVE-2024-24758 | LOW | Patched | 3.9 | 2024-02-16 | Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Proxy-Authenticat… |
| CVE-2023-45718 | LOW | Patched | 3.9 | 2024-02-09 | Sametime is impacted by a failure to invalidate sessions. The application is setting sensitive cookie values in a persistent manner in Sametime Web clients. When this happ… |
| CVE-2023-41782 | LOW | Patched | 3.9 | 2024-01-05 | There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to … |
| CVE-2023-6690 | LOW | Patched | 3.9 | 2023-12-21 | A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on transferred repositories by making a GraphQL mutation to alter repository … |
| CVE-2023-32726 | LOW | Patched | 3.9 | 2023-12-18 | The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server. |
| CVE-2023-49284 | LOW | Patched | 3.9 | 2023-12-05 | fish is a smart and user-friendly command line shell for macOS, Linux, and the rest of the family. fish shell uses certain Unicode non-characters internally for marking wil… |
| CVE-2023-48231 | LOW | Patched | 3.9 | 2023-11-16 | Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application ha… |
| CVE-2023-48232 | LOW | Patched | 3.9 | 2023-11-16 | Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and… |
| CVE-2023-38411 | LOW | Patched | 3.9 | 2023-11-14 | Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via l… |
| CVE-2023-46126 | LOW | Patched | 3.9 | 2023-10-25 | Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in c… |
| CVE-2023-46122 | LOW | Patched | 3.9 | 2023-10-23 | sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, `IO.unzip` allows writing of arbitrary file. This would have potential to overwr… |
| CVE-2023-45143 | LOW | Patched | 3.9 | 2023-10-12 | Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not … |