Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 1,463 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2021-4478 | HIGH | Patched | 8.2 | 2026-06-02 | Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can … |
| CVE-2021-4479 | MEDIUM | 4.0 | 2026-06-02 | Dräger Atlan A350 software versions 1.00 through 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specif… | |
| CVE-2025-64390 | HIGH | 7.4 | 2026-06-02 | A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed … | |
| CVE-2026-10584 | MEDIUM | Patched | 5.9 | 2026-06-02 | Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information vi… |
| CVE-2026-10607 | HIGH | 7.3 | 2026-06-02 | A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument m… | |
| CVE-2026-10608 | HIGH | 7.3 | 2026-06-02 | A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des… | |
| CVE-2026-10616 | MEDIUM | 4.3 | 2026-06-02 | A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_t… | |
| CVE-2026-10617 | HIGH | 7.3 | 2026-06-02 | A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component… | |
| CVE-2026-10701 | HIGH | Patched | 7.5 | 2026-06-02 | Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3. |
| CVE-2026-10702 | MEDIUM | Patched | 4.3 | 2026-06-02 | JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3. |
| CVE-2026-1829 | HIGH | 8.8 | 2026-06-02 | The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcod… | |
| CVE-2026-28299 | HIGH | Patched | 8.2 | 2026-06-02 | SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficie… |
| CVE-2026-30586 | MEDIUM | 6.1 | 2026-06-02 | Cross Site Scripting vulnerability in usememos Memos v.0.26.0 allows a remote attacker to obtain sensitive information via the SANITIZE_SCHEMA, Memo Rendering Component, an… | |
| CVE-2026-33245 | HIGH | Patched | 8.0 | 2026-06-02 | React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-sid… |
| CVE-2026-33553 | MEDIUM | Patched | 6.1 | 2026-06-02 | Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS. |
| CVE-2026-34077 | HIGH | Patched | 7.5 | 2026-06-02 | React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-sid… |
| CVE-2026-34993 | MEDIUM | Patched | 6.4 | 2026-06-02 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary… |
| CVE-2026-35049 | MEDIUM | 6.5 | 2026-06-02 | wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted … | |
| CVE-2026-35202 | NONE | — | 2026-06-02 | Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets users bypass their assigned … | |
| CVE-2026-38967 | CRITICAL | 9.8 | 2026-06-02 | CrowCpp Crow through v1.3.1 HTTP is vulnerable to response header injection via unvalidated response header values. | |
| CVE-2026-40181 | MEDIUM | Patched | 6.1 | 2026-06-02 | React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect function can trigger an open redirect to … |
| CVE-2026-41577 | HIGH | Patched | 7.5 | 2026-06-02 | authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor (ResponseProcessor.parse()) does not validate th… |
| CVE-2026-42211 | HIGH | Patched | 8.1 | 2026-06-02 | React Router is a router for React. In versions 7.0.0 through 7.14.1, when using Framework Mode, a combination of steps could potentially allow unauthorized remote code exe… |
| CVE-2026-42342 | HIGH | Patched | 7.5 | 2026-06-02 | React Router is a router for React. In versions 7.0.0 through 7.14.x of react-router and versions 2.10.0 through 2.17.4 of @remix-run/server-runtime, certain crafted reques… |
| CVE-2026-47265 | HIGH | Patched | 7.5 | 2026-06-02 | AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after… |