Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 14,631 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9503 | LOW | 3.3 | 2026-05-25 | A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The ma… | |
| CVE-2026-48850 | LOW | Patched | 3.7 | 2026-05-25 | PuTTY 0.72 before 0.84 has a double free in RSA KEX. |
| CVE-2026-48851 | LOW | Patched | 3.1 | 2026-05-25 | PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session. |
| CVE-2026-48852 | LOW | Patched | 3.7 | 2026-05-25 | PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification. |
| CVE-2026-9501 | LOW | 3.3 | 2026-05-25 | A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread U… | |
| CVE-2026-48847 | LOW | Patched | 3.7 | 2026-05-25 | Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass. |
| CVE-2026-9485 | LOW | 3.5 | 2026-05-25 | A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The ma… | |
| CVE-2026-9471 | LOW | 3.5 | 2026-05-25 | A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php… | |
| CVE-2026-9414 | LOW | 3.5 | 2026-05-25 | A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.ph… | |
| CVE-2026-48832 | LOW | Patched | 3.5 | 2026-05-24 | action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. |
| CVE-2026-9396 | LOW | 3.7 | 2026-05-24 | A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware V… | |
| CVE-2026-9398 | LOW | 3.1 | 2026-05-24 | A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads… | |
| CVE-2026-9395 | LOW | 3.5 | 2026-05-24 | A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insuffi… | |
| CVE-2026-9394 | LOW | 3.1 | 2026-05-24 | A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a… | |
| CVE-2026-9377 | LOW | 2.4 | 2026-05-24 | A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation o… | |
| CVE-2026-9373 | LOW | 3.7 | 2026-05-24 | A vulnerability has been found in JeecgBoot 3.9.1. This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint. Such manipulatio… | |
| CVE-2026-9370 | LOW | 3.7 | 2026-05-24 | A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator of the file j… | |
| CVE-2026-9357 | LOW | 3.5 | 2026-05-24 | A vulnerability was found in vBulletin 6.x. This impacts an unknown function of the component Login. Performing a manipulation results in cross site scripting. It is possib… | |
| CVE-2026-9306 | LOW | 3.7 | 2026-05-23 | A security vulnerability has been detected in QuantumNous new-api up to 0.12.1. This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router… | |
| CVE-2026-39824 | LOW | 3.3 | 2026-05-22 | NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), i… | |
| CVE-2026-39967 | LOW | Patched | 3.1 | 2026-05-22 | TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the bot engine's the findResult query does not filter results by typebotId, allowing an authenticated user … |
| CVE-2026-7837 | LOW | 3.7 | 2026-05-21 | A time-of-check time-of-use (TOCTOU) condition in the ad_flush function in Netatalk 3.0.0 through 4.4.2 involves root-privileged file operations, which may allow a remote a… | |
| CVE-2026-44071 | LOW | 3.7 | 2026-05-21 | Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cau… | |
| CVE-2026-44074 | LOW | 3.7 | 2026-05-21 | Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which … | |
| CVE-2026-44075 | LOW | 3.7 | 2026-05-21 | A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a DSIOPT_ATTNQUANT switch case to fall through into DSIOPT_SERVQUANT, resulti… |