Search
815 CVEs · Low severity
CVEs (815, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 176–200 of 815 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-44057 | LOW | 3.1 | 2026-05-21 | A dead bounds check in the Spotlight RPC unmarshaller in Netatalk 3.0.0 through 4.4.2 results in an unreachable code path that provides no effective bounds protection, whic… | |
| CVE-2026-7836 | LOW | 3.1 | 2026-05-21 | An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remote authenticated attacker to cause … | |
| CVE-2026-7835 | LOW | 3.1 | 2026-05-21 | A format string argument mismatch in Netatalk 3.0.3 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service via crafted input that triggers … | |
| CVE-2026-44072 | LOW | 3.0 | 2026-05-21 | Netatalk 2.2.1 through 4.4.2 calls system() after a failed chdir() without properly handling the error condition, which allows a local privileged user to execute unintended… | |
| CVE-2026-44070 | LOW | 3.1 | 2026-05-21 | An unbounded memory reallocation in the charset conversion code in Netatalk 2.0.0 through 4.4.2 allows a remote authenticated attacker to cause a minor denial of service vi… | |
| CVE-2026-44069 | LOW | 3.9 | 2026-05-21 | An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a … | |
| CVE-2026-47782 | LOW | 3.3 | 2026-05-20 | Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a … | |
| CVE-2025-31985 | LOW | 3.7 | 2026-05-20 | HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to pe… | |
| CVE-2026-45232 | LOW | Patched | 3.1 | 2026-05-20 | Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attac… |
| CVE-2026-8492 | LOW | Patched | 2.7 | 2026-05-19 | Modification of Assumed-Immutable Data (MAID) vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drup… |
| CVE-2026-8491 | LOW | Patched | 3.7 | 2026-05-19 | Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from… |
| CVE-2026-5511 | LOW | Patched | 2.7 | 2026-05-19 | In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic co… |
| CVE-2026-33565 | LOW | 3.3 | 2026-05-19 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |
| CVE-2026-28751 | LOW | 3.3 | 2026-05-19 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |
| CVE-2026-27781 | LOW | 3.3 | 2026-05-19 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |
| CVE-2026-25110 | LOW | 3.3 | 2026-05-19 | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |
| CVE-2026-27964 | LOW | Patched | 3.9 | 2026-05-18 | FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting (XSS) vulnerability through the fsNic… |
| CVE-2026-47091 | LOW | Patched | 3.3 | 2026-05-18 | Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated tran… |
| CVE-2026-8803 | LOW | 3.7 | 2026-05-18 | A flaw has been found in opensourcepos Open Source Point of Sale up to 3.4.2. Impacted is the function Login of the file app/Models/Employee.php of the component Employee L… | |
| CVE-2026-6333 | LOW | Patched | 3.5 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate the Host header when constructing response URLs for custom slash commands which allows an authent… |
| CVE-2026-4643 | LOW | Patched | 3.5 | 2026-05-18 | Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which… |
| CVE-2026-4286 | LOW | Patched | 3.1 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to check if {{team_id}} was being changed when updating playbooks, allowing users with only {{Manage Playbook… |
| CVE-2026-6334 | LOW | Patched | 3.1 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authen… |
| CVE-2026-4273 | LOW | Patched | 3.7 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to validate that the RefreshedToken differs from the original invite token during remote cluster invite confi… |
| CVE-2026-3495 | LOW | Patched | 3.8 | 2026-05-18 | Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an a… |