Search
59,256 CVEs
CVEs (59,256, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 201–225 of 59,256 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-46257 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when read_current_timer is called on ARM32 platforms where… | |
| CVE-2026-46258 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle_create() In linehandle_create(), there is a statement… | |
| CVE-2026-46248 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif->links_map When an arvif is initialized in non-AP STA … | |
| CVE-2026-46249 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not … | |
| CVE-2026-46252 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulator_resolve_supply() error path If late enabling of a supply reg… | |
| CVE-2026-46245 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dc_link NULL handling in HPD init amdgpu_dm_hpd_init() may see connectors without… | |
| CVE-2026-46246 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler Using the `devm_` variant for … | |
| CVE-2026-46247 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 ("clk: divider: remove ro… | |
| CVE-2025-71313 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for alloc_workqueue() alloc_workqueue() can return NULL on memor… | |
| CVE-2025-71314 | NONE | — | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthor_gpu_flush_caches() failures We have seen a few cases where the whole… | |
| CVE-2026-42321 | NONE | Patched | — | 2026-06-03 | GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked … |
| CVE-2026-44281 | NONE | Patched | — | 2026-06-03 | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permissio… |
| CVE-2026-3276 | NONE | — | 2026-06-03 | unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical … | |
| CVE-2026-42317 | NONE | Patched | — | 2026-06-03 | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete arbitrary files from the… |
| CVE-2026-42318 | NONE | Patched | — | 2026-06-03 | GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with access to planning can… |
| CVE-2026-42320 | NONE | Patched | — | 2026-06-03 | GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the… |
| CVE-2022-31114 | NONE | — | 2026-06-03 | backpack/crud provides Create, Read, Update & Delete (CRUD) functions for Backpack, a collection of Laravel packages that help users build custom administration panels. Ver… | |
| CVE-2026-47324 | NONE | — | 2026-06-03 | ProjectsAndPrograms school-management-system is vulnerable to Stored Cross‑Site Scripting (XSS) in multiple attributes of students and teachers objects. An authorized attac… | |
| CVE-2026-47325 | NONE | — | 2026-06-03 | ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth (e.g., 120720… | |
| CVE-2026-10729 | NONE | — | 2026-06-03 | An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling In… | |
| CVE-2025-41259 | NONE | Patched | — | 2026-06-03 | SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to escalate privileges to root or instal… |
| CVE-2026-50052 | NONE | Patched | — | 2026-06-03 | In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack (request smugg… |
| CVE-2026-40108 | NONE | Patched | — | 2026-06-02 | GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, a technician can store an XSS payload in a ITIL costs. This issue has been fixed… |
| CVE-2026-10718 | NONE | — | 2026-06-02 | Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range … | |
| CVE-2026-10719 | NONE | — | 2026-06-02 | Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of alloca… |