Search
7,467 CVEs · High severity
CVEs (7,467, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 7,467 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2006-10002 | HIGH | Patched | 7.5 | 2026-03-19 | XML::Parser versions through 2.45 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes. A :utf8 PerlIO lay… |
| CVE-2013-20006 | HIGH | 7.5 | 2026-03-16 | Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being s… | |
| CVE-2015-10148 | HIGH | 8.2 | 2026-04-03 | Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, al… | |
| CVE-2015-20115 | HIGH | 7.2 | 2026-03-16 | Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools… | |
| CVE-2015-20118 | HIGH | 7.2 | 2026-03-16 | Next Click Ventures RealtyScript 4.0.2 contains a stored cross-site scripting vulnerability in the location_name parameter of the admin locations interface. Attackers can s… | |
| CVE-2015-20120 | HIGH | 8.2 | 2026-03-16 | Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated attackers to extract database information… | |
| CVE-2015-20121 | HIGH | 8.2 | 2026-03-16 | Next Click Ventures RealtyScript 4.0.2 contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting arbitrary SQL… | |
| CVE-2016-15058 | HIGH | 8.1 | 2026-04-03 | Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerabilit… | |
| CVE-2016-20025 | HIGH | 8.8 | 2026-03-16 | ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files.… | |
| CVE-2016-20032 | HIGH | 7.2 | 2026-03-16 | ZKTeco ZKAccess Security System 5.3.1 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting mali… | |
| CVE-2016-20033 | HIGH | 7.8 | 2026-03-16 | Wowza Streaming Engine 4.5.0 contains a local privilege escalation vulnerability that allows authenticated users to escalate privileges by replacing executable files due to… | |
| CVE-2016-20034 | HIGH | 8.8 | 2026-03-16 | Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows authenticated read-only users to elevate privileges to administrator by manipulating … | |
| CVE-2016-20037 | HIGH | 8.4 | 2026-03-28 | xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings… | |
| CVE-2016-20038 | HIGH | 8.4 | 2026-03-28 | yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the a… | |
| CVE-2016-20039 | HIGH | 8.4 | 2026-03-28 | Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execu… | |
| CVE-2016-20040 | HIGH | 8.4 | 2026-03-28 | TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary cod… | |
| CVE-2016-20041 | HIGH | 8.4 | 2026-03-28 | Yasr 0.6.9-5 contains a buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying an oversized argument to t… | |
| CVE-2016-20042 | HIGH | 8.4 | 2026-03-28 | TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attac… | |
| CVE-2016-20043 | HIGH | Patched | 8.4 | 2026-03-28 | NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F pa… |
| CVE-2016-20044 | HIGH | Patched | 8.4 | 2026-03-28 | PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter.… |
| CVE-2016-20045 | HIGH | Patched | 8.4 | 2026-03-28 | HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc c… |
| CVE-2016-20046 | HIGH | 8.4 | 2026-03-28 | zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the applicati… | |
| CVE-2016-20047 | HIGH | 8.4 | 2026-03-28 | EKG Gadu 1.9~pre+r2855-3+b1 contains a local buffer overflow vulnerability in the username handling that allows local attackers to execute arbitrary code by supplying an ov… | |
| CVE-2016-20048 | HIGH | 8.4 | 2026-03-28 | iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key para… | |
| CVE-2016-20055 | HIGH | Patched | 7.8 | 2026-04-04 | IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileg… |