Search
2,406 CVEs · Low severity
CVEs (2,406, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 2,406 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2015-0849 | LOW | Patched | 3.9 | 2025-06-26 | pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability. |
| CVE-2015-20112 | LOW | 3.4 | 2025-06-29 | RLPx 5 has two CTR streams based on the same key, IV, and nonce. This can facilitate decryption on a private network. | |
| CVE-2017-20199 | LOW | Patched | 3.1 | 2025-08-16 | A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. … |
| CVE-2017-20200 | LOW | 3.7 | 2025-09-23 | A vulnerability has been found in Coinomi up to 1.7.6. This issue affects some unknown processing. Such manipulation leads to cleartext transmission of sensitive informatio… | |
| CVE-2019-25262 | LOW | 3.5 | 2025-12-31 | A security vulnerability has been detected in elinicksic Razgover up to db37dfc5c82f023a40f2f7834ded6633fb2b5262. This affects an unknown part of the file Chattify/send.php… | |
| CVE-2020-37118 | LOW | 3.5 | 2026-02-05 | P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attacke… | |
| CVE-2020-37148 | LOW | 3.5 | 2026-02-05 | P5 FNIP-8x16A/FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from a stored cross-site scripting vulnerability. Input passed to several GET/POST parameters is not properly sani… | |
| CVE-2021-46750 | LOW | 3.0 | 2025-09-06 | Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox result… | |
| CVE-2021-47722 | LOW | 3.5 | 2025-12-23 | Zucchetti Axess CLOKI Access Control 1.64 contains a cross-site request forgery vulnerability that allows attackers to manipulate access control settings without user inter… | |
| CVE-2022-48575 | LOW | Patched | 3.5 | 2026-06-10 | A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4. |
| CVE-2022-4981 | LOW | Patched | 3.3 | 2025-10-21 | A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqr… |
| CVE-2022-50522 | LOW | Patched | 3.3 | 2025-10-07 | In the Linux kernel, the following vulnerability has been resolved: mcb: mcb-parse: fix error handing in chameleon_parse_gdd() If mcb_device_register() returns error in c… |
| CVE-2023-20516 | LOW | 3.3 | 2025-09-06 | Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confi… | |
| CVE-2023-28902 | LOW | 3.3 | 2025-06-28 | An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the info… | |
| CVE-2023-28903 | LOW | 3.3 | 2025-06-28 | An integer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause a denial-of-service of the inf… | |
| CVE-2023-29144 | LOW | 3.3 | 2025-12-12 | Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows a bypass of detection. | |
| CVE-2023-31044 | LOW | Patched | 2.0 | 2026-03-03 | An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, using the Add Campaign functionality, can inject a ma… |
| CVE-2023-31306 | LOW | 3.3 | 2025-09-06 | Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) function… | |
| CVE-2023-31326 | LOW | 2.8 | 2025-09-06 | Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss o… | |
| CVE-2023-31330 | LOW | 2.5 | 2025-09-06 | An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality. | |
| CVE-2023-31365 | LOW | 3.9 | 2025-09-06 | An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or avai… | |
| CVE-2023-32251 | LOW | 3.7 | 2025-07-31 | A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introdu… | |
| CVE-2023-3666 | LOW | Patched | 3.3 | 2025-09-03 | The Sticky Side Buttons WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Sto… |
| CVE-2023-44976 | LOW | Patched | 3.2 | 2025-08-01 | Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code … |
| CVE-2023-50301 | LOW | 1.9 | 2025-10-01 | IBM Transformation Extender Advanced 10.0.1 stores potentially sensitive information in log files that could be read by a local user. |