Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-30963 | LOW | Patched | 3.9 | 2026-06-01 | Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule … |
| CVE-2026-44069 | LOW | 3.9 | 2026-05-21 | An integer underflow in the volxlate function in Netatalk 3.0.0 through 4.4.2 allows a local privileged user to obtain limited information, modify limited data, or cause a … | |
| CVE-2026-27964 | LOW | Patched | 3.9 | 2026-05-18 | FacturaScripts is an open source accounting and invoicing software. Versions 2025.7 and prior contain a Reflected Cross-Site Scripting (XSS) vulnerability through the fsNic… |
| CVE-2025-31974 | LOW | 3.9 | 2026-05-06 | HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modificati… | |
| CVE-2026-34768 | LOW | Patched | 3.9 | 2026-04-04 | Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, on Wind… |
| CVE-2025-66037 | LOW | Patched | 3.9 | 2026-03-30 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, feeding a crafted input to the fuzz_pkcs15_reader harness causes OpenSC to perform an out… |
| CVE-2025-66038 | LOW | Patched | 3.9 | 2026-03-30 | OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sc_compacttlv_find_tag searches a compact-TLV buffer for a given tag. In compact-TLV, a s… |
| CVE-2026-3632 | LOW | 3.9 | 2026-03-17 | A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowi… | |
| CVE-2026-3633 | LOW | 3.9 | 2026-03-17 | A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional requ… | |
| CVE-2026-3634 | LOW | 3.9 | 2026-03-17 | A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper in… | |
| CVE-2025-31648 | LOW | 3.9 | 2026-02-10 | Improper handling of values in the microcode flow for some Intel(R) Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged … | |
| CVE-2025-13326 | LOW | Patched | 3.9 | 2025-12-17 | Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit… |
| CVE-2025-59700 | LOW | Patched | 3.9 | 2025-12-02 | Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition (… |
| CVE-2025-64711 | LOW | Patched | 3.9 | 2025-11-13 | PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Starting in version 1.7.7 and prior to version 2.0.3, dragging a file whose filename co… |
| CVE-2025-11641 | LOW | Patched | 3.9 | 2025-10-12 | A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes im… |
| CVE-2025-5494 | LOW | Patched | 3.9 | 2025-09-25 | ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25… |
| CVE-2023-31365 | LOW | 3.9 | 2025-09-06 | An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or avai… | |
| CVE-2025-32004 | LOW | 3.9 | 2025-08-12 | Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access. | |
| CVE-2025-44964 | LOW | 3.9 | 2025-08-05 | A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information. | |
| CVE-2025-44657 | LOW | 3.9 | 2025-07-21 | In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system f… | |
| CVE-2025-53177 | LOW | 3.9 | 2025-07-07 | Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches. | |
| CVE-2015-0849 | LOW | Patched | 3.9 | 2025-06-26 | pycode-browser before version 1.0 is prone to a predictable temporary file vulnerability. |
| CVE-2025-6139 | LOW | 3.9 | 2025-06-16 | A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/sha… | |
| CVE-2025-49597 | LOW | 3.9 | 2025-06-13 | handcraftedinthealps goodby-csv is a highly memory efficient, flexible and extendable open-source CSV import/export library. Prior to 1.4.3, goodby-csv could be used as par… | |
| CVE-2025-5916 | LOW | Patched | 3.9 | 2025-06-09 | A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that c… |