Search
810 CVEs · Low severity
CVEs (810, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 810 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2026-21295 | LOW | Patched | 3.1 | 2026-03-11 | Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') … |
| CVE-2026-3911 | LOW | 2.7 | 2026-03-11 | A flaw was found in Keycloak. An authenticated user with the view-users role could exploit a vulnerability in the UserResource component. By accessing a specific administra… | |
| CVE-2025-70330 | LOW | 3.3 | 2026-03-11 | Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in the handling of proprietary .EGP gradebook files. By modifying specific fields at precise offsets within an oth… | |
| CVE-2026-3946 | LOW | 3.5 | 2026-03-11 | A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askco… | |
| CVE-2025-12697 | LOW | Patched | 2.2 | 2026-03-11 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authent… |
| CVE-2025-12704 | LOW | Patched | 3.5 | 2026-03-11 | GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authentica… |
| CVE-2026-31863 | LOW | Patched | 3.6 | 2026-03-11 | Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access w… |
| CVE-2026-24509 | LOW | Patched | 3.6 | 2026-03-11 | Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Access Control vulnerability. A low privileged attacker with local access could poten… |
| CVE-2026-3949 | LOW | 3.3 | 2026-03-11 | A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component … | |
| CVE-2026-24508 | LOW | Patched | 2.5 | 2026-03-11 | Dell Alienware Command Center (AWCC), versions prior to 6.12.24.0, contain an Improper Certificate Validation vulnerability. A low privileged attacker with local access cou… |
| CVE-2026-31974 | LOW | Patched | 3.0 | 2026-03-11 | OpenProject is an open-source, web-based project management software. Prior to 17.2.0, OpenProject SMTP test endpoint (POST /admin/settings/mail_notifications) accepts arbi… |
| CVE-2026-3950 | LOW | 3.3 | 2026-03-11 | A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. … | |
| CVE-2026-0520 | LOW | 2.8 | 2026-03-11 | A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensi… | |
| CVE-2026-32109 | LOW | Patched | 3.7 | 2026-03-11 | Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with t… |
| CVE-2025-62328 | LOW | 3.7 | 2026-03-11 | HCL Nomad server on Domino did not configure the frame-ancestors directive in the Content-Security-Policy header by default which could allow an attacker to obtain sensitiv… | |
| CVE-2026-3929 | LOW | Patched | 3.1 | 2026-03-11 | Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chr… |
| CVE-2026-3963 | LOW | 3.7 | 2026-03-11 | A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroCon… | |
| CVE-2026-3983 | LOW | 3.5 | 2026-03-12 | A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The… | |
| CVE-2026-3984 | LOW | 3.5 | 2026-03-12 | A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file save_up_athle… | |
| CVE-2026-4009 | LOW | 3.3 | 2026-03-12 | A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav_read_pcm_frames_s16__msadpcm in the library src/audiosource/wav/dr_wav.h … | |
| CVE-2026-4010 | LOW | 3.3 | 2026-03-12 | A vulnerability was found in ThakeeNathees pocketlang up to cc73ca61b113d48ee130d837a7a8b145e41de5ce. The affected element is the function pkByteBufferAddString. The manipu… | |
| CVE-2026-4012 | LOW | 3.3 | 2026-03-12 | A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read_ of the file src/fe.c. This manipulation … | |
| CVE-2026-2366 | LOW | 3.1 | 2026-03-12 | A flaw was found in Keycloak. An authorization bypass vulnerability in the Keycloak Admin API allows any authenticated user, even those without administrative privileges, t… | |
| CVE-2026-4040 | LOW | Patched | 3.3 | 2026-03-12 | A vulnerability was identified in OpenClaw up to 2026.2.17. This issue affects the function tools.exec.safeBins of the component File Existence Handler. The manipulation le… |
| CVE-2026-4044 | LOW | 3.8 | 2026-03-12 | A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a ma… |