Search
2,481 CVEs · Medium severity
CVEs (2,481, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 2,481 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2026-8214 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the… | |
| CVE-2026-8215 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Inte… | |
| CVE-2026-8217 | MEDIUM | 6.3 | 2026-05-10 | A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface.… | |
| CVE-2026-8222 | MEDIUM | Patched | 5.3 | 2026-05-10 | A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-p… |
| CVE-2026-8223 | MEDIUM | Patched | 5.3 | 2026-05-10 | A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Perfo… |
| CVE-2026-8224 | MEDIUM | Patched | 5.3 | 2026-05-10 | A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the component PCF. E… |
| CVE-2026-6735 | MEDIUM | Patched | 6.1 | 2026-05-10 | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, 8.5.* before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose… |
| CVE-2026-7259 | MEDIUM | Patched | 6.5 | 2026-05-10 | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a N… |
| CVE-2026-8225 | MEDIUM | Patched | 5.3 | 2026-05-10 | A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of the file src/pcf/sm-sm.c of the component delete … |
| CVE-2026-8226 | MEDIUM | Patched | 5.3 | 2026-05-10 | A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_pcc_rule_install_flow_from_media in the library /lib/proto/types.c. … |
| CVE-2026-8227 | MEDIUM | 6.3 | 2026-05-10 | A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command inject… | |
| CVE-2026-8228 | MEDIUM | 6.3 | 2026-05-10 | A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument … | |
| CVE-2026-8229 | MEDIUM | 6.3 | 2026-05-10 | A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the a… | |
| CVE-2026-8230 | MEDIUM | 6.3 | 2026-05-10 | A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ip… | |
| CVE-2026-8231 | MEDIUM | 6.3 | 2026-05-10 | A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation of the argu… | |
| CVE-2026-8233 | MEDIUM | 4.6 | 2026-05-10 | A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access con… | |
| CVE-2026-8235 | MEDIUM | 5.5 | 2026-05-10 | A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Comma… | |
| CVE-2026-8241 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Inter… | |
| CVE-2026-8243 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint. Executing… | |
| CVE-2026-8244 | MEDIUM | 5.3 | 2026-05-10 | A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface. The manipulati… | |
| CVE-2021-47907 | MEDIUM | 6.4 | 2026-05-10 | Rocket LMS 1.1 contains a persistent cross-site scripting vulnerability in the support ticket module that allows authenticated users to inject malicious script code through… | |
| CVE-2021-47910 | MEDIUM | 6.4 | 2026-05-10 | AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript p… | |
| CVE-2021-47922 | MEDIUM | 6.4 | 2026-05-10 | Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. … | |
| CVE-2021-47924 | MEDIUM | 6.4 | 2026-05-10 | Ultimate Product Catalogue 5.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the price para… | |
| CVE-2021-47925 | MEDIUM | 6.4 | 2026-05-10 | CMDBuild 3.3.2 contains multiple stored cross-site scripting vulnerabilities that allow authenticated attackers to inject arbitrary web script or HTML via crafted input in … |