Search
7,950 CVEs · Medium severity
CVEs (7,950, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 7,950 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-11559 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was detected in CodeAstro Payroll System 1.0. This affects an unknown function of the file /view_account.php. The manipulation of the argument ID results in… | |
| CVE-2026-11558 | MEDIUM | 6.3 | 2026-06-08 | A security vulnerability has been detected in CodeAstro Payroll System 1.0. The impacted element is an unknown function of the file /home_salary.php. The manipulation of th… | |
| CVE-2026-11554 | MEDIUM | 4.3 | 2026-06-08 | A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulatio… | |
| CVE-2026-11552 | MEDIUM | 5.3 | 2026-06-08 | A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affecte… | |
| CVE-2026-45581 | MEDIUM | Patched | 5.5 | 2026-06-08 | fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in c… |
| CVE-2026-39908 | MEDIUM | 6.5 | 2026-06-08 | OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by c… | |
| CVE-2026-11611 | MEDIUM | 6.5 | 2026-06-08 | A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading syn… | |
| CVE-2026-11533 | MEDIUM | 5.4 | 2026-06-08 | A security vulnerability has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknow… | |
| CVE-2026-11532 | MEDIUM | 6.3 | 2026-06-08 | A weakness has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected is an unknown function of the file /add.php of… | |
| CVE-2026-43951 | MEDIUM | 6.5 | 2026-06-08 | Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 thr… | |
| CVE-2026-29170 | MEDIUM | Patched | 6.1 | 2026-06-08 | A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents e… |
| CVE-2026-11529 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function read_resource of the file src/mysql_mcp_server/server.py… | |
| CVE-2020-37248 | MEDIUM | Patched | 6.5 | 2026-06-08 | OfflineIMAP before 8.0.3 trusts the server with their STARTTLS capability prior to authentication, which allows STRIPTLS/man-in-the-middle attacks, taking over the connecti… |
| CVE-2026-25558 | MEDIUM | 4.8 | 2026-06-08 | QloApps through 1.7.0 contains a stored cross-site scripting vulnerability in the admin file manager that allows authenticated administrators to inject malicious JavaScript… | |
| CVE-2026-11521 | MEDIUM | 6.3 | 2026-06-08 | A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part … | |
| CVE-2026-11519 | MEDIUM | 6.3 | 2026-06-08 | A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /Product_Inventory/api/us… | |
| CVE-2026-11518 | MEDIUM | 4.3 | 2026-06-08 | A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The man… | |
| CVE-2026-11516 | MEDIUM | 5.5 | 2026-06-08 | A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the arg… | |
| CVE-2026-9549 | MEDIUM | 4.8 | 2026-06-08 | Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can c… | |
| CVE-2026-8078 | MEDIUM | 4.8 | 2026-06-08 | Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change globa… | |
| CVE-2026-7186 | MEDIUM | 5.4 | 2026-06-08 | Stored cross-site scripting in the URL dashboard widget in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions t… | |
| CVE-2026-11515 | MEDIUM | 5.3 | 2026-06-08 | A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file … | |
| CVE-2026-11514 | MEDIUM | 6.3 | 2026-06-08 | A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argu… | |
| CVE-2026-11513 | MEDIUM | 6.3 | 2026-06-08 | A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument… | |
| CVE-2026-11512 | MEDIUM | 4.3 | 2026-06-08 | A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipula… |