CVE search

363,402 results
CVE-2026-57436LOWNokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node typeEPSS 0.3%CVE-2026-57435LOWNokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`EPSS 0.4%CVE-2026-57532HIGHMalicious HTML content contained in the layout specification of a PDF ticket or badge layout was executed when the PDF editor is opened in EPSS 0.3%CVE-2026-57434LOWNokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classesEPSS 0.4%CVE-2026-57533LOWMalicious HTML content could be injected into the page pretix shows when redirection to an untrusted page occurs. Since this page has a CoEPSS 0.2%CVE-2026-57235MEDIUMNokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`EPSS 0.3%CVE-2026-57234LOWNokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247EPSS 0.2%CVE-2026-57535LOWContent injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src attribute of these EPSS 0.3%CVE-2026-57236LOWNokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exceptionEPSS 0.3%CVE-2026-13225MEDIUMStored XSS in ticket confirmation pageEPSS 0.3%CVE-2026-49319MEDIUMAlps Electric Co., Ltd. R53R0 Remote Keyless Entry System (RKES) Replay AttackEPSS 0.2%CVE-2026-57534LOWStored XSS in pretix-pagesEPSS 0.3%CVE-2026-57536MEDIUMInsufficient validation of payment status in pretix-mollieEPSS 0.3%CVE-2026-13222MEDIUMInsufficient validation of payment status in pretix-oppwaEPSS 0.3%CVE-2026-13223MEDIUMInsufficient validation of payment status in pretix-computopEPSS 0.3%CVE-2026-13314LOWStored XSS in pretix-digitalEPSS 0.3%CVE-2026-6432MEDIUMImproper bounds validation in EmberZNet SDKEPSS 0.3%CVE-2026-46735HIGHDell Display and Peripheral Manager (DDPM Mac), versions prior to 2.3, contain an Improper Neutralization of Special Elements used in an OS EPSS 0.7%CVE-2026-57588LOWSQL Injection in Nessus via Malicious Scan Result File ImportEPSS 0.2%CVE-2026-57587LOWSQL Injection in Nessus via Reverse DNS LookupEPSS 0.3%