Búsqueda de CVEs

364.247 resultados
CVE-2026-50741HIGHBypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed eithEPSS 2.7%CVE-2026-50739MEDIUMA bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns EPSS 0.3%CVE-2026-50744MEDIUMA bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a sessEPSS 0.2%CVE-2026-13322LOWKubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of serviceEPSS 0.1%CVE-2026-38571MEDIUMCleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticatEPSS 0.1%CVE-2026-30041HIGHAn integer overflow in the PSD parser compnent of FastStone Image Viewer v8.3 allows attackers to execute arbitrary code or cause a Denial oEPSS 0.6%CVE-2026-39031MEDIUMLansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-charactEPSS 0.1%CVE-2026-30040MEDIUMA heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the contextEPSS 0.5%CVE-2026-38639HIGHAn issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parEPSS 0.4%CVE-2026-38641HIGHAn issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafteEPSS 0.4%CVE-2026-50766MEDIUMA stored cross-site scripting (XSS) vulnerability in the OPAC item detail page of Koha Library Management System 0 through 25.11 versions alEPSS 0.2%CVE-2026-50765MEDIUMA stored cross-site scripting (XSS) vulnerability in the patron restriction type administration page of Koha Library Management System 0 thrEPSS 0.2%CVE-2026-36908MEDIUMA stack overflow in the AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers tEPSS 0.1%CVE-2026-36907MEDIUMA stack overflow in the AP4_StsdAtom::AP4_StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of EPSS 0.1%CVE-2026-50767MEDIUMA stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 verEPSS 0.2%CVE-2026-36478HIGHAn issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServeEPSS 0.4%CVE-2026-9222CRITICALSetracker2 Children's Smartwatch Ecosystem Use of password hash instead of password for authenticationEPSS 0.2%CVE-2026-9221HIGHSetracker2 Children's Smartwatch Ecosystem Use of a Broken or Risky Cryptographic AlgorithmEPSS 0.2%CVE-2026-13083MEDIUMPen-drive: pen-drive: stored xss via unescaped cluster data in html reportEPSS 0.2%CVE-2026-13318MEDIUMVirt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ipEPSS 0.1%