Búsqueda de CVEs
361.085 resultadosCVE-2026-57455MEDIUMVim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argumentEPSS 0.1%CVE-2026-57456HIGHVim: Arbitrary Code Execution via Python Omni-Completion DocstringsEPSS 0.1%CVE-2026-9718MEDIUMCWE-617 Reachable Assertion vulnerability exists that could allow an authenticated attacker to trigger a denial-of-service condition, impactEPSS 0.2%CVE-2026-9717HIGHCWE-78 Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could allow unauthorized EPSS 1.0%CVE-2026-9716HIGHCWE-476 NULL Pointer Dereference vulnerability exists that could cause a denial-of-service condition, rendering the device’s HMI and configuEPSS 0.3%CVE-2026-55477HIGHAuthenticated Arbitrary File Write via Database Import and Xray Log Path ManipulationEPSS 0.3%CVE-2026-9651MEDIUMCWE-732 Incorrect Permission Assignment for Critical Resource vulnerability that could cause unauthorized disclosure of password hashes and EPSS 0.1%CVE-2026-9650HIGHCWE-522 Insufficiently Protected Credentials vulnerability that could cause unauthorized access and exposure of sensitive information when uEPSS 0.2%CVE-2026-57438LOWNokogiri: Possible Use-After-Free in XInclude ProcessingEPSS 0.1%CVE-2026-57437LOWNokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetimeEPSS 0.3%CVE-2026-57436LOWNokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node typeEPSS 0.3%CVE-2026-57435LOWNokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`EPSS 0.3%CVE-2026-57532HIGHMalicious HTML content contained in the layout specification of a PDF
ticket or badge layout was executed when the PDF editor is opened in EPSS 0.3%CVE-2026-57434LOWNokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classesEPSS 0.3%CVE-2026-57533LOWMalicious HTML content could be injected into the page pretix shows when
redirection to an untrusted page occurs. Since this page has a
CoEPSS 0.2%CVE-2026-57235MEDIUMNokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`EPSS 0.3%CVE-2026-57234LOWNokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247EPSS 0.2%CVE-2026-57535LOWContent injected to PDF rendering contexts could, in many places, include HTML content including <img> tags. If the src
attribute of these EPSS 0.3%CVE-2026-57236LOWNokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exceptionEPSS 0.3%CVE-2026-13225MEDIUMStored XSS in ticket confirmation pageEPSS 0.3%