Busca de CVEs

363.357 resultados
CVE-2026-13316MEDIUMForeman: ssrf to cloud metada service through unvalidated test_url parameters in foreman configEPSS 0.1%CVE-2026-50750HIGHApache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270EPSS 0.7%CVE-2026-52760MEDIUMApache ActiveMQ, Apache ActiveMQ Web Console: Stored XSS via Unescaped values in ActiveMQ Web ConsoleEPSS 0.6%CVE-2026-53916HIGHApache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codecEPSS 0.8%CVE-2026-53917HIGHApache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker: Unbounded memory allocation in OpenWire property unmarshallingEPSS 0.8%CVE-2026-54475HIGHApache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Temporary destination ownership takeoverEPSS 0.6%CVE-2026-10763HIGHPROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party DigipedEPSS 0.3%CVE-2026-8141HIGHAjax Load More - Filters <= 3.4.1 - Unauthenticated Stored Cross-Site Scripting via 'taxonomy_include_children' FieldEPSS 0.3%CVE-2026-9711CRITICALEventON - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search ParameterEPSS 0.4%CVE-2026-12076CRITICALSQL Injection in Raytha CMSEPSS 0.4%CVE-2025-7406HIGHA Sudo Privilege Escalation Vulnerability in Nokia MantaRay NMEPSS 0.1%CVE-2025-24816MEDIUMAn Improper Access Control vulnerability in Nokia MantaRay NMEPSS 0.3%CVE-2025-24815HIGHAn unrestricted file upload vulnerability in Nokia MantaRay NMEPSS 0.2%CVE-2026-6954MEDIUMMultiple vulnerabilities in Intermark IT's WebControl CMSEPSS 0.4%CVE-2026-6953MEDIUMMultiple vulnerabilities in Intermark IT's WebControl CMSEPSS 0.4%CVE-2026-13149HIGHbrace-expansion through 5.0.6 is vulnerable to denial of service. The expand() function exhibits exponential-time complexity in the number oEPSS 0.4%CVE-2026-12610MEDIUMSssd: use-after-free crash in sssd' 'sssd_pam' processEPSS 0.2%CVE-2026-45822MEDIUMdecode-uri-component through 0.4.1 is vulnerable to denial of service. The decode() function splits input on '%' producing N tokens and callEPSS 0.3%CVE-2026-12578HIGHDTMSoft - Deserialization of Untrusted Data VulnerabilityEPSS 0.4%CVE-2026-12240HIGHExport User Data <= 2.2.6 - Authenticated (Subscriber+) PHP Object Injection to Arbitrary File Deletion via display_name FieldEPSS 0.3%