Busca de CVEs

363.130 resultados
CVE-2026-13486MEDIUMSourceCodester Class and Exam Timetabling System preview6.php sql injectionEPSS 0.4%CVE-2026-13485MEDIUMSourceCodester Class and Exam Timetabling System preview.php sql injectionEPSS 0.4%CVE-2026-13484LOWMLflow Experiment-scoped Label Schema CRUD API authorizationEPSS 0.3%CVE-2026-13483LOWarc53 DocsGPT Credential Storage encryption.py encrypt_credentials data authenticityEPSS 0.1%CVE-2026-13482MEDIUMskypilot-org skypilot User ID server.py username.encode weak hashEPSS 0.2%CVE-2026-10593MEDIUMRemotely triggerable NULL-pointer dereference in Bluetooth LE Audio BAP unicast client QoS-state handlingEPSS 0.2%CVE-2026-10646HIGHUse-after-return in `zsock_getaddrinfo()` when a timed-out DNS query is retried without cancellationEPSS 0.3%CVE-2026-10644MEDIUMOut-of-bounds write in Microchip SERCOM-G1 (PIC32CM-JH) async UART RX with 1-byte bufferEPSS 0.1%CVE-2026-58058MEDIUMNmap - Integer Underflow in IPv6 Extension Header ParsingEPSS 0.3%CVE-2026-58057LOWFlowise - Custom MCP Environment Variable Denylist Bypass via Case SensitivityEPSS 0.2%CVE-2026-58056HIGHRustDesk - FileTransfer Session Authorization Scope BypassEPSS 0.2%CVE-2026-58055MEDIUMnghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-LengthEPSS 0.2%CVE-2026-58054HIGHMyBB - Privilege Escalation from Limited ACP User Management to AdministratorEPSS 0.3%CVE-2026-58053CRITICALGitea act_runner - Container Hardening Bypass via Workflow Container OptionsEPSS 0.3%CVE-2026-58052MEDIUM7-Zip - Mark-of-the-Web Bypass via RAR5 Alternate Data Stream Name CollisionEPSS 0.1%CVE-2026-58051HIGHlibssh2 - Free of Uninitialized Pointer in publickey List CleanupEPSS 0.3%CVE-2026-58050HIGHlibssh2 - Integer Overflow in publickey Subsystem Attribute AllocationEPSS 0.3%CVE-2026-58049HIGHFFmpeg - Out-of-Bounds Write in RASC Decoder decode_dlta()EPSS 0.2%CVE-2026-8095HIGHFrontend File Manager Plugin <= 23.6 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.4%CVE-2026-10643HIGHOut-of-bounds heap write in Zephyr `recvmsg()` ancillary-data path (`insert_pktinfo` undersizes the control-buffer capacity check)EPSS 0.1%