Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Category: other Group: languages Clear
ID Title
CVE-2026-13521 A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php....
CVE-2026-47906 Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
CVE-2026-45555 Code Injection in csharp (CVE-2026-45555)
code injection in csharp (CVE-2026-45555). Successful exploitation can lead to full system takeover. Exploitable via ``get_diagnostics``. Mitigation: upgrade to `1.17.0` or later.
CVE-2026-45615 Vulnerability in c (CVE-2026-45615)
vulnerability in c (CVE-2026-45615). Risk of unauthorized operations or information disclosure. Exploitable via ``INTEGER_decode_oer``.
CVE-2026-42083 Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
Free5GC PCF: Missing authentication middleware in Npcf_SMPolicyControl allows access to SM policy handlers and disclosure of subscriber SUPI
CVE-2026-27891 FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the f...
FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the file paths within uploaded ZIP archives. This allows an attacker to perform a Zip Slip attack, leadin...
CVE-2021-47963 Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to...
Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to...
CVE-2026-41583 Vulnerability in zfnd (CVE-2026-41583)
vulnerability in zfnd (CVE-2026-41583). Data can be tampered with by attackers. Exploitable via ``zcashd``.
CVE-2026-41507 Code Injection in remote (CVE-2026-41507)
code injection in remote (CVE-2026-41507). Successful exploitation can lead to full system takeover.
CVE-2025-69691 Vulnerability in pfsense (CVE-2025-69691)
vulnerability in pfsense (CVE-2025-69691). Successful exploitation can lead to full system takeover.
CVE-2026-41501 Command Injection in electerm (CVE-2026-41501)
command injection in electerm (CVE-2026-41501). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `> 3.2.0` or later.
CVE-2025-63704 Vulnerability in prototype-pollution (CVE-2025-63704)
vulnerability in prototype-pollution (CVE-2025-63704). Successful exploitation can lead to full system takeover.
CVE-2026-42216 Out-of-Bounds Read in openexr (CVE-2026-42216)
vulnerability in openexr (CVE-2026-42216). Confidential information can be exposed externally. Exploitable via ``c13e0e1320a6652e02c5c90c6dbd984d532efe44``.
CVE-2026-42217 Vulnerability in openexr (CVE-2026-42217)
vulnerability in openexr (CVE-2026-42217). Successful exploitation can lead to full system takeover. Exploitable via ``ImfIDManifest.cpp``.
CVE-2026-24118 Code Injection in vm2-project (CVE-2026-24118)
code injection in vm2-project (CVE-2026-24118). Successful exploitation can lead to full system takeover. Exploitable via ``__lookupGetter__``.
CVE-2015-8325 The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows loca...
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demons...

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →