Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2025-64390 Vulnerability in privilege-escalation (CVE-2025-64390)
vulnerability in privilege-escalation (CVE-2025-64390). Successful exploitation can lead to full system takeover.
CVE-2021-4478 Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of...
Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of...
CVE-2026-40715 Vulnerability in privilege-escalation (CVE-2026-40715)
vulnerability in privilege-escalation (CVE-2026-40715). Successful exploitation can lead to full system takeover.
CVE-2026-10606 Vulnerability in sqli (CVE-2026-10606)
vulnerability in sqli (CVE-2026-10606). Risk of unauthorized operations or information disclosure.
CVE-2026-24237 Unsafe Deserialization in deserialization (CVE-2026-24237)
vulnerability in deserialization (CVE-2026-24237). Successful exploitation can lead to full system takeover.
CVE-2026-24221 Unsafe Deserialization in deserialization (CVE-2026-24221)
vulnerability in deserialization (CVE-2026-24221). Successful exploitation can lead to full system takeover.
CVE-2026-42654 Vulnerability in CVE-2026-42654 (CVE-2026-42654)
vulnerability in CVE-2026-42654 (CVE-2026-42654). Data can be tampered with by attackers.
CVE-2026-40780 Vulnerability in CVE-2026-40780 (CVE-2026-40780)
vulnerability in CVE-2026-40780 (CVE-2026-40780). Data can be tampered with by attackers.
CVE-2026-7201 CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity...
CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x,...
CVE-2026-7313 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from...
CVE-2026-39552 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-39553 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2026-39555 Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
Deserialization of Untrusted Data vulnerability in Elated-Themes Askka allows Object Injection. ...
CVE-2026-10621 Vulnerability in path-traversal (CVE-2026-10621)
vulnerability in path-traversal (CVE-2026-10621). Data can be tampered with by attackers.
CVE-2025-68886 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2025-69369 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File...
CVE-2019-25719 Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software...
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software...
CVE-2026-39550 Unsafe Deserialization in deserialization (CVE-2026-39550)
vulnerability in deserialization (CVE-2026-39550). Successful exploitation can lead to full system takeover.
CVE-2026-39551 Unsafe Deserialization in deserialization (CVE-2026-39551)
vulnerability in deserialization (CVE-2026-39551). Successful exploitation can lead to full system takeover.
CVE-2026-42685 Cross-Site Scripting (XSS) in CVE-2026-42685 (CVE-2026-42685)
cross-site scripting in CVE-2026-42685 (CVE-2026-42685). Risk of unauthorized operations or information disclosure.
CVE-2026-5422 Vulnerability in path-traversal (CVE-2026-5422)
vulnerability in path-traversal (CVE-2026-5422). Confidential information can be exposed externally.
CVE-2025-52759 Cross-Site Scripting (XSS) in CVE-2025-52759 (CVE-2025-52759)
cross-site scripting in CVE-2025-52759 (CVE-2025-52759). Risk of unauthorized operations or information disclosure.
CVE-2026-3514 Authorization Flaw in prefect (CVE-2026-3514)
vulnerability in prefect (CVE-2026-3514). Confidential information can be exposed externally.
CVE-2019-25718 Vulnerability in privilege-escalation (CVE-2019-25718)
vulnerability in privilege-escalation (CVE-2019-25718). Successful exploitation can lead to full system takeover.
CVE-2026-24782 SQL Injection in sqli (CVE-2026-24782)
SQL injection in sqli (CVE-2026-24782). Data can be tampered with by attackers.
CVE-2026-24752 Cross-Site Scripting (XSS) in accellion (CVE-2026-24752)
cross-site scripting in accellion (CVE-2026-24752). Confidential information can be exposed externally.
CVE-2026-40964 Authentication Bypass in CVE-2026-40964 (CVE-2026-40964)
authentication bypass in CVE-2026-40964 (CVE-2026-40964). Confidential information can be exposed externally. Mitigation: upgrade to `3.2.7` or later.
CVE-2026-49491 SQL Injection in sqli (CVE-2026-49491)
SQL injection in sqli (CVE-2026-49491). Confidential information can be exposed externally.
CVE-2026-10290 Vulnerability in sqli (CVE-2026-10290)
vulnerability in sqli (CVE-2026-10290). Risk of unauthorized operations or information disclosure.
CVE-2018-25434 SQL Injection in wordpress (CVE-2018-25434)
SQL injection in wordpress (CVE-2018-25434). Confidential information can be exposed externally.
CVE-2018-25429 SQL Injection in sqli (CVE-2018-25429)
SQL injection in sqli (CVE-2018-25429). Confidential information can be exposed externally.
CVE-2018-25430 SQL Injection in c (CVE-2018-25430)
SQL injection in c (CVE-2018-25430). Confidential information can be exposed externally.
CVE-2018-25431 SQL Injection in sqli (CVE-2018-25431)
SQL injection in sqli (CVE-2018-25431). Confidential information can be exposed externally.
CVE-2018-25433 SQL Injection in sqli (CVE-2018-25433)
SQL injection in sqli (CVE-2018-25433). Confidential information can be exposed externally.
CVE-2018-25428 SQL Injection in sqli (CVE-2018-25428)
SQL injection in sqli (CVE-2018-25428). Confidential information can be exposed externally.
CVE-2025-70099 Vulnerability in dos (CVE-2025-70099)
vulnerability in dos (CVE-2025-70099). Risk of unauthorized operations or information disclosure.
CVE-2026-49136 Path Traversal in path-traversal (CVE-2026-49136)
path traversal in path-traversal (CVE-2026-49136). Confidential information can be exposed externally.
CVE-2026-49134 Vulnerability in privilege-escalation (CVE-2026-49134)
vulnerability in privilege-escalation (CVE-2026-49134). Successful exploitation can lead to full system takeover.
CVE-2026-24751 Cross-Site Scripting (XSS) in accellion (CVE-2026-24751)
cross-site scripting in accellion (CVE-2026-24751). Confidential information can be exposed externally.
CVE-2026-9330 Unsafe Deserialization in deserialization (CVE-2026-9330)
vulnerability in deserialization (CVE-2026-9330). Successful exploitation can lead to full system takeover.
CVE-2026-7770 Vulnerability in CVE-2026-7770 (CVE-2026-7770)
vulnerability in CVE-2026-7770 (CVE-2026-7770). Successful exploitation can lead to full system takeover.
CVE-2026-49121 Unsafe Deserialization in amd (CVE-2026-49121)
vulnerability in amd (CVE-2026-49121). Successful exploitation can lead to full system takeover.
CVE-2026-47294 OS Command Injection in deserialization (CVE-2026-47294)
OS command injection in deserialization (CVE-2026-47294). Successful exploitation can lead to full system takeover.
CVE-2026-45722 SQL Injection in sqli (CVE-2026-45722)
SQL injection in sqli (CVE-2026-45722). Confidential information can be exposed externally.
CVE-2026-43958 Vulnerability in dos (CVE-2026-43958)
vulnerability in dos (CVE-2026-43958). Successful exploitation can lead to full system takeover.
CVE-2026-43624 Path Traversal in path-traversal (CVE-2026-43624)
path traversal in path-traversal (CVE-2026-43624). Data can be tampered with by attackers.
CVE-2026-41013 Vulnerability in privilege-escalation (CVE-2026-41013)
vulnerability in privilege-escalation (CVE-2026-41013). Confidential information can be exposed externally.
CVE-2026-42678 Cross-Site Scripting (XSS) in CVE-2026-42678 (CVE-2026-42678)
cross-site scripting in CVE-2026-42678 (CVE-2026-42678). Risk of unauthorized operations or information disclosure.
CVE-2026-42674 Vulnerability in CVE-2026-42674 (CVE-2026-42674)
vulnerability in CVE-2026-42674 (CVE-2026-42674). Data can be tampered with by attackers.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →