Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: cwe Clear
ID Title
CVE-2025-32425 Vulnerability in dos (CVE-2025-32425)
vulnerability in dos (CVE-2025-32425). Risk of unauthorized operations or information disclosure.
CVE-2025-29338 Vulnerability in CVE-2025-29338 (CVE-2025-29338)
vulnerability in CVE-2025-29338 (CVE-2025-29338). Risk of unauthorized operations or information disclosure.
CVE-2025-28344 striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack.
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function AuxJack.
CVE-2024-55045 Vulnerability in c (CVE-2024-55045)
vulnerability in c (CVE-2024-55045). Risk of unauthorized operations or information disclosure.
CVE-2024-51395 Vulnerability in cpp (CVE-2024-51395)
vulnerability in cpp (CVE-2024-51395). Risk of unauthorized operations or information disclosure.
CVE-2025-28343 striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons.
striso-control-firmware 54c9722 is vulnerable to Buffer Overflow in function ThreadReadButtons.
CVE-2020-37226 SQL Injection in sqli (CVE-2020-37226)
SQL injection in sqli (CVE-2020-37226). Confidential information can be exposed externally.
CVE-2020-37225 Cross-Site Scripting (XSS) in CVE-2020-37225 (CVE-2020-37225)
cross-site scripting in CVE-2020-37225 (CVE-2020-37225). Risk of unauthorized operations or information disclosure.
CVE-2020-37218 SQL Injection in sqli (CVE-2020-37218)
SQL injection in sqli (CVE-2020-37218). Confidential information can be exposed externally.
CVE-2020-37224 SQL Injection in sqli (CVE-2020-37224)
SQL injection in sqli (CVE-2020-37224). Confidential information can be exposed externally.
CVE-2020-37222 Cross-Site Scripting (XSS) in c (CVE-2020-37222)
cross-site scripting in c (CVE-2020-37222). Risk of unauthorized operations or information disclosure.
CVE-2020-37221 Vulnerability in CVE-2020-37221 (CVE-2020-37221)
vulnerability in CVE-2020-37221 (CVE-2020-37221). Successful exploitation can lead to full system takeover.
CVE-2020-37220 Vulnerability in CVE-2020-37220 (CVE-2020-37220)
vulnerability in CVE-2020-37220 (CVE-2020-37220). Confidential information can be exposed externally.
CVE-2020-37217 Cross-Site Request Forgery (CSRF) in CVE-2020-37217 (CVE-2020-37217)
vulnerability in CVE-2020-37217 (CVE-2020-37217). Risk of unauthorized operations or information disclosure.
CVE-2020-37219 Path Traversal in path-traversal (CVE-2020-37219)
path traversal in path-traversal (CVE-2020-37219). Confidential information can be exposed externally.
CVE-2020-37174 Cross-Site Scripting (XSS) in CVE-2020-37174 (CVE-2020-37174)
cross-site scripting in CVE-2020-37174 (CVE-2020-37174). Risk of unauthorized operations or information disclosure.
CVE-2020-37169 Vulnerability in wordpress (CVE-2020-37169)
vulnerability in wordpress (CVE-2020-37169). Confidential information can be exposed externally.
CVE-2026-45375 Vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45375)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45375). Successful exploitation can lead to full system takeover. Exploitable via ``name``.
CVE-2026-45371 Vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45371)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45371). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/graph/getGraph`. Mitigation: upgrade to `0.0.0-20260512140701-d7b77d945e0d` or later.
CVE-2026-45083 Vulnerability in io.goobi.viewer:viewer-core (CVE-2026-45083)
vulnerability in io.goobi.viewer:viewer-core (CVE-2026-45083). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/index/stream`.
CVE-2026-45152 OS Command Injection in gitlab.com/uniget-org/cli (CVE-2026-45152)
OS command injection in gitlab.com/uniget-org/cli (CVE-2026-45152). Successful exploitation can lead to full system takeover. Exploitable via ``check``. Mitigation: upgrade to `0.27.1` or later.
CVE-2026-45148 Authorization Flaw in github.com/siyuan-note/siyuan/kernel (CVE-2026-45148)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45148). Risk of unauthorized operations or information disclosure. Exploitable via ``getBookmark``. Mitigation: upgrade to `0.0.0-20260512140701-d7b77d945e0d` or later.
CVE-2026-45147 Vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45147)
vulnerability in github.com/siyuan-note/siyuan/kernel (CVE-2026-45147). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/tag/getTag`. Mitigation: upgrade to `0.0.0-20260512140701-d7b77d945e0d` or later.
CVE-2026-45137 Vulnerability in anchor-lang (CVE-2026-45137)
vulnerability in anchor-lang (CVE-2026-45137). Data can be tampered with by attackers. Mitigation: upgrade to `1.0.2` or later.
CVE-2026-45136 OS Command Injection in claude-code-cache-fix (CVE-2026-45136)
OS command injection in claude-code-cache-fix (CVE-2026-45136). Successful exploitation can lead to full system takeover. Exploitable via ``statusLine``. Mitigation: upgrade to `3.5.2` or later.
CVE-2026-44798 Vulnerability in nautobot (CVE-2026-44798)
vulnerability in nautobot (CVE-2026-44798). Risk of unauthorized operations or information disclosure. Exploitable via ``current_head``. Mitigation: upgrade to `2.4.33` or later.
CVE-2026-44797 SSRF (Server-Side Request Forgery) in nautobot (CVE-2026-44797)
SSRF in nautobot (CVE-2026-44797). Confidential information can be exposed externally. Exploitable via ``Webhook``. Mitigation: upgrade to `2.4.33` or later.
CVE-2026-44796 Vulnerability in nautobot (CVE-2026-44796)
vulnerability in nautobot (CVE-2026-44796). Risk of unauthorized operations or information disclosure. Exploitable via ``find``. Mitigation: upgrade to `2.4.33` or later.
CVE-2026-44794 Vulnerability in nautobot (CVE-2026-44794)
vulnerability in nautobot (CVE-2026-44794). Risk of unauthorized operations or information disclosure. Exploitable via ``GenericForeignKey``. Mitigation: upgrade to `2.4.33` or later.
CVE-2026-44774 Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774). Successful exploitation can lead to full system takeover. Exploitable via `PUT /api/providers/rest`. Mitigation: upgrade to `3.6.17` or later.
CVE-2026-44740 Vulnerability in github.com/go-git/go-billy/v5 (CVE-2026-44740)
vulnerability in github.com/go-git/go-billy/v5 (CVE-2026-44740). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.9.0` or later.
CVE-2026-45134 Unsafe Deserialization in langsmith (CVE-2026-45134)
vulnerability in langsmith (CVE-2026-45134). Confidential information can be exposed externally. Exploitable via ``pull_prompt``. Mitigation: upgrade to `0.8.0` or later.
CVE-2026-44724 OS Command Injection in systeminformation (CVE-2026-44724)
OS command injection in systeminformation (CVE-2026-44724). Successful exploitation can lead to full system takeover. Exploitable via ``systeminformation``. Mitigation: upgrade to `5.31.6` or later.
CVE-2026-8369 Vulnerability in CVE-2026-8369 (CVE-2026-8369)
vulnerability in CVE-2026-8369 (CVE-2026-8369). Risk of unauthorized operations or information disclosure.
CVE-2026-4608 SQL Injection in wordpress (CVE-2026-4608)
SQL injection in wordpress (CVE-2026-4608). Confidential information can be exposed externally.
CVE-2026-4607 Vulnerability in wordpress (CVE-2026-4607)
vulnerability in wordpress (CVE-2026-4607). Risk of unauthorized operations or information disclosure.
CVE-2026-4609 Vulnerability in wordpress (CVE-2026-4609)
vulnerability in wordpress (CVE-2026-4609). Data can be tampered with by attackers.
CVE-2026-39806 Vulnerability in bandit (CVE-2026-39806)
vulnerability in bandit (CVE-2026-39806). Risk of unauthorized operations or information disclosure. Exploitable via ``rest``. Mitigation: upgrade to `1.11.1` or later.
CVE-2026-37430 Unrestricted File Upload in CVE-2026-37430 (CVE-2026-37430)
vulnerability in CVE-2026-37430 (CVE-2026-37430). Risk of unauthorized operations or information disclosure.
CVE-2026-37429 SQL Injection in sqli (CVE-2026-37429)
SQL injection in sqli (CVE-2026-37429). Risk of unauthorized operations or information disclosure.
CVE-2026-39803 Vulnerability in bandit (CVE-2026-39803)
vulnerability in bandit (CVE-2026-39803). Risk of unauthorized operations or information disclosure. Exploitable via ``Plug.Parsers``. Mitigation: upgrade to `1.11.1` or later.
CVE-2026-37428 SQL Injection in sqli (CVE-2026-37428)
SQL injection in sqli (CVE-2026-37428). Risk of unauthorized operations or information disclosure.
CVE-2026-42948 Cross-Site Scripting (XSS) in CVE-2026-42948 (CVE-2026-42948)
cross-site scripting in CVE-2026-42948 (CVE-2026-42948). Risk of unauthorized operations or information disclosure.
CVE-2026-6177 Cross-Site Scripting (XSS) in wordpress (CVE-2026-6177)
cross-site scripting in wordpress (CVE-2026-6177). Risk of unauthorized operations or information disclosure.
CVE-2026-42950 Vulnerability in CVE-2026-42950 (CVE-2026-42950)
vulnerability in CVE-2026-42950 (CVE-2026-42950). Risk of unauthorized operations or information disclosure.
CVE-2026-42062 OS Command Injection in CVE-2026-42062 (CVE-2026-42062)
OS command injection in CVE-2026-42062 (CVE-2026-42062). Successful exploitation can lead to full system takeover.
CVE-2026-40621 Vulnerability in CVE-2026-40621 (CVE-2026-40621)
vulnerability in CVE-2026-40621 (CVE-2026-40621). Successful exploitation can lead to full system takeover.
CVE-2026-3425 Vulnerability in wordpress (CVE-2026-3425)
vulnerability in wordpress (CVE-2026-3425). Successful exploitation can lead to full system takeover.
CVE-2026-3426 Vulnerability in wordpress (CVE-2026-3426)
vulnerability in wordpress (CVE-2026-3426). Risk of unauthorized operations or information disclosure.
CVE-2026-35506 OS Command Injection in CVE-2026-35506 (CVE-2026-35506)
OS command injection in CVE-2026-35506 (CVE-2026-35506). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →