Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-20264 |
|
SQL Injection in sqli (CVE-2017-20264)
SQL injection in sqli (CVE-2017-20264). Confidential information can be exposed externally.
|
| CVE-2017-20266 |
|
SQL Injection in sqli (CVE-2017-20266)
SQL injection in sqli (CVE-2017-20266). Confidential information can be exposed externally.
|
| CVE-2017-20265 |
|
SQL Injection in sqli (CVE-2017-20265)
SQL injection in sqli (CVE-2017-20265). Confidential information can be exposed externally.
|
| CVE-2017-20257 |
|
SQL Injection in sqli (CVE-2017-20257)
SQL injection in sqli (CVE-2017-20257). Confidential information can be exposed externally.
|
| CVE-2017-20262 |
|
SQL Injection in sqli (CVE-2017-20262)
SQL injection in sqli (CVE-2017-20262). Confidential information can be exposed externally.
|
| CVE-2017-20259 |
|
SQL Injection in sqli (CVE-2017-20259)
SQL injection in sqli (CVE-2017-20259). Confidential information can be exposed externally.
|
| CVE-2017-20263 |
|
SQL Injection in sqli (CVE-2017-20263)
SQL injection in sqli (CVE-2017-20263). Confidential information can be exposed externally.
|
| CVE-2017-20261 |
|
SQL Injection in sqli (CVE-2017-20261)
SQL injection in sqli (CVE-2017-20261). Confidential information can be exposed externally.
|
| CVE-2017-20267 |
|
SQL Injection in sqli (CVE-2017-20267)
SQL injection in sqli (CVE-2017-20267). Confidential information can be exposed externally.
|
| CVE-2017-20258 |
|
SQL Injection in sqli (CVE-2017-20258)
SQL injection in sqli (CVE-2017-20258). Confidential information can be exposed externally.
|
| CVE-2017-20254 |
|
SQL Injection in sqli (CVE-2017-20254)
SQL injection in sqli (CVE-2017-20254). Confidential information can be exposed externally.
|
| CVE-2017-20255 |
|
SQL Injection in sqli (CVE-2017-20255)
SQL injection in sqli (CVE-2017-20255). Confidential information can be exposed externally.
|
| CVE-2017-20252 |
|
SQL Injection in sqli (CVE-2017-20252)
SQL injection in sqli (CVE-2017-20252). Confidential information can be exposed externally.
|
| CVE-2017-20253 |
|
SQL Injection in sqli (CVE-2017-20253)
SQL injection in sqli (CVE-2017-20253). Confidential information can be exposed externally.
|
| CVE-2026-49271 |
|
Out-of-Bounds Read in struktur (CVE-2026-49271)
vulnerability in struktur (CVE-2026-49271). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49359 |
|
SSRF (Server-Side Request Forgery) in pontedilana/php-weasyprint (CVE-2026-49359)
SSRF in pontedilana/php-weasyprint (CVE-2026-49359). Confidential information can be exposed externally. Exploitable via ``attachment``. Mitigation: upgrade to `2.6.0` or later.
|
| CVE-2026-49286 |
|
Unsafe Deserialization in pontedilana/php-weasyprint (CVE-2026-49286)
vulnerability in pontedilana/php-weasyprint (CVE-2026-49286). Successful exploitation can lead to full system takeover. Exploitable via ``eb8accc``. Mitigation: upgrade to `2.6.0` or later.
|
| CVE-2026-49290 |
|
Path Traversal in CVE-2026-49290 (CVE-2026-49290)
path traversal in CVE-2026-49290 (CVE-2026-49290). Risk of unauthorized operations or information disclosure. Exploitable via ``zipfile``.
|
| CVE-2026-49287 |
|
Vulnerability in statamic/cms (CVE-2026-49287)
vulnerability in statamic/cms (CVE-2026-49287). Data can be tampered with by attackers. Mitigation: upgrade to `5.73.23` or later.
|
| CVE-2026-49260 |
|
OS Command Injection in pontedilana/php-weasyprint (CVE-2026-49260)
OS command injection in pontedilana/php-weasyprint (CVE-2026-49260). Successful exploitation can lead to full system takeover. Exploitable via ``master``. Mitigation: upgrade to `2.5.1` or later.
|
| CVE-2026-52910 |
|
Out-of-Bounds Read in c (CVE-2026-52910)
vulnerability in c (CVE-2026-52910). Successful exploitation can lead to full system takeover.
|
| CVE-2026-21768 |
|
Vulnerability in CVE-2026-21768 (CVE-2026-21768)
vulnerability in CVE-2026-21768 (CVE-2026-21768). Confidential information can be exposed externally.
|
| CVE-2026-49871 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2026-49871)
vulnerability in apache (CVE-2026-49871). Confidential information can be exposed externally.
|
| CVE-2026-49231 |
|
Vulnerability in apache (CVE-2026-49231)
vulnerability in apache (CVE-2026-49231). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48895 |
|
Open Redirect in apache (CVE-2026-48895)
vulnerability in apache (CVE-2026-48895). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4026 |
|
Vulnerability in CVE-2026-4026 (CVE-2026-4026)
vulnerability in CVE-2026-4026 (CVE-2026-4026). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4027 |
|
Vulnerability in CVE-2026-4027 (CVE-2026-4027)
vulnerability in CVE-2026-4027 (CVE-2026-4027). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49872 |
|
Authentication Bypass in apache (CVE-2026-49872)
authentication bypass in apache (CVE-2026-49872). Confidential information can be exposed externally.
|
| CVE-2026-47339 |
|
Authorization Flaw in apache (CVE-2026-47339)
vulnerability in apache (CVE-2026-47339). Confidential information can be exposed externally.
|
| CVE-2026-44915 |
|
Open Redirect in apache (CVE-2026-44915)
vulnerability in apache (CVE-2026-44915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39998 |
|
Vulnerability in apache (CVE-2026-39998)
vulnerability in apache (CVE-2026-39998). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47341 |
|
Vulnerability in apache (CVE-2026-47341)
vulnerability in apache (CVE-2026-47341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39999 |
|
Vulnerability in apache (CVE-2026-39999)
vulnerability in apache (CVE-2026-39999). Confidential information can be exposed externally.
|
| CVE-2026-12104 |
|
OS Command Injection in CVE-2026-12104 (CVE-2026-12104)
OS command injection in CVE-2026-12104 (CVE-2026-12104). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-62821 |
|
Out-of-Bounds Read in microsoft (CVE-2025-62821)
vulnerability in microsoft (CVE-2025-62821). Confidential information can be exposed externally.
|
| CVE-2026-49358 |
|
Vulnerability in pontedilana/php-weasyprint (CVE-2026-49358)
vulnerability in pontedilana/php-weasyprint (CVE-2026-49358). Risk of unauthorized operations or information disclosure. Exploitable via ``realpath``. Mitigation: upgrade to `2.6.0` or later.
|
| CVE-2026-55766 |
|
Vulnerability in guzzlehttp/psr7 (CVE-2026-55766)
vulnerability in guzzlehttp/psr7 (CVE-2026-55766). Risk of unauthorized operations or information disclosure. Exploitable via ``Request``. Mitigation: upgrade to `2.12.1` or later.
|
| CVE-2026-9142 |
|
Vulnerability in ni (CVE-2026-9142)
vulnerability in ni (CVE-2026-9142). Confidential information can be exposed externally.
|
| CVE-2026-48140 |
|
Vulnerability in dos (CVE-2026-48140)
vulnerability in dos (CVE-2026-48140). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48141 |
|
Vulnerability in dos (CVE-2026-48141)
vulnerability in dos (CVE-2026-48141). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49357 |
|
Vulnerability in line-desktop-mcp (CVE-2026-49357)
vulnerability in line-desktop-mcp (CVE-2026-49357). Risk of unauthorized operations or information disclosure. Exploitable via ``fbed0d2d3048e63f48a356a1267ed8ec5e78f3ae``. Mitigation: upgrade to `1.1.2` or later.
|
| CVE-2026-48139 |
|
Vulnerability in dos (CVE-2026-48139)
vulnerability in dos (CVE-2026-48139). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48137 |
|
Vulnerability in ni (CVE-2026-48137)
vulnerability in ni (CVE-2026-48137). Confidential information can be exposed externally.
|
| CVE-2026-48138 |
|
Out-of-Bounds Read in dos (CVE-2026-48138)
vulnerability in dos (CVE-2026-48138). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53915 |
|
Vulnerability in jetbrains (CVE-2026-53915)
vulnerability in jetbrains (CVE-2026-53915). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50242 |
|
Vulnerability in jetbrains (CVE-2026-50242)
vulnerability in jetbrains (CVE-2026-50242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44939 |
|
Vulnerability in github.com/rancher/rancher (CVE-2026-44939)
vulnerability in github.com/rancher/rancher (CVE-2026-44939). Risk of unauthorized operations or information disclosure. Exploitable via ``authImage``. Mitigation: upgrade to `0.0.0-20260617231817-2aa77eb283e7` or later.
|
| CVE-2026-12706 |
|
Use-After-Free in dos (CVE-2026-12706)
vulnerability in dos (CVE-2026-12706). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11941 |
|
Use-After-Free in quiche (CVE-2026-11941)
vulnerability in quiche (CVE-2026-11941). Risk of unauthorized operations or information disclosure. Exploitable via ``quiche_connection_id_iter_next``. Mitigation: upgrade to `0.29.2` or later.
|
| CVE-2026-8296 |
|
Cross-Site Scripting (XSS) in CVE-2026-8296 (CVE-2026-8296)
cross-site scripting in CVE-2026-8296 (CVE-2026-8296). Risk of unauthorized operations or information disclosure.
|