Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: products Clear
ID Title
CVE-2021-47935 Code Injection in sentry (CVE-2021-47935)
code injection in sentry (CVE-2021-47935). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.2` or later.
CVE-2021-47924 Cross-Site Scripting (XSS) in CVE-2021-47924 (CVE-2021-47924)
cross-site scripting in CVE-2021-47924 (CVE-2021-47924). Risk of unauthorized operations or information disclosure.
CVE-2026-8231 Vulnerability in sqli (CVE-2026-8231)
vulnerability in sqli (CVE-2026-8231). Risk of unauthorized operations or information disclosure.
CVE-2026-7263 Vulnerability in libphp (CVE-2026-7263)
vulnerability in libphp (CVE-2026-7263). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.4.21, 8.5.6` or later.
CVE-2026-6104 Out-of-Bounds Read in libphp (CVE-2026-6104)
vulnerability in libphp (CVE-2026-6104). Confidential information can be exposed externally. Mitigation: upgrade to `8.4.21, 8.5.6` or later.
CVE-2026-7568 Out-of-Bounds Read in libphp (CVE-2026-7568)
vulnerability in libphp (CVE-2026-7568). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-7262 Vulnerability in libphp (CVE-2026-7262)
vulnerability in libphp (CVE-2026-7262). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-7261 Use-After-Free in libphp (CVE-2026-7261)
vulnerability in libphp (CVE-2026-7261). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-7259 Vulnerability in libphp (CVE-2026-7259)
vulnerability in libphp (CVE-2026-7259). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-7258 Out-of-Bounds Read in libphp (CVE-2026-7258)
vulnerability in libphp (CVE-2026-7258). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-6735 Cross-Site Scripting (XSS) in libphp (CVE-2026-6735)
cross-site scripting in libphp (CVE-2026-6735). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-6722 Use-After-Free in libphp (CVE-2026-6722)
vulnerability in libphp (CVE-2026-6722). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2025-14179 SQL Injection in libphp (CVE-2025-14179)
SQL injection in libphp (CVE-2025-14179). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.2.31, 8.3.31, 8.4.21, 8.5.6` or later.
CVE-2026-8194 Cross-Site Request Forgery (CSRF) in CVE-2026-8194 (CVE-2026-8194)
vulnerability in CVE-2026-8194 (CVE-2026-8194). Risk of unauthorized operations or information disclosure.
CVE-2026-42605 Path Traversal in azuracast/azuracast (CVE-2026-42605)
path traversal in azuracast/azuracast (CVE-2026-42605). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/station/{station_id}/files/upload`. Mitigation: upgrade to `0.23.6` or later.
CVE-2026-42569 Vulnerability in nabeel/phpvms (CVE-2026-42569)
vulnerability in nabeel/phpvms (CVE-2026-42569). Data can be tampered with by attackers. Mitigation: upgrade to `7.0.6` or later.
CVE-2026-42562 Privilege Escalation in CVE-2026-42562 (CVE-2026-42562)
vulnerability in CVE-2026-42562 (CVE-2026-42562). Confidential information can be exposed externally. Exploitable via `PUT /api.php/v1/users/{id}.`.
CVE-2026-8193 SSRF (Server-Side Request Forgery) in CVE-2026-8193 (CVE-2026-8193)
SSRF in CVE-2026-8193 (CVE-2026-8193). Risk of unauthorized operations or information disclosure.
CVE-2026-20040 OS Command Injection in Cisco ios-xr (CVE-2026-20040)
OS command injection in Cisco ios-xr (CVE-2026-20040). Successful exploitation can lead to full system takeover.
CVE-2026-20108 Cross-Site Scripting (XSS) in Cisco catalyst-sd-wan-manager (CVE-2026-20108)
cross-site scripting in Cisco catalyst-sd-wan-manager (CVE-2026-20108). Risk of unauthorized operations or information disclosure.
CVE-2026-20147 Command Injection in Cisco dos (CVE-2026-20147)
command injection in Cisco dos (CVE-2026-20147). Successful exploitation can lead to full system takeover.
CVE-2026-20180 Path Traversal in Cisco dos (CVE-2026-20180)
path traversal in Cisco dos (CVE-2026-20180). Successful exploitation can lead to full system takeover.
CVE-2026-20136 Vulnerability in Cisco identity-services-engine (CVE-2026-20136)
vulnerability in Cisco identity-services-engine (CVE-2026-20136). Confidential information can be exposed externally.
CVE-2026-20132 Cross-Site Scripting (XSS) in Cisco identity-services-engine (CVE-2026-20132)
cross-site scripting in Cisco identity-services-engine (CVE-2026-20132). Risk of unauthorized operations or information disclosure.
CVE-2026-20193 Vulnerability in Cisco identity-services-engine (CVE-2026-20193)
vulnerability in Cisco identity-services-engine (CVE-2026-20193). Risk of unauthorized operations or information disclosure.
CVE-2026-7363 Vulnerability in Google chrome (CVE-2026-7363)
vulnerability in Google chrome (CVE-2026-7363). Risk of unauthorized operations or information disclosure.
CVE-2026-7896 Vulnerability in Google chrome (CVE-2026-7896)
vulnerability in Google chrome (CVE-2026-7896). Risk of unauthorized operations or information disclosure.
CVE-2026-6297 Use-After-Free in Google chrome (CVE-2026-6297)
vulnerability in Google chrome (CVE-2026-6297). Successful exploitation can lead to full system takeover.
CVE-2026-6074 Vulnerability in cisa (CVE-2026-6074)
vulnerability in cisa (CVE-2026-6074). Successful exploitation can lead to full system takeover.
CVE-2026-20074 Vulnerability in Cisco dos (CVE-2026-20074)
vulnerability in Cisco dos (CVE-2026-20074). Risk of unauthorized operations or information disclosure.
CVE-2026-8209 Vulnerability in path-traversal (CVE-2026-8209)
vulnerability in path-traversal (CVE-2026-8209). Risk of unauthorized operations or information disclosure.
CVE-2026-8208 Vulnerability in CVE-2026-8208 (CVE-2026-8208)
vulnerability in CVE-2026-8208 (CVE-2026-8208). Risk of unauthorized operations or information disclosure.
CVE-2026-8207 SQL Injection in sqli (CVE-2026-8207)
SQL injection in sqli (CVE-2026-8207). Risk of unauthorized operations or information disclosure.
CVE-2026-44966 Vulnerability in velocityjs (CVE-2026-44966)
vulnerability in velocityjs (CVE-2026-44966). Risk of unauthorized operations or information disclosure.
CVE-2026-42354 Vulnerability in sso (CVE-2026-42354)
vulnerability in sso (CVE-2026-42354). Confidential information can be exposed externally. Exploitable via ``Moved``.
CVE-2026-42224 Cross-Site Scripting (XSS) in ipl/web (CVE-2026-42224)
cross-site scripting in ipl/web (CVE-2026-42224). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.10.3` or later.
CVE-2026-37709 Vulnerability in snipe/snipe-it (CVE-2026-37709)
vulnerability in snipe/snipe-it (CVE-2026-37709). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.4.1` or later.
CVE-2026-41517 Unrestricted File Upload in CVE-2026-41517 (CVE-2026-41517)
vulnerability in CVE-2026-41517 (CVE-2026-41517). Risk of unauthorized operations or information disclosure.
CVE-2026-7807 Path Traversal in smartertools (CVE-2026-7807)
path traversal in smartertools (CVE-2026-7807). Successful exploitation can lead to full system takeover.
CVE-2026-42028 Path Traversal in path-traversal (CVE-2026-42028)
path traversal in path-traversal (CVE-2026-42028). Risk of unauthorized operations or information disclosure.
CVE-2026-42072 Vulnerability in graph (CVE-2026-42072)
vulnerability in graph (CVE-2026-42072). Successful exploitation can lead to full system takeover. Exploitable via ``NORNICDB_ADDRESS``.
CVE-2026-41887 Path Traversal in flarum/core (CVE-2026-41887)
path traversal in flarum/core (CVE-2026-41887). Confidential information can be exposed externally. Exploitable via `POST /api/settings`. Mitigation: upgrade to `2.0.0-rc.1` or later.
CVE-2026-43420 Vulnerability in c (CVE-2026-43420)
vulnerability in c (CVE-2026-43420). Risk of unauthorized operations or information disclosure. Exploitable via ``i_nlink``.
CVE-2026-41576 Cross-Site Scripting (XSS) in CVE-2026-41576 (CVE-2026-41576)
cross-site scripting in CVE-2026-41576 (CVE-2026-41576). Confidential information can be exposed externally.
CVE-2026-41570 Vulnerability in phpunit/phpunit (CVE-2026-41570)
vulnerability in phpunit/phpunit (CVE-2026-41570). Successful exploitation can lead to full system takeover. Exploitable via ``auto_prepend_file``. Mitigation: upgrade to `13.1.6` or later.
CVE-2026-37431 SQL Injection in sqli (CVE-2026-37431)
SQL injection in sqli (CVE-2026-37431). Successful exploitation can lead to full system takeover.
CVE-2025-67486 Vulnerability in dolibarr (CVE-2025-67486)
vulnerability in dolibarr (CVE-2025-67486). Successful exploitation can lead to full system takeover.
CVE-2026-44336 Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
CVE-2026-39816 Vulnerability in nifi (CVE-2026-39816)
vulnerability in nifi (CVE-2026-39816). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.9.0` or later.
CVE-2026-25077 Code Injection in apache (CVE-2026-25077)
code injection in apache (CVE-2026-25077). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →