Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-2770 |
|
Use-After-Free in mozilla (CVE-2026-2770)
vulnerability in mozilla (CVE-2026-2770). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2776 |
|
Buffer Overflow in mozilla (CVE-2026-2776)
vulnerability in mozilla (CVE-2026-2776). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2775 |
|
Vulnerability in mozilla (CVE-2026-2775)
vulnerability in mozilla (CVE-2026-2775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2759 |
|
Vulnerability in mozilla (CVE-2026-2759)
vulnerability in mozilla (CVE-2026-2759). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2761 |
|
Vulnerability in mozilla (CVE-2026-2761)
vulnerability in mozilla (CVE-2026-2761). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2774 |
|
Vulnerability in mozilla (CVE-2026-2774)
vulnerability in mozilla (CVE-2026-2774). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2758 |
|
Use-After-Free in mozilla (CVE-2026-2758)
vulnerability in mozilla (CVE-2026-2758). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2757 |
|
Vulnerability in mozilla (CVE-2026-2757)
vulnerability in mozilla (CVE-2026-2757). Successful exploitation can lead to full system takeover.
|
| CVE-2026-2786 |
|
Use-After-Free in mozilla (CVE-2026-2786)
vulnerability in mozilla (CVE-2026-2786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25985 |
|
Vulnerability in imagemagick (CVE-2026-25985)
vulnerability in imagemagick (CVE-2026-25985). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25965 |
|
Path Traversal in path-traversal (CVE-2026-25965)
path traversal in path-traversal (CVE-2026-25965). Confidential information can be exposed externally.
|
| CVE-2026-25969 |
|
Vulnerability in c (CVE-2026-25969)
vulnerability in c (CVE-2026-25969). Risk of unauthorized operations or information disclosure. Exploitable via ``WriteASHLARImage``.
|
| CVE-2026-25968 |
|
Vulnerability in c (CVE-2026-25968)
vulnerability in c (CVE-2026-25968). Confidential information can be exposed externally.
|
| CVE-2026-25794 |
|
Vulnerability in c (CVE-2026-25794)
vulnerability in c (CVE-2026-25794). Risk of unauthorized operations or information disclosure. Exploitable via ``WriteUHDRImage``.
|
| CVE-2026-25108 KEV |
|
[KEV] OS Command Injection in Soliton systems k.k soliton-systems-kk (CVE-2026-25108)
OS command injection in Soliton systems k.k soliton-systems-kk (CVE-2026-25108). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-25747 |
|
Unsafe Deserialization in apache (CVE-2026-25747)
vulnerability in apache (CVE-2026-25747). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27134 |
|
Authentication Bypass in apache (CVE-2026-27134)
authentication bypass in apache (CVE-2026-27134). Successful exploitation can lead to full system takeover.
|
| CVE-2025-68461 KEV |
|
[KEV] Cross-Site Scripting (XSS) in Roundcube webmail (CVE-2025-68461)
cross-site scripting in Roundcube webmail (CVE-2025-68461). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-49113 KEV |
|
[KEV] Unsafe Deserialization in Roundcube webmail (CVE-2025-49113)
vulnerability in Roundcube webmail (CVE-2025-49113). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22175 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in gitlab (CVE-2021-22175)
SSRF in gitlab (CVE-2021-22175). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-22769 KEV |
|
[KEV] Vulnerability in Dell recoverpoint-for-virtual-machines-rp4vms (CVE-2026-22769)
vulnerability in Dell recoverpoint-for-virtual-machines-rp4vms (CVE-2026-22769). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-24734 |
|
Vulnerability in apache (CVE-2026-24734)
vulnerability in apache (CVE-2026-24734). Data can be tampered with by attackers.
|
| CVE-2020-7796 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Synacor zimbra-collaboration-suite (CVE-2020-7796)
SSRF in Synacor zimbra-collaboration-suite (CVE-2020-7796). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-7694 KEV |
|
[KEV] Unrestricted File Upload in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694)
vulnerability in Teamt5 threatsonar-anti-ransomware (CVE-2024-7694). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2008-0015 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2008-0015)
vulnerability in Microsoft windows (CVE-2008-0015). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2441 KEV |
|
[KEV] Use-After-Free in Google chromium (CVE-2026-2441)
vulnerability in Google chromium (CVE-2026-2441). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-2447 |
|
Vulnerability in mozilla (CVE-2026-2447)
vulnerability in mozilla (CVE-2026-2447). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1731 KEV |
|
[KEV] OS Command Injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731)
OS command injection in Beyondtrust remote-support-rs-and-privileged-remote-access-pra (CVE-2026-1731). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20700 KEV |
|
[KEV] Buffer Overflow in Apple multiple-products (CVE-2026-20700)
vulnerability in Apple multiple-products (CVE-2026-20700). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-15556 KEV |
|
[KEV] Vulnerability in Notepad++ notepad (CVE-2025-15556)
vulnerability in Notepad++ notepad (CVE-2025-15556). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-43468 KEV |
|
[KEV] SQL Injection in Microsoft configuration-manager (CVE-2024-43468)
SQL injection in Microsoft configuration-manager (CVE-2024-43468). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-40536 KEV |
|
[KEV] Vulnerability in Solarwinds web-help-desk (CVE-2025-40536)
vulnerability in Solarwinds web-help-desk (CVE-2025-40536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-46310 |
|
Privilege Escalation in apple (CVE-2025-46310)
vulnerability in apple (CVE-2025-46310). Data can be tampered with by attackers.
|
| CVE-2025-43403 |
|
Vulnerability in apple (CVE-2025-43403)
vulnerability in apple (CVE-2025-43403). Confidential information can be exposed externally.
|
| CVE-2026-21527 |
|
Vulnerability in microsoft (CVE-2026-21527)
vulnerability in microsoft (CVE-2026-21527). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-64157 |
|
Vulnerability in fortinet (CVE-2025-64157)
vulnerability in fortinet (CVE-2025-64157). Successful exploitation can lead to full system takeover.
|
| CVE-2025-55018 |
|
Vulnerability in fortinet (CVE-2025-55018)
vulnerability in fortinet (CVE-2025-55018). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-21525 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21525)
vulnerability in Microsoft windows (CVE-2026-21525). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21510 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21510)
vulnerability in Microsoft windows (CVE-2026-21510). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21533 KEV |
|
[KEV] Privilege Escalation in Microsoft windows (CVE-2026-21533)
vulnerability in Microsoft windows (CVE-2026-21533). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21513 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21513)
vulnerability in Microsoft windows (CVE-2026-21513). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21519 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-21519)
vulnerability in Microsoft windows (CVE-2026-21519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-21514 KEV |
|
[KEV] Vulnerability in Microsoft office (CVE-2026-21514)
vulnerability in Microsoft office (CVE-2026-21514). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-24423 KEV |
|
[KEV] Vulnerability in Smartertools smartermail (CVE-2026-24423)
vulnerability in Smartertools smartermail (CVE-2026-24423). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-11953 KEV |
|
[KEV] OS Command Injection in React native community react-native-community (CVE-2025-11953)
OS command injection in React native community react-native-community (CVE-2025-11953). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-40551 KEV |
|
[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551)
vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-39935 KEV |
|
[KEV] SSRF (Server-Side Request Forgery) in Gitlab community-and-enterprise-editions (CVE-2021-39935)
SSRF in Gitlab community-and-enterprise-editions (CVE-2021-39935). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-19006 KEV |
|
[KEV] Authentication Bypass in Sangoma freepbx (CVE-2019-19006)
authentication bypass in Sangoma freepbx (CVE-2019-19006). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-64328 KEV |
|
[KEV] OS Command Injection in Sangoma freepbx (CVE-2025-64328)
OS command injection in Sangoma freepbx (CVE-2025-64328). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2025-24293 |
|
Command Injection in CVE-2025-24293 (CVE-2025-24293)
command injection in CVE-2025-24293 (CVE-2025-24293). Successful exploitation can lead to full system takeover.
|