Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-43306 |
|
Privilege Escalation in apple (CVE-2025-43306)
vulnerability in apple (CVE-2025-43306). Successful exploitation can lead to full system takeover.
|
| CVE-2025-43290 |
|
Vulnerability in apple (CVE-2025-43290)
vulnerability in apple (CVE-2025-43290). Data can be tampered with by attackers.
|
| CVE-2025-43289 |
|
Vulnerability in apple (CVE-2025-43289)
vulnerability in apple (CVE-2025-43289). Confidential information can be exposed externally.
|
| CVE-2026-9583 |
|
Information Disclosure in CVE-2026-9583 (CVE-2026-9583)
vulnerability in CVE-2026-9583 (CVE-2026-9583). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47672 |
|
Vulnerability in com.oviva.telematik:epa4all-rest-service (CVE-2026-47672)
vulnerability in com.oviva.telematik:epa4all-rest-service (CVE-2026-47672). Data can be tampered with by attackers.
|
| CVE-2026-9573 |
|
Vulnerability in sqli (CVE-2026-9573)
vulnerability in sqli (CVE-2026-9573). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9574 |
|
Vulnerability in sqli (CVE-2026-9574)
vulnerability in sqli (CVE-2026-9574). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9575 |
|
Vulnerability in sqli (CVE-2026-9575)
vulnerability in sqli (CVE-2026-9575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-4051 |
|
Vulnerability in ibm (CVE-2026-4051)
vulnerability in ibm (CVE-2026-4051). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3603 |
|
XXE (XML External Entity) in ibm (CVE-2026-3603)
vulnerability in ibm (CVE-2026-3603). Confidential information can be exposed externally.
|
| CVE-2026-3660 |
|
Authorization Flaw in ibm (CVE-2026-3660)
vulnerability in ibm (CVE-2026-3660). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9170 |
|
Code Injection in dos (CVE-2026-9170)
code injection in dos (CVE-2026-9170). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8633 |
|
Code Injection in ibm (CVE-2026-8633)
code injection in ibm (CVE-2026-8633). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8620 |
|
Vulnerability in ibm (CVE-2026-8620)
vulnerability in ibm (CVE-2026-8620). Confidential information can be exposed externally.
|
| CVE-2026-8835 |
|
Vulnerability in dos (CVE-2026-8835)
vulnerability in dos (CVE-2026-8835). Confidential information can be exposed externally.
|
| CVE-2026-8856 |
|
Vulnerability in dos (CVE-2026-8856)
vulnerability in dos (CVE-2026-8856). Data can be tampered with by attackers.
|
| CVE-2026-8834 |
|
Vulnerability in dos (CVE-2026-8834)
vulnerability in dos (CVE-2026-8834). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8854 |
|
Vulnerability in dos (CVE-2026-8854)
vulnerability in dos (CVE-2026-8854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8855 |
|
Code Injection in dos (CVE-2026-8855)
code injection in dos (CVE-2026-8855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48695 |
|
OS Command Injection in pavel-odintsov (CVE-2026-48695)
OS command injection in pavel-odintsov (CVE-2026-48695). Confidential information can be exposed externally. Exploitable via ``date``.
|
| CVE-2026-48694 |
|
Command Injection in pavel-odintsov (CVE-2026-48694)
command injection in pavel-odintsov (CVE-2026-48694). Confidential information can be exposed externally.
|
| CVE-2026-8850 |
|
Vulnerability in dos (CVE-2026-8850)
vulnerability in dos (CVE-2026-8850). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8852 |
|
Vulnerability in dos (CVE-2026-8852)
vulnerability in dos (CVE-2026-8852). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48903 |
|
Cross-Site Scripting (XSS) in joomla (CVE-2026-48903)
cross-site scripting in joomla (CVE-2026-48903). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48904 |
|
Vulnerability in joomla (CVE-2026-48904)
vulnerability in joomla (CVE-2026-48904). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48905 |
|
Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.
Joomla! Framework - [20260520] - Inadequate content filtering within the cleanAttributes filter code.
|
| CVE-2026-48896 |
|
Joomla! Core - [20260511] - MFA Authentication Bypass
Joomla! Core - [20260511] - MFA Authentication Bypass
|
| CVE-2026-48897 |
|
Joomla! Core - [20260512] - MFA Authentication Bypass
Joomla! Core - [20260512] - MFA Authentication Bypass
|
| CVE-2026-48898 |
|
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
Joomla! Core - [20260513] - Privilege escalation through com_users batch task
|
| CVE-2026-48899 |
|
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
Joomla! Core - [20260515] - Incorrect Access Control in sample data plugins
|
| CVE-2026-48900 |
|
Vulnerability in joomla (CVE-2026-48900)
vulnerability in joomla (CVE-2026-48900). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48901 |
|
Vulnerability in joomla (CVE-2026-48901)
vulnerability in joomla (CVE-2026-48901). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-48902 |
|
Vulnerability in joomla (CVE-2026-48902)
vulnerability in joomla (CVE-2026-48902). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-45836 |
|
Vulnerability in linux (CVE-2026-45836)
vulnerability in linux (CVE-2026-45836). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45834 |
|
Vulnerability in linux (CVE-2026-45834)
vulnerability in linux (CVE-2026-45834). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-45835 |
|
Vulnerability in linux (CVE-2026-45835)
vulnerability in linux (CVE-2026-45835). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40383 |
|
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
|
| CVE-2026-40384 |
|
Path Traversal in joomla (CVE-2026-40384)
path traversal in joomla (CVE-2026-40384). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-35223 |
|
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
Joomla! Core - [20260508] - Improper access check in com_config webservice endpoints
|
| CVE-2026-35220 |
|
Cross-Site Request Forgery (CSRF) in joomla (CVE-2026-35220)
vulnerability in joomla (CVE-2026-35220). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `6.1.1` or later.
|
| CVE-2026-35221 |
|
SQL Injection in joomla (CVE-2026-35221)
SQL injection in joomla (CVE-2026-35221). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-35222 |
|
Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
Joomla! Core - [20260507] - Authenticated blind SQLi in com_tags
|
| CVE-2026-30895 |
|
Joomla! Core - [20260504] - XSS in readmore links
Joomla! Core - [20260504] - XSS in readmore links
|
| CVE-2026-24212 |
|
Vulnerability in nvidia (CVE-2026-24212)
vulnerability in nvidia (CVE-2026-24212). Successful exploitation can lead to full system takeover.
|
| CVE-2026-25900 |
|
Joomla! Core - [20260501] - XSS in feed modules
Joomla! Core - [20260501] - XSS in feed modules
|
| CVE-2026-25901 |
|
Joomla! Core - [20260502] - XSS in com_associations
Joomla! Core - [20260502] - XSS in com_associations
|
| CVE-2026-30894 |
|
Joomla! Core - [20260503] - XSS in com_contenthistory
Joomla! Core - [20260503] - XSS in com_contenthistory
|
| CVE-2026-24162 |
|
Unsafe Deserialization in deserialization (CVE-2026-24162)
vulnerability in deserialization (CVE-2026-24162). Successful exploitation can lead to full system takeover.
|
| CVE-2025-36148 |
|
Cross-Site Scripting (XSS) in ibm (CVE-2025-36148)
cross-site scripting in ibm (CVE-2025-36148). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-36220 |
|
SQL Injection in sqli (CVE-2025-36220)
SQL injection in sqli (CVE-2025-36220). Risk of unauthorized operations or information disclosure.
|