Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-116 Clear
ID Title
CVE-2026-49091 Vulnerability in elastic (CVE-2026-49091)
vulnerability in elastic (CVE-2026-49091). Successful exploitation can lead to full system takeover.
CVE-2026-56379 Vulnerability in imagemagick (CVE-2026-56379)
vulnerability in imagemagick (CVE-2026-56379). Successful exploitation can lead to full system takeover.
CVE-2026-44913 Vulnerability in apache (CVE-2026-44913)
vulnerability in apache (CVE-2026-44913). Successful exploitation can lead to full system takeover.
CVE-2026-54133 Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
CVE-2026-28898 Vulnerability in github.com/apple/swift-nio-http2 (CVE-2026-28898)
vulnerability in github.com/apple/swift-nio-http2 (CVE-2026-28898). Risk of unauthorized operations or information disclosure. Exploitable via ``HTTP2FramePayloadToHTTP1ServerCodec``. Mitigation: upgrade to `1.44.1` or later.
CVE-2026-20245 KEV [KEV] Vulnerability in Cisco catalyst-sd-wan-manager (CVE-2026-20245)
vulnerability in Cisco catalyst-sd-wan-manager (CVE-2026-20245). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-34246 Vulnerability in privilege-escalation (CVE-2026-34246)
vulnerability in privilege-escalation (CVE-2026-34246). Risk of unauthorized operations or information disclosure.
CVE-2026-46496 Vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46496)
vulnerability in @haxtheweb/haxcms-nodejs (CVE-2026-46496). Risk of unauthorized operations or information disclosure. Exploitable via ``source``. Mitigation: upgrade to `26.0.0` or later.
CVE-2026-28907 Vulnerability in apple (CVE-2026-28907)
vulnerability in apple (CVE-2026-28907). Confidential information can be exposed externally.
CVE-2026-20136 Vulnerability in Cisco identity-services-engine (CVE-2026-20136)
vulnerability in Cisco identity-services-engine (CVE-2026-20136). Confidential information can be exposed externally.
CVE-2026-42810 Vulnerability in org.apache.polaris:polaris-core (CVE-2026-42810)
vulnerability in org.apache.polaris:polaris-core (CVE-2026-42810). Successful exploitation can lead to full system takeover. Exploitable via ``TABLE_CREATE``. Mitigation: upgrade to `1.4.1` or later.
CVE-2026-6058 Vulnerability in c (CVE-2026-6058)
vulnerability in c (CVE-2026-6058). Risk of unauthorized operations or information disclosure.
CVE-2024-38475 KEV [KEV] Vulnerability in Apache http-server (CVE-2024-38475)
vulnerability in Apache http-server (CVE-2024-38475). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-48655 Vulnerability in misp-project (CVE-2023-48655)
vulnerability in misp-project (CVE-2023-48655). Successful exploitation can lead to full system takeover.
CVE-2022-42948 KEV [KEV] Cross-Site Scripting (XSS) in Fortra cobalt-strike (CVE-2022-42948)
cross-site scripting in Fortra cobalt-strike (CVE-2022-42948). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2022-24682 KEV [KEV] Cross-Site Scripting (XSS) in Synacor zimbra-collaborate-suite-zcs (CVE-2022-24682)
cross-site scripting in Synacor zimbra-collaborate-suite-zcs (CVE-2022-24682). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2019-6109 Vulnerability in c (CVE-2019-6109)
vulnerability in c (CVE-2019-6109). Confidential information can be exposed externally.
CVE-2017-12340 Vulnerability in cisco (CVE-2017-12340)
vulnerability in cisco (CVE-2017-12340). Risk of unauthorized operations or information disclosure.
CVE-2017-12064 Vulnerability in open-emr (CVE-2017-12064)
vulnerability in open-emr (CVE-2017-12064). Data can be tampered with by attackers.
CVE-2017-8303 Vulnerability in accellion (CVE-2017-8303)
vulnerability in accellion (CVE-2017-8303). Successful exploitation can lead to full system takeover.
CVE-2014-9938 Vulnerability in git-scm (CVE-2014-9938)
vulnerability in git-scm (CVE-2014-9938). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →