Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Tag: cwe-295 Clear
ID Title
CVE-2026-46734 Vulnerability in dell (CVE-2026-46734)
vulnerability in dell (CVE-2026-46734). Successful exploitation can lead to full system takeover.
CVE-2026-57289 Vulnerability in jenkins (CVE-2026-57289)
vulnerability in jenkins (CVE-2026-57289). Risk of unauthorized operations or information disclosure.
CVE-2025-2669 Vulnerability in ibm (CVE-2025-2669)
vulnerability in ibm (CVE-2025-2669). Data can be tampered with by attackers.
CVE-2024-47477 Vulnerability in dell (CVE-2024-47477)
vulnerability in dell (CVE-2024-47477). Risk of unauthorized operations or information disclosure.
CVE-2026-9258 Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier
CVE-2026-9259 Vulnerability in canon (CVE-2026-9259)
vulnerability in canon (CVE-2026-9259). Confidential information can be exposed externally.
CVE-2026-45175 Vulnerability in paloaltonetworks (CVE-2026-45175)
vulnerability in paloaltonetworks (CVE-2026-45175). Successful exploitation can lead to full system takeover.
CVE-2026-42769 Vulnerability in openssl (CVE-2026-42769)
vulnerability in openssl (CVE-2026-42769). Confidential information can be exposed externally.
CVE-2026-49267 Vulnerability in airflow (CVE-2026-49267)
vulnerability in airflow (CVE-2026-49267). Confidential information can be exposed externally. Exploitable via ``airflow.utils.email``. Mitigation: upgrade to `3.2.2` or later.
CVE-2026-42790 Vulnerability in erlang (CVE-2026-42790)
vulnerability in erlang (CVE-2026-42790). Confidential information can be exposed externally.
CVE-2026-42791 Vulnerability in erlang (CVE-2026-42791)
vulnerability in erlang (CVE-2026-42791). Risk of unauthorized operations or information disclosure.
CVE-2026-42789 Vulnerability in erlang (CVE-2026-42789)
vulnerability in erlang (CVE-2026-42789). Risk of unauthorized operations or information disclosure.
CVE-2026-48249 Vulnerability in CVE-2026-48249 (CVE-2026-48249)
vulnerability in CVE-2026-48249 (CVE-2026-48249). Confidential information can be exposed externally.
CVE-2026-48248 Vulnerability in CVE-2026-48248 (CVE-2026-48248)
vulnerability in CVE-2026-48248 (CVE-2026-48248). Confidential information can be exposed externally.
CVE-2026-48247 Vulnerability in CVE-2026-48247 (CVE-2026-48247)
vulnerability in CVE-2026-48247 (CVE-2026-48247). Confidential information can be exposed externally.
CVE-2026-48246 Vulnerability in CVE-2026-48246 (CVE-2026-48246)
vulnerability in CVE-2026-48246 (CVE-2026-48246). Confidential information can be exposed externally.
CVE-2026-45574 Vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-45574)
vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-45574). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-20042 Vulnerability in Cisco nexus-dashboard (CVE-2026-20042)
vulnerability in Cisco nexus-dashboard (CVE-2026-20042). Confidential information can be exposed externally.
CVE-2026-44900 Vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-44900)
vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-44900). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.1` or later.
CVE-2026-21945 Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-43869 Vulnerability in org.apache.thrift:libthrift (CVE-2026-43869)
vulnerability in org.apache.thrift:libthrift (CVE-2026-43869). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.23.0` or later.
CVE-2026-41603 Vulnerability in apache (CVE-2026-41603)
vulnerability in apache (CVE-2026-41603). Confidential information can be exposed externally.
CVE-2026-40974 Vulnerability in spring (CVE-2026-40974)
vulnerability in spring (CVE-2026-40974). Risk of unauthorized operations or information disclosure.
CVE-2026-40971 Vulnerability in spring (CVE-2026-40971)
vulnerability in spring (CVE-2026-40971). Risk of unauthorized operations or information disclosure.
CVE-2026-40970 Vulnerability in spring (CVE-2026-40970)
vulnerability in spring (CVE-2026-40970). Risk of unauthorized operations or information disclosure.
CVE-2026-22747 Vulnerability in vmware (CVE-2026-22747)
vulnerability in vmware (CVE-2026-22747). Confidential information can be exposed externally.
CVE-2025-40745 Vulnerability in siemens (CVE-2025-40745)
vulnerability in siemens (CVE-2025-40745). Risk of unauthorized operations or information disclosure.
CVE-2026-0233 Vulnerability in paloaltonetworks (CVE-2026-0233)
vulnerability in paloaltonetworks (CVE-2026-0233). Successful exploitation can lead to full system takeover.
CVE-2026-32144 Vulnerability in erlang (CVE-2026-32144)
vulnerability in erlang (CVE-2026-32144). Confidential information can be exposed externally.
CVE-2026-24281 Vulnerability in apache (CVE-2026-24281)
vulnerability in apache (CVE-2026-24281). Confidential information can be exposed externally.
CVE-2026-30794 Vulnerability in rustdesk (CVE-2026-30794)
vulnerability in rustdesk (CVE-2026-30794). Successful exploitation can lead to full system takeover.
CVE-2026-27134 Authentication Bypass in apache (CVE-2026-27134)
authentication bypass in apache (CVE-2026-27134). Successful exploitation can lead to full system takeover.
CVE-2026-24734 Vulnerability in apache (CVE-2026-24734)
vulnerability in apache (CVE-2026-24734). Data can be tampered with by attackers.
CVE-2025-32989 Vulnerability in gnu (CVE-2025-32989)
vulnerability in gnu (CVE-2025-32989). Risk of unauthorized operations or information disclosure.
CVE-2025-24471 Vulnerability in fortinet (CVE-2025-24471)
vulnerability in fortinet (CVE-2025-24471). Data can be tampered with by attackers.
CVE-2024-41334 Vulnerability in draytek (CVE-2024-41334)
vulnerability in draytek (CVE-2024-41334). Successful exploitation can lead to full system takeover.
CVE-2023-41991 KEV [KEV] Vulnerability in Apple multiple-products (CVE-2023-41991)
vulnerability in Apple multiple-products (CVE-2023-41991). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-20963 KEV [KEV] Vulnerability in Android platform/frameworks/base (CVE-2023-20963)
vulnerability in Android platform/frameworks/base (CVE-2023-20963). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `13:2023-03-01` or later.
CVE-2022-42131 Vulnerability in liferay (CVE-2022-42131)
vulnerability in liferay (CVE-2022-42131). Risk of unauthorized operations or information disclosure.
CVE-2022-26923 KEV [KEV] Vulnerability in Microsoft active-directory (CVE-2022-26923)
vulnerability in Microsoft active-directory (CVE-2022-26923). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2020-0601 KEV [KEV] Vulnerability in Microsoft windows (CVE-2020-0601)
vulnerability in Microsoft windows (CVE-2020-0601). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2021-22926 Vulnerability in haxx (CVE-2021-22926)
vulnerability in haxx (CVE-2021-22926). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSLCERT``.
CVE-2020-9488 Vulnerability in org.apache.logging.log4j:log4j (CVE-2020-9488)
vulnerability in org.apache.logging.log4j:log4j (CVE-2020-9488). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.3.2` or later.
CVE-2017-17716 Vulnerability in gitlab (CVE-2017-17716)
vulnerability in gitlab (CVE-2017-17716). Confidential information can be exposed externally.
CVE-2014-3250 Vulnerability in apache (CVE-2014-3250)
vulnerability in apache (CVE-2014-3250). Confidential information can be exposed externally.
CVE-2017-1000209 Vulnerability in nv-websocket-client-project (CVE-2017-1000209)
vulnerability in nv-websocket-client-project (CVE-2017-1000209). Confidential information can be exposed externally.
CVE-2014-2845 Vulnerability in c (CVE-2014-2845)
vulnerability in c (CVE-2014-2845). Confidential information can be exposed externally.
CVE-2017-11770 Vulnerability in csharp (CVE-2017-11770)
vulnerability in csharp (CVE-2017-11770). Risk of unauthorized operations or information disclosure.
CVE-2017-7080 Vulnerability in apple (CVE-2017-7080)
vulnerability in apple (CVE-2017-7080). Data can be tampered with by attackers.
CVE-2017-6144 Vulnerability in f5 (CVE-2017-6144)
vulnerability in f5 (CVE-2017-6144). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →