Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9207 |
|
Tanium addressed an unauthorized code execution vulnerability in Connect.
Tanium addressed an unauthorized code execution vulnerability in Connect.
|
| CVE-2026-9632 |
|
Buffer Overflow in CVE-2026-9632 (CVE-2026-9632)
vulnerability in CVE-2026-9632 (CVE-2026-9632). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9627 |
|
Buffer Overflow in CVE-2026-9627 (CVE-2026-9627)
vulnerability in CVE-2026-9627 (CVE-2026-9627). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9631 |
|
Buffer Overflow in CVE-2026-9631 (CVE-2026-9631)
vulnerability in CVE-2026-9631 (CVE-2026-9631). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9628 |
|
Buffer Overflow in CVE-2026-9628 (CVE-2026-9628)
vulnerability in CVE-2026-9628 (CVE-2026-9628). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49014 |
|
Vulnerability in gdal (CVE-2026-49014)
vulnerability in gdal (CVE-2026-49014). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.13.1` or later.
|
| CVE-2026-44705 |
|
Path Traversal in tmp (CVE-2026-44705)
path traversal in tmp (CVE-2026-44705). Data can be tampered with by attackers. Exploitable via ``prefix``. Mitigation: upgrade to `0.2.6` or later.
|
| CVE-2026-9606 |
|
Vulnerability in sqli (CVE-2026-9606)
vulnerability in sqli (CVE-2026-9606). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9605 |
|
Buffer Overflow in c (CVE-2026-9605)
vulnerability in c (CVE-2026-9605). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9312 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-9312)
SSRF in ssrf (CVE-2026-9312). Confidential information can be exposed externally.
|
| CVE-2026-42462 |
|
Vulnerability in @fedify/fedify (CVE-2026-42462)
vulnerability in @fedify/fedify (CVE-2026-42462). Data can be tampered with by attackers. Exploitable via ``Activity``. Mitigation: upgrade to `1.9.11` or later.
|
| CVE-2026-42089 |
|
Vulnerability in yeoman-environment (CVE-2026-42089)
vulnerability in yeoman-environment (CVE-2026-42089). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `6.0.1` or later.
|
| CVE-2026-34986 |
|
Vulnerability in github.com/go-jose/go-jose/v3 (CVE-2026-34986)
vulnerability in github.com/go-jose/go-jose/v3 (CVE-2026-34986). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.0.5` or later.
|
| CVE-2026-5260 |
|
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret...
|
| CVE-2026-9584 |
|
A security vulnerability has been detected in code-projects Project Management System 1.0....
A security vulnerability has been detected in code-projects Project Management System 1.0....
|
| CVE-2026-44905 |
|
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza....
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN.1 decoder accepts the structure as syntactically val...
|
| CVE-2026-43988 |
|
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When pro...
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing corrupted ASN.1/OER structures (e.g., invalid length fi...
|
| CVE-2026-42013 |
|
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ...
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name ...
|
| CVE-2025-46284 |
|
Vulnerability in apple (CVE-2025-46284)
vulnerability in apple (CVE-2025-46284). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42012 |
|
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a...
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a...
|
| CVE-2025-43306 |
|
Privilege Escalation in apple (CVE-2025-43306)
vulnerability in apple (CVE-2025-43306). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9580 |
|
Vulnerability in CVE-2026-9580 (CVE-2026-9580)
vulnerability in CVE-2026-9580 (CVE-2026-9580). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8676 |
|
Vulnerability in CVE-2026-8676 (CVE-2026-8676)
vulnerability in CVE-2026-8676 (CVE-2026-8676). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44847 |
|
Authentication Bypass in django (CVE-2026-44847)
authentication bypass in django (CVE-2026-44847). Data can be tampered with by attackers. Mitigation: upgrade to `2.9.0` or later.
|
| CVE-2025-14361 |
|
Vulnerability in CVE-2025-14361 (CVE-2025-14361)
vulnerability in CVE-2025-14361 (CVE-2025-14361). Data can be tampered with by attackers.
|
| CVE-2026-9573 |
|
Vulnerability in sqli (CVE-2026-9573)
vulnerability in sqli (CVE-2026-9573). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9575 |
|
Vulnerability in sqli (CVE-2026-9575)
vulnerability in sqli (CVE-2026-9575). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9574 |
|
Vulnerability in sqli (CVE-2026-9574)
vulnerability in sqli (CVE-2026-9574). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8890 |
|
Vulnerability in CVE-2026-8890 (CVE-2026-8890)
vulnerability in CVE-2026-8890 (CVE-2026-8890). Confidential information can be exposed externally.
|
| CVE-2026-4051 |
|
Vulnerability in ibm (CVE-2026-4051)
vulnerability in ibm (CVE-2026-4051). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3603 |
|
XXE (XML External Entity) in ibm (CVE-2026-3603)
vulnerability in ibm (CVE-2026-3603). Confidential information can be exposed externally.
|
| CVE-2026-9560 |
|
OS Command Injection in privilege-escalation (CVE-2026-9560)
OS command injection in privilege-escalation (CVE-2026-9560). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8835 |
|
Vulnerability in dos (CVE-2026-8835)
vulnerability in dos (CVE-2026-8835). Confidential information can be exposed externally.
|
| CVE-2026-8856 |
|
Vulnerability in dos (CVE-2026-8856)
vulnerability in dos (CVE-2026-8856). Data can be tampered with by attackers.
|
| CVE-2026-8834 |
|
Vulnerability in dos (CVE-2026-8834)
vulnerability in dos (CVE-2026-8834). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7454 |
|
Vulnerability in autodesk (CVE-2026-7454)
vulnerability in autodesk (CVE-2026-7454). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8620 |
|
Vulnerability in ibm (CVE-2026-8620)
vulnerability in ibm (CVE-2026-8620). Confidential information can be exposed externally.
|
| CVE-2026-8855 |
|
Code Injection in dos (CVE-2026-8855)
code injection in dos (CVE-2026-8855). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8854 |
|
Vulnerability in dos (CVE-2026-8854)
vulnerability in dos (CVE-2026-8854). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48694 |
|
Command Injection in pavel-odintsov (CVE-2026-48694)
command injection in pavel-odintsov (CVE-2026-48694). Confidential information can be exposed externally.
|
| CVE-2026-7451 |
|
Out-of-Bounds Write in autodesk (CVE-2026-7451)
out-of-bounds write in autodesk (CVE-2026-7451). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7452 |
|
Vulnerability in autodesk (CVE-2026-7452)
vulnerability in autodesk (CVE-2026-7452). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48695 |
|
OS Command Injection in pavel-odintsov (CVE-2026-48695)
OS command injection in pavel-odintsov (CVE-2026-48695). Confidential information can be exposed externally. Exploitable via ``date``.
|
| CVE-2026-24191 |
|
Vulnerability in dos (CVE-2026-24191)
vulnerability in dos (CVE-2026-24191). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24196 |
|
Out-of-Bounds Read in dos (CVE-2026-24196)
vulnerability in dos (CVE-2026-24196). Confidential information can be exposed externally.
|
| CVE-2026-24195 |
|
Vulnerability in dos (CVE-2026-24195)
vulnerability in dos (CVE-2026-24195). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24200 |
|
Use-After-Free in dos (CVE-2026-24200)
vulnerability in dos (CVE-2026-24200). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24187 |
|
Use-After-Free in dos (CVE-2026-24187)
vulnerability in dos (CVE-2026-24187). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24192 |
|
Vulnerability in dos (CVE-2026-24192)
vulnerability in dos (CVE-2026-24192). Successful exploitation can lead to full system takeover.
|
| CVE-2026-24190 |
|
Vulnerability in dos (CVE-2026-24190)
vulnerability in dos (CVE-2026-24190). Successful exploitation can lead to full system takeover.
|