Búsqueda de CVEs
364.399 resultadosCVE-2026-30040MEDIUMA heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the contextEPSS 0.5%CVE-2026-39031MEDIUMLansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-charactEPSS 0.1%CVE-2026-50767MEDIUMA stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 verEPSS 0.2%CVE-2026-38639HIGHAn issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parEPSS 0.4%CVE-2026-38571MEDIUMCleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticatEPSS 0.1%CVE-2026-50766MEDIUMA stored cross-site scripting (XSS) vulnerability in the OPAC item detail page of Koha Library Management System 0 through 25.11 versions alEPSS 0.2%CVE-2026-9222CRITICALSetracker2 Children's Smartwatch Ecosystem Use of password hash instead of password for authenticationEPSS 0.2%CVE-2026-9221HIGHSetracker2 Children's Smartwatch Ecosystem Use of a Broken or Risky Cryptographic AlgorithmEPSS 0.2%CVE-2026-13083MEDIUMPen-drive: pen-drive: stored xss via unescaped cluster data in html reportEPSS 0.2%CVE-2026-13318MEDIUMVirt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ipEPSS 0.1%CVE-2026-13218MEDIUMKubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcherEPSS 0.1%CVE-2026-12993MEDIUMApicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subsetEPSS 0.2%CVE-2026-9220HIGHSetracker2 Children's Smartwatch Ecosystem Use of hard-coded cryptographic keyEPSS 0.2%CVE-2026-9219HIGHSetracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or IdentifiersEPSS 0.2%CVE-2026-43920MEDIUMFOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance executionEPSS 0.5%CVE-2026-40941HIGHCacti: Package Import Signature Validation Bypass Allows Self-Signed PackagesEPSS 0.2%CVE-2026-40084MEDIUMCacti: Arbitrary File Read via Path Traversal in Report `format_file` ParameterEPSS 0.3%CVE-2026-40083HIGHCacti: SQL Injection in managers.phpEPSS 0.3%CVE-2026-40082MEDIUMCacti: Session Fixation via missing session_regenerate_id() after loginEPSS 0.2%CVE-2026-40080MEDIUMCacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirectEPSS 0.2%