Búsqueda de CVEs

364.802 resultados
CVE-2026-50765MEDIUMA stored cross-site scripting (XSS) vulnerability in the patron restriction type administration page of Koha Library Management System 0 thrEPSS 0.2%CVE-2026-50767MEDIUMA stored cross-site scripting (XSS) vulnerability in the item type administration page of Koha Library Management System 0 through 25.11 verEPSS 0.2%CVE-2026-36478HIGHAn issue in Technitium DNS Server v.14.3 and before allows a remote attacker to cause a denial of service via the DnsServerApp.exe, DnsServeEPSS 0.4%CVE-2026-50766MEDIUMA stored cross-site scripting (XSS) vulnerability in the OPAC item detail page of Koha Library Management System 0 through 25.11 versions alEPSS 0.2%CVE-2026-30040MEDIUMA heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the contextEPSS 0.5%CVE-2026-9222CRITICALSetracker2 Children's Smartwatch Ecosystem Use of password hash instead of password for authenticationEPSS 0.2%CVE-2026-9221HIGHSetracker2 Children's Smartwatch Ecosystem Use of a Broken or Risky Cryptographic AlgorithmEPSS 0.2%CVE-2026-13083MEDIUMPen-drive: pen-drive: stored xss via unescaped cluster data in html reportEPSS 0.2%CVE-2026-13318MEDIUMVirt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ipEPSS 0.1%CVE-2026-13218MEDIUMKubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcherEPSS 0.1%CVE-2026-12993MEDIUMApicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subsetEPSS 0.2%CVE-2026-9220HIGHSetracker2 Children's Smartwatch Ecosystem Use of hard-coded cryptographic keyEPSS 0.2%CVE-2026-9219HIGHSetracker2 Children's Smartwatch Ecosystem Generation of Predictable Numbers or IdentifiersEPSS 0.2%CVE-2026-43920MEDIUMFOSSBilling: Unauthenticated update patcher endpoint allows remote maintenance executionEPSS 0.5%CVE-2026-40941HIGHCacti: Package Import Signature Validation Bypass Allows Self-Signed PackagesEPSS 0.2%CVE-2026-40084MEDIUMCacti: Arbitrary File Read via Path Traversal in Report `format_file` ParameterEPSS 0.3%CVE-2026-40083HIGHCacti: SQL Injection in managers.phpEPSS 0.3%CVE-2026-40082MEDIUMCacti: Session Fixation via missing session_regenerate_id() after loginEPSS 0.2%CVE-2026-40080MEDIUMCacti: Open Redirect via HTTP_REFERER substring check in auth_login_redirectEPSS 0.2%CVE-2026-13283HIGHUse after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in sEPSS 0.2%