Busca de CVEs

363.116 resultados
CVE-2026-13528MEDIUMYunaiV/zhijiantianya ruoyi-vue-pro AppFileController File Upload Endpoint FileServiceImpl.java generateUploadPath path traversalEPSS 0.4%CVE-2026-13527MEDIUMSourceCodester Class and Exam Timetabling System preview4.php sql injectionEPSS 0.3%CVE-2026-13526MEDIUMSourceCodester Class and Exam Timetabling System edit_class.php sql injectionEPSS 0.3%CVE-2026-13525MEDIUMCodeAstro Human Resource Management System Update_Earn_Leave Endpoint Employee_model.php emselectByCode sql injectionEPSS 0.2%CVE-2026-13524MEDIUMCherryHQ cherry-studio MCP OAuth Local Callback Server callback.ts improper authorizationEPSS 0.3%CVE-2026-13523MEDIUMGPAC ISOBMFF base_encoding.c data amplificationEPSS 0.1%CVE-2026-13522MEDIUMInvestintech SlimPDFReader PDF File SlimPDFReader.exe TeighaDo+0x25cde0 out-of-boundsEPSS 0.3%CVE-2026-13521MEDIUMSourceCodester Class and Exam Timetabling System preview5.php sql injectionEPSS 0.3%CVE-2026-13520MEDIUMitsourcecode Hospital Management System Appointment appointmentapproval.php sql injectionEPSS 0.2%CVE-2026-13519HIGHTenda JD12L NatStaticSetting fromNatStaticSetting stack-based overflowEPSS 0.5%CVE-2026-13518HIGHTenda JD12L addressNat fromAddressNat stack-based overflowEPSS 0.5%CVE-2026-13517HIGHTenda JD12L WifiBasicSet formWifiBasicSet stack-based overflowEPSS 0.5%CVE-2026-51221HIGHA buffer overflow in the Get_Attribute_List function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service (DoEPSS 0.4%CVE-2026-57919HIGHPBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENEREPSS 0.1%CVE-2026-51219MEDIUMA heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause EPSS 0.3%CVE-2026-31016MEDIUMCross Site Request Forgery vulnerability in Squidex.io Squidex CMS v.7.21.0 and before allows a remote attacker to escalate privileges via tEPSS 0.2%CVE-2026-37637CRITICALAn issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php componentEPSS 0.5%CVE-2026-36848HIGHGigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.EPSS 0.7%CVE-2026-51218MEDIUMA heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a DEPSS 0.3%CVE-2026-13516HIGHTenda JD12L WifiGuestSet fromSetWifiGusetBasic stack-based overflowEPSS 0.5%