Export limit exceeded: 352119 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 352119 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (352119 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44071 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 3.7 Low |
| Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFY_SOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection. | ||||
| CVE-2026-5434 | 2026-05-21 | 5.9 Medium | ||
| Honeywell Control Network Module (CNM) contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data. | ||||
| CVE-2026-27349 | 2026-05-21 | 4.3 Medium | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5. | ||||
| CVE-2026-42001 | 1 Powerdns | 1 Authoritative | 2026-05-21 | 7.5 High |
| Insufficient Validation of Autoprimary SOA Queries | ||||
| CVE-2026-41999 | 1 Powerdns | 1 Authoritative | 2026-05-21 | 4.8 Medium |
| Incorrect Behaviour of Views with TCP PROXY Requests | ||||
| CVE-2023-4669 | 1 Exagate | 2 Sysguard 3001, Sysguard 3001 Firmware | 2026-05-21 | 9.8 Critical |
| Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass. This issue affects SYSGuard 3001: before 3.2.20.0. | ||||
| CVE-2026-8974 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-05-21 | 8.8 High |
| Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. | ||||
| CVE-2026-8975 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-05-21 | 8.8 High |
| Memory safety bugs present in Thunderbird 140.10 and Thunderbird 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11. | ||||
| CVE-2025-67972 | 2 Fox-themes, Wordpress | 2 Prague, Wordpress | 2026-05-21 | 4.3 Medium |
| Missing Authorization vulnerability in Zoho Mail Zoho ZeptoMail allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zoho ZeptoMail: from n/a through 3.2.9. | ||||
| CVE-2023-4674 | 1 Yaztekteknoloji | 1 E-commerce | 2026-05-21 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yaztek Software Technologies and Computer Systems E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: through 20231229. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-4670 | 1 Innosa Probbys Project | 1 Innosa Probbys | 2026-05-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Innosa Probbys allows SQL Injection. This issue affects Probbys: before 2. | ||||
| CVE-2023-4671 | 1 Talentyazilim | 1 Ecop | 2026-05-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection. This issue affects ECOP: before 32255. | ||||
| CVE-2023-4672 | 1 Talentyazilim | 1 Ecop | 2026-05-21 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS. This issue affects ECOP: before 32255. | ||||
| CVE-2026-39047 | 1 Epson | 1 L14150 | 2026-05-21 | 7.5 High |
| Buffer Overflow vulnerability in EPSON L14150 FL27PB allows a remote attacker to execute arbitrary code via the RAW Printing Service (JetDirect) on TCP port 9100 | ||||
| CVE-2026-44926 | 1 Veritas | 1 Infoscale | 2026-05-21 | 8.8 High |
| InfoScale CmdServer before 7.4.2 mishandles access control. | ||||
| CVE-2026-30691 | 1 Cyntler | 1 React-doc-viewer | 2026-05-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode | ||||
| CVE-2023-4673 | 1 Sanalogi | 1 Turasistan | 2026-05-21 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sanalogy Turasistan allows SQL Injection. This issue affects Turasistan: before 20230911 . | ||||
| CVE-2026-9064 | 1 Redhat | 3 Directory Server, Enterprise Linux, Redhat Directory Server | 2026-05-21 | 7.5 High |
| A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls within the default maximum BER message size (2 MB), causing excessive CPU consumption and heap allocation on the server. Under concurrent exploitation, this leads to significant latency degradation, worker thread starvation, or out-of-memory termination, resulting in a denial of service. | ||||
| CVE-2026-22314 | 1 Mesalvo | 2 Meona Client Launcher Component, Meona Server Component | 2026-05-21 | 9 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020. | ||||
| CVE-2026-0856 | 1 Mesalvo | 2 Meona Client Launcher Component, Meona Server Component | 2026-05-21 | 7.8 High |
| Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server Component: through 2025.04 5+323020. | ||||