Search

28,567 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM6.5CVE-2026-49144browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server6/3/2026
MEDIUM5.4CVE-2026-33244React Router has stored XSS via unescaped Location header in prerendered redirect HTML6/3/2026
MEDIUM6.3CVE-2026-49943CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP AS_PATH mask matching implementation i…6/2/2026
MEDIUM4.3CVE-2026-46605EPSS 0.06%Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing d…6/1/2026
MEDIUM6.1CVE-2026-42253EPSS 0.17%Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web.6/1/2026
MEDIUM5.9CVE-2026-49270EPSS 0.09%Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All.6/1/2026
MEDIUM4.3CVE-2026-10294EPSS 0.03%A vulnerability has been found in PackageKit up to 1.3.5.6/1/2026
MEDIUM4.3CVE-2026-45729EPSS 0.03%Thor Vector Graphics (ThorVG) is a production-ready vector graphics engine.6/1/2026
MEDIUM5.0CVE-2026-10275EPSS 0.06%A flaw has been found in OpenSC up to 0.26.1.6/1/2026
MEDIUM5.5CVE-2025-60495EPSS 0.01%A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows a…6/1/2026
MEDIUM5.5CVE-2025-60486EPSS 0.01%A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a…6/1/2026
MEDIUM5.5CVE-2025-60485EPSS 0.01%A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows att…6/1/2026
MEDIUM5.5CVE-2025-60483EPSS 0.01%A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before…6/1/2026
MEDIUM5.5CVE-2025-60481EPSS 0.01%A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attacker…6/1/2026
MEDIUM5.5CVE-2025-55664EPSS 0.01%A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of S…6/1/2026
MEDIUM6.5CVE-2026-47411praisonai-platform: Any workspace member can rewrite workspace name, description, and settings via PATCH /workspaces/{id}6/1/2026
MEDIUM4.3CVE-2026-9807EPSS 0.01%Incorrect Authorization in GitLab6/1/2026
MEDIUM6.5CVE-2026-49095EPSS 0.04%Improper Input Validation in Kibana Fleet Leading to Privilege Escalation6/1/2026
MEDIUM6.5CVE-2026-49094EPSS 0.04%Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6/1/2026
MEDIUM6.3CVE-2026-49093EPSS 0.03%Server-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network Access6/1/2026
MEDIUM5.4CVE-2026-42401EPSS 0.02%Improper Neutralization of Input During Web Page Generation in Kibana Leading to Stored HTML Injection6/1/2026
MEDIUM6.5CVE-2026-42400EPSS 0.04%Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6/1/2026
MEDIUM6.5CVE-2026-42399EPSS 0.04%Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6/1/2026
MEDIUM6.5CVE-2026-33464EPSS 0.04%Uncontrolled Resource Consumption in Kibana Leading to Denial of Service6/1/2026
MEDIUM5.3CVE-2026-33463EPSS 0.05%Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access6/1/2026

Page 1 of 1143Next →