Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363406 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363406 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27405 3 Fedoraproject, Freetype, Redhat 4 Fedora, Freetype, Enterprise Linux and 1 more 2026-07-05 7.5 High
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
CVE-2023-26998 1 Netscout 1 Ngeniusone 2026-07-05 5.4 Medium
Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.
CVE-2023-43336 1 Sangoma 1 Freepbx 2026-07-05 8.8 High
Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101.
CVE-2023-41013 1 Icewarp 1 Icewarp 2026-07-05 6.1 Medium
Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field.
CVE-2026-14687 1 666ghj 1 Bettafish 2026-07-05 5.3 Medium
A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function _deduplicate_results of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
CVE-2023-37728 1 Icewarp 1 Icewarp 2026-07-05 6.1 Medium
IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter.
CVE-2020-26037 1 Evenbalance 1 Punkbuster 2026-07-05 9.8 Critical
Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code.
CVE-2021-36580 1 Icewarp 2 Icewarp Server, Mail Server 2026-07-05 6.1 Medium
Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.
CVE-2020-22623 1 Insightsoftware 1 Jreport 2026-07-05 7.5 High
Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information.
CVE-2023-29863 1 Medisys 1 Weblab 2026-07-05 9.8 Critical
Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files.
CVE-2023-22985 1 Simple Guestbook Management System Project 1 Simple Guestbook Management System 2026-07-05 6.1 Medium
Sourcecodester Simple Guestbook Management System version 1 is vulnerable to Cross Site Scripting (XSS) via Name, Referrer, Location, and Comments.
CVE-2022-45551 1 Zbt 2 We1626, We1626 Firmware 2026-07-05 9.8 Critical
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint.
CVE-2021-35269 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 7.8 High
NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges.
CVE-2021-35268 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 6.7 Medium
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges.
CVE-2021-35267 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 7.8 High
NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root.
CVE-2021-35266 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 7.8 High
In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution.
CVE-2021-33289 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 7.8 High
In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.
CVE-2021-33287 4 Debian, Fedoraproject, Redhat and 1 more 5 Debian Linux, Fedora, Advanced Virtualization and 2 more 2026-07-05 6.7 Medium
In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.
CVE-2022-31358 1 Proxmox 1 Virtual Environment 2026-07-05 9 Critical
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.
CVE-2021-26787 1 Genesys 1 Workforce Management 2026-07-05 6.1 Medium
A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter.