Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-41243 OpenLearn is open-source educational forum software. Prior to commit 844b2a40a69d0c4911580fe501923f0b391313ab, when `safeMode` is enabled, unapproved forum posts are hidden from the public list, but t... | N/A | NONE | β | 0 |
| CVE-2026-41211 Vite+ is a unified toolchain and entry point for web development. Prior to version 0.1.17, `downloadPackageManager()` accepts an untrusted `version` string and uses it directly in filesystem paths. A ... | N/A | NONE | β | 0 |
| CVE-2026-41196 Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to ... | N/A | NONE | β | 0 |
| CVE-2026-31652 In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: deallocate damon_call() failure leaking damon_ctx damon_stat_start() always allocates the module's damon_ctx object... | N/A | NONE | β | 0 |
| CVE-2026-31653 In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeat_call_control if damon_call() fails damon_call() for repeat_call_control of DAMON_SYSFS could fail i... | N/A | NONE | β | 0 |
| CVE-2026-4656 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | β | 0 |
| CVE-2026-5189 CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access ... | N/A | NONE | β | 0 |
| CVE-2000-5001 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2005-20001 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2008-20002 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2008-20003 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2025-20628 An insufficient granularity of access control vulnerability exists in PingIDM (formerly ForgeRock Identity Management) where administrators cannot properly configure access rules for Remote Connector ... | N/A | NONE | β | 0 |
| CVE-2026-31654 In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in __mmap_region() commit 605f6586ecf7 ("mm/vma: do not leak memory when .mmap_prepare swaps the file") ha... | N/A | NONE | β | 0 |
| CVE-2026-39937 Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure.Β The issue has been remed... | N/A | NONE | β | 0 |
| CVE-2026-5387 The vulnerability, if exploited, could allow an unauthenticated miscreant to perform operationsΒ intended only for Simulator Instructor or Simulator Developer (Administrator) roles, resulting in privil... | N/A | NONE | β | 0 |
| CVE-2026-39654 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap wp-simple-html-sitemap allows DOM-Based XSS.This issue affects... | N/A | NONE | β | 0 |
| CVE-2009-20012 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-31655 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled Keep the NOC_HDCP clock always enabled to fix the potential hang caused... | N/A | NONE | β | 0 |
| CVE-2010-20110 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2010-20116 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2010-20117 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2010-20118 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2010-20124 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-31656 In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat A use-after-free / refcount underflow is possible when the hear... | N/A | NONE | β | 0 |
| CVE-2011-10031 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-34078 Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at a... | N/A | NONE | β | 0 |
| CVE-2026-31657 In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() can replace claim->backbone_gw and drop the old gatew... | N/A | NONE | β | 0 |
| CVE-2013-10041 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-39686 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in bannersky BSK PDF Manager bsk-pdf-manager allows Retrieve Embedded Sensitive Data.This issue affects BSK PDF... | N/A | NONE | β | 0 |
| CVE-2013-10045 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2013-10056 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-32270 Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 through 5.5.4, the PaymentsController::actionPay discloses some order data to unauthenticated users wh... | N/A | NONE | β | 0 |
| CVE-2026-31658 In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() When dma_map_single() fails in tse_start_xmit(), the functi... | N/A | NONE | β | 0 |
| CVE-2026-41179 Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint `operations/fsinfo... | N/A | NONE | β | 0 |
| CVE-2026-4049 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | β | 0 |
| CVE-2026-41312 pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires ... | N/A | NONE | β | 0 |
| CVE-2014-125120 Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | N/A | NONE | β | 0 |
| CVE-2026-41170 Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the `RestoreController.PostRestoreJob` endpoint allows an administrator to supply an a... | N/A | NONE | β | 0 |
| CVE-2026-0539 Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This s... | N/A | NONE | β | 0 |
| CVE-2026-31434 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group space_info When create_space_info_sub_group() allocates elements of space_info->sub_... | N/A | NONE | β | 0 |
| CVE-2026-41134 Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks (for example: serialization/de... | N/A | NONE | β | 0 |
| CVE-2026-31443 In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix crash when the event log is disabled If reporting errors to the event log is not supported by the hardware, a... | N/A | NONE | β | 0 |
| CVE-2026-3837 An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter im... | N/A | NONE | β | 0 |
| CVE-2026-6019 http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the gene... | N/A | NONE | β | 0 |
| CVE-2026-31448 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if ins... | N/A | NONE | β | 0 |
| CVE-2026-31456 In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk_pud_range() can race with a concur... | N/A | NONE | β | 0 |
| CVE-2026-31460 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check if ext_caps is valid in BL setup LVDS connectors don't have extended backlight caps so check if the pointer... | N/A | NONE | β | 0 |
| CVE-2026-31659 In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the allocation length for a gl... | N/A | NONE | β | 0 |
| CVE-2026-31465 In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB_I_NO_DATA_INTEGRITY superblock flag for fil... | N/A | NONE | β | 0 |
| CVE-2026-3566 Rejected reason: After further discussion, the issue was determined to not meet the criteria for CVE assignment. | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.