CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2026-27803 Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, when a Manager has manage=false for a given collection, they can stil... | 8.3 | HIGH | — | 0 |
| CVE-2026-27802 Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Prior to version 1.35.4, there is a privilege escalation vulnerability via bulk permission upd... | 8.3 | HIGH | — | 0 |
| CVE-2026-27801 Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Vaultwarden versions 1.34.3 and prior are susceptible to a 2FA bypass when performing protecte... | 5.9 | MEDIUM | — | 0 |
| CVE-2026-25750 Langchain Helm Charts are Helm charts for deploying Langchain applications on Kubernetes. Prior to langchain-ai/helm version 0.12.71, a URL parameter injection vulnerability existed in LangSmith Studi... | 8.1 | HIGH | — | 0 |
| CVE-2026-22040 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the sam... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-70222 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-68467 Dark Reader is an accessibility browser extension that makes web pages colors dark. The dynamic dark mode feature of the extension works by analyzing the colors of web pages found in CSS style sheet f... | 3.4 | LOW | — | 0 |
| CVE-2025-66024 The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting (XSS) via the Blog Post Title. The... | N/A | NONE | — | 0 |
| CVE-2025-70225 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component | 9.8 | CRITICAL | — | 0 |
| CVE-2025-70221 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-46108 D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3545 Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severi... | 9.6 | CRITICAL | — | 0 |
| CVE-2026-3544 Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High... | 8.8 | HIGH | — | 0 |
| CVE-2026-3543 Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev... | 8.8 | HIGH | — | 0 |
| CVE-2026-3542 Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severi... | 8.8 | HIGH | — | 0 |
| CVE-2026-3541 Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Hig... | 8.8 | HIGH | — | 0 |
| CVE-2026-3540 Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity:... | 8.8 | HIGH | — | 0 |
| CVE-2026-3539 Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a craft... | 8.8 | HIGH | — | 0 |
| CVE-2026-3538 Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Cri... | 8.8 | HIGH | — | 0 |
| CVE-2026-3537 Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security sever... | 8.8 | HIGH | — | 0 |
| CVE-2026-3536 Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Cr... | 8.8 | HIGH | — | 0 |
| CVE-2026-28435 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib (httplib.h) does not enforce Server::set_payload_max_length() on the decompressed request... | 7.5 | HIGH | — | 0 |
| CVE-2026-28434 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom excepti... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-28427 OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1, the service listening on port 57118 serves static files for installed plugins but does not properly sanitize path components. By... | N/A | NONE | — | 0 |
| CVE-2025-70219 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3125 A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloud... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-20064 A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) con... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-20025 A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpecte... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-20024 A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpecte... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-20023 A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacen... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-20022 A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpec... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-20021 A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, adjacent ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-20020 A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpec... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-20016 A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the ... | 6.0 | MEDIUM | — | 0 |
| CVE-2026-0847 A vulnerability in NLTK versions up to and including 3.9.2 allows arbitrary file read via path traversal in multiple CorpusReader classes, including WordListCorpusReader, TaggedCorpusReader, and Brack... | N/A | NONE | — | 0 |
| CVE-2025-70226 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-70223 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-26949 Dell Device Management Agent (DDMA), versions prior to 26.02, contain an Incorrect Authorization vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-20149 A vulnerability in Cisco Webex could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this vulnerability, and no customer action is ... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-20131 A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root o... | 10.0 | CRITICAL | KEV | 0 |
| CVE-2026-20106 A vulnerability in the Remote Access SSL VPN, HTTP management and MUS functionality, of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Softwa... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-20105 A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenti... | 7.7 | HIGH | — | 0 |
| CVE-2026-20103 A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthen... | 8.6 | HIGH | — | 0 |
| CVE-2026-20102 A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attack... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-20101 A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload... | 8.6 | HIGH | — | 0 |
| CVE-2026-20100 A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could ... | 7.7 | HIGH | — | 0 |
| CVE-2026-20082 A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming... | 8.6 | HIGH | — | 0 |
| CVE-2026-20079 A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an a... | 10.0 | CRITICAL | — | 0 |
| CVE-2026-20073 A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to send traf... | 5.8 | MEDIUM | — | 0 |
| CVE-2026-20070 A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthentic... | 6.1 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.