Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-1975 A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. The attack ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-1228 The Timeline Block – Beautiful Timeline Builder for WordPress (Vertical & Horizontal Timelines) plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and includ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-1974 A vulnerability was identified in Free5GC up to 4.1.0. This affects the function ResolveNodeIdToIp of the file internal/sbi/processor/datapath.go of the component SMF. The manipulation leads to denial... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-1973 A vulnerability was determined in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. Th... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-1972 A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default c... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-1971 A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cros... | 2.4 | LOW | — | 0 |
| CVE-2026-23623 Collabora Online is a collaborative online office suite based on LibreOffice technology. Prior to Collabora Online Development Edition version 25.04.08.2 and prior to Collabora Online versions 23.05.2... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-24302 Azure Arc Elevation of Privilege Vulnerability | 8.6 | HIGH | — | 0 |
| CVE-2026-24300 Azure Front Door Elevation of Privilege Vulnerability | 9.8 | CRITICAL | — | 0 |
| CVE-2026-21532 Azure Function Information Disclosure Vulnerability | 8.2 | HIGH | — | 0 |
| CVE-2026-0391 User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-68458 Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outs... | 3.7 | LOW | — | 0 |
| CVE-2025-68157 Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) enforces allowedUris only for the initial URL, but... | 3.7 | LOW | — | 0 |
| CVE-2025-32393 AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS ... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25815 Fortinet FortiOS through 7.6.6 allows attackers to decrypt LDAP credentials stored in device configuration files, as exploited in the wild from 2025-12-16 through 2026 (by default, the encryption key ... | 3.2 | LOW | — | 0 |
| CVE-2026-1970 A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redir... | 3.5 | LOW | — | 0 |
| CVE-2026-1964 A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Rem... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-1963 A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access contr... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-1962 A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads ... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-0106 In vpu_mmap of vpu_ioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use... | 9.3 | CRITICAL | — | 0 |
| CVE-2025-12131 A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. | 6.5 | MEDIUM | — | 0 |
| CVE-2026-25630 Rejected reason: Reason: This candidate was issued in error. | N/A | NONE | — | 0 |
| CVE-2026-1301 In builds with PubSub and JSON enabled, a crafted JSON message can cause the decoder to write beyond a heap-allocated array before authentication, reliably crashing the process and corrupting memory. | N/A | NONE | — | 0 |
| CVE-2025-15343 Tanium addressed an incorrect default permissions vulnerability in Enforce. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15342 Tanium addressed an improper access controls vulnerability in Reputation. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15341 Tanium addressed an incorrect default permissions vulnerability in Benchmark. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15340 Tanium addressed an incorrect default permissions vulnerability in Comply. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15339 Tanium addressed an incorrect default permissions vulnerability in Discover. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15338 Tanium addressed an incorrect default permissions vulnerability in Partner Integration. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15337 Tanium addressed an incorrect default permissions vulnerability in Patch. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15336 Tanium addressed an incorrect default permissions vulnerability in Performance. | 6.5 | MEDIUM | — | 0 |
| CVE-2025-15335 Tanium addressed an information disclosure vulnerability in Threat Response. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15334 Tanium addressed an information disclosure vulnerability in Threat Response. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15333 Tanium addressed an information disclosure vulnerability in Threat Response. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15332 Tanium addressed an information disclosure vulnerability in Threat Response. | 4.9 | MEDIUM | — | 0 |
| CVE-2025-15331 Tanium addressed an uncontrolled resource consumption vulnerability in Connect. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15330 Tanium addressed an improper input validation vulnerability in Deploy. | 8.8 | HIGH | — | 0 |
| CVE-2025-15329 Tanium addressed an information disclosure vulnerability in Threat Response. | 4.9 | MEDIUM | — | 0 |
| CVE-2025-15328 Tanium addressed an improper link resolution before file access vulnerability in Enforce. | 5.0 | MEDIUM | — | 0 |
| CVE-2025-15327 Tanium addressed an improper access controls vulnerability in Deploy. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15326 Tanium addressed an improper access controls vulnerability in Patch. | 4.3 | MEDIUM | — | 0 |
| CVE-2025-15325 Tanium addressed an improper input validation vulnerability in Discover. | 6.3 | MEDIUM | — | 0 |
| CVE-2025-15324 Tanium addressed a documentation issue in Engage. | 6.6 | MEDIUM | — | 0 |
| CVE-2025-15323 Tanium addressed an improper certificate validation vulnerability in Tanium Appliance. | 3.7 | LOW | — | 0 |
| CVE-2025-15321 Tanium addressed an improper input validation vulnerability in Tanium Appliance. | 2.7 | LOW | — | 0 |
| CVE-2025-15312 Tanium addressed an improper output sanitization vulnerability in Tanium Appliance. | 6.6 | MEDIUM | — | 0 |
| CVE-2025-15311 Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. | 7.8 | HIGH | — | 0 |
| CVE-2025-15289 Tanium addressed an improper access controls vulnerability in Interact. | 3.1 | LOW | — | 0 |
| CVE-2026-1707 pgAdmin versions 9.11 are affected by a Restore restriction bypass via key disclosure vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. An att... | 7.4 | HIGH | — | 0 |
| CVE-2025-70073 An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function | 7.2 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.