Search Vulnerabilities

Fleet Vulnerable to Windows MDM cross-device command disclosure

Mar 27, 2026

CVE-2026-33215

NATS is vulnerable to MQTT hijacking via Client ID

CVE-2026-23919

Insufficient isolation of JavaScript (Duktape) execution context on Zabbix Server

CVE-2025-15576

Jail chroot escape via fd exchange with a different jail

Mar 9, 2026

CVE-2026-27492

Lettermint Node.js SDK leaks email properties to unintended recipients when client instance is reused

Feb 21, 2026

CVE-2026-23844

Whisper Money has IDOR Vulnerability on sync/balances endpoint

CVE-2026-23646

OpenProject users can delete other user's session, causing them to be logged out

CVE-2025-24934

SO_REUSEPORT_LB breaks connect(2) for UDP sockets

Oct 22, 2025

CVE-2025-47928

CRITICAL

Spotipy repo vulnerable to secrets exfiltration via `pull_request_target`

May 15, 2025

CVE-2025-2312

cifs.upcall makes an upcall to the wrong namespace in containerized environments

CVE-2024-8314

Improper session handling in B&R APROL

CVE-2025-27606

Element Android PIN autologout bypass

Mar 14, 2025

CVE-2025-1247

Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance

Feb 13, 2025

CVE-2023-1907

Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session

Jan 9, 2025

CVE-2024-11094

404 Solution <= 2.35.17 - Missing Authentication to Sensitive Information Exposure

Nov 16, 2024

CVE-2024-7049

Exposure of Token in open-webui/open-webui

Oct 10, 2024

CVE-2024-5148

Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate

Sep 2, 2024

CVE-2024-41977

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8

Aug 13, 2024

CVE-2024-38367

CoacoaPods trunk sessions verification step could be manipulated for owner session hijacking

Jul 1, 2024

CVE-2024-6162

Undertow: url-encoded request path information can be broken on ajp-listener

Jun 20, 2024

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-34391

Fleet Vulnerable to Windows MDM cross-device command disclosure

Mar 27, 2026

CVE-2026-33215

NATS is vulnerable to MQTT hijacking via Client ID

CVE-2026-23919

Insufficient isolation of JavaScript (Duktape) execution context on Zabbix Server

CVE-2025-15576

Jail chroot escape via fd exchange with a different jail

Mar 9, 2026

CVE-2026-27492

Lettermint Node.js SDK leaks email properties to unintended recipients when client instance is reused

Feb 21, 2026

CVE-2026-23844

Whisper Money has IDOR Vulnerability on sync/balances endpoint

CVE-2026-23646

OpenProject users can delete other user's session, causing them to be logged out

CVE-2025-24934

SO_REUSEPORT_LB breaks connect(2) for UDP sockets

Oct 22, 2025

CVE-2025-47928

CRITICAL

Spotipy repo vulnerable to secrets exfiltration via `pull_request_target`

May 15, 2025

CVE-2025-2312

cifs.upcall makes an upcall to the wrong namespace in containerized environments

CVE-2024-8314

Improper session handling in B&R APROL

CVE-2025-27606

Element Android PIN autologout bypass

Mar 14, 2025

CVE-2025-1247

Io.quarkus:quarkus-rest: quarkus rest endpoint request parameter leakage due to shared instance

Feb 13, 2025

CVE-2023-1907

Pgadmin: users authenticated simultaneously via ldap may be attached to the wrong session

Jan 9, 2025

CVE-2024-11094

404 Solution <= 2.35.17 - Missing Authentication to Sensitive Information Exposure

Nov 16, 2024

CVE-2024-7049

Exposure of Token in open-webui/open-webui

Oct 10, 2024

CVE-2024-5148

Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate

Sep 2, 2024

CVE-2024-41977

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8

Aug 13, 2024

CVE-2024-38367

CoacoaPods trunk sessions verification step could be manipulated for owner session hijacking

Jul 1, 2024

CVE-2024-6162