Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7717 | HIGH | 8.8 | A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing … | May 04, 2026 |
| CVE-2026-7716 | MEDIUM | 6.3 | A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vulnerability affects unknown code of the file /index.php. Performing … | May 04, 2026 |
| CVE-2026-7715 | MEDIUM | 6.3 | A vulnerability has been found in ravenwits mcp-server-arangodb up to 0.4.7. This affects the function arango_backup of the file src/tools.ts of the component MCP Interface. … | May 04, 2026 |
| CVE-2026-7714 | MEDIUM | 6.5 | A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwa_functions.py of the … | May 04, 2026 |
| CVE-2026-7372 | CRITICAL | 9.0 | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an … | May 04, 2026 |
| CVE-2026-7371 | HIGH | 7.4 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead … | May 04, 2026 |
| CVE-2026-7161 | CRITICAL | 9.3 | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. … | May 04, 2026 |
| CVE-2026-42370 | CRITICAL | 9.0 | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an … | May 04, 2026 |
| CVE-2026-42369 | CRITICAL | 10.0 | GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native … | May 04, 2026 |
| CVE-2026-42368 | CRITICAL | 9.9 | A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. … | May 04, 2026 |
| CVE-2026-42367 | MEDIUM | 6.5 | A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials … | May 04, 2026 |
| CVE-2026-42366 | HIGH | 7.4 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead … | May 04, 2026 |
| CVE-2026-42365 | HIGH | 8.6 | A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to … | May 04, 2026 |
| CVE-2026-42364 | CRITICAL | 9.9 | An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. … | May 04, 2026 |
| CVE-2026-7713 | MEDIUM | 6.3 | A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of the component … | May 04, 2026 |
| CVE-2026-7712 | MEDIUM | 6.3 | A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to … | May 04, 2026 |
| CVE-2026-7711 | HIGH | 7.3 | A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing … | May 04, 2026 |
| CVE-2026-7710 | HIGH | 7.3 | A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. … | May 04, 2026 |
| CVE-2026-6948 | MEDIUM | 4.9 | Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to … | May 04, 2026 |
| CVE-2026-7709 | MEDIUM | 6.3 | A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the component Endpoint. … | May 03, 2026 |
| CVE-2026-7708 | MEDIUM | 4.3 | A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component UDR. This … | May 03, 2026 |
| CVE-2026-7707 | MEDIUM | 4.3 | A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of … | May 03, 2026 |
| CVE-2026-7706 | MEDIUM | 4.3 | A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_service_request of the file /src/amf/gmm-handler.c of the component AMF. The … | May 03, 2026 |
| CVE-2026-7705 | MEDIUM | 6.3 | A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. … | May 03, 2026 |
| CVE-2026-7704 | MEDIUM | 4.3 | A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the … | May 03, 2026 |