Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22471
Total
1617
Critical
6868
High
7196
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-47907 | HIGH | 8.2 | Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could … | Jun 09, 2026 |
| CVE-2026-47906 | HIGH | 8.6 | Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the … | Jun 09, 2026 |
| CVE-2026-47106 | MEDIUM | 5.4 | Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP … | Jun 09, 2026 |
| CVE-2026-34710 | HIGH | 7.8 | Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-34709 | HIGH | 7.8 | Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-32856 | MEDIUM | 6.1 | Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a … | Jun 09, 2026 |
| CVE-2026-11824 | HIGH | 7.8 | SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary … | Jun 09, 2026 |
| CVE-2026-11822 | HIGH | 7.8 | SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code … | Jun 09, 2026 |
| CVE-2026-8863 | HIGH | 7.8 | Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use … | Jun 09, 2026 |
| CVE-2026-40639 | MEDIUM | 5.7 | Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation … | Jun 09, 2026 |
| CVE-2026-39170 | MEDIUM | 6.3 | SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php. | Jun 09, 2026 |
| CVE-2026-39169 | HIGH | 7.5 | SEMCMS 5.0 is vulnerable to unauthorized access in SEMCMS_copy.php. | Jun 09, 2026 |
| CVE-2026-36823 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36822 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the macAddr parameter of the formDelStaState function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36821 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36820 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36819 | HIGH | 7.5 | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36818 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36817 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36816 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36815 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36813 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36811 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picName parameter of the formDelwebAuthPic function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36810 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the gotoUrl parameter of the formPortalAuth function. This vulnerability … | Jun 09, 2026 |
| CVE-2026-36809 | UNKNOWN | — | Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteID parameter of the formModifyWebAuthWhiteUser function. This vulnerability … | Jun 09, 2026 |