Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23830
Total
1706
Critical
7474
High
7609
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-10261 | HIGH | 7.3 | A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/application_status.php. Executing a manipulation of the … | Jun 01, 2026 |
| CVE-2026-10260 | HIGH | 7.3 | A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /admin/jobs-admins/delete-jobs.php. Performing a manipulation of … | Jun 01, 2026 |
| CVE-2026-10259 | HIGH | 8.8 | A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such … | Jun 01, 2026 |
| CVE-2026-0826 | UNKNOWN | — | In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on … | Jun 01, 2026 |
| CVE-2025-60495 | MEDIUM | 5.5 | A segmentation violation in the gf_media_get_color_info function (/media_tools/isom_tools.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 01, 2026 |
| CVE-2025-60486 | MEDIUM | 5.5 | A heap use-after-free in the dasher_process function (/filters/dasher.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 01, 2026 |
| CVE-2025-60485 | MEDIUM | 5.5 | A segmentation violation in the gf_isom_apple_set_tag_ex function (/isomedia/isom_write.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 01, 2026 |
| CVE-2025-60483 | MEDIUM | 5.5 | A NULL pointer dereference in the gf_ac4_pres_b_4_back_channels_present function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying … | Jun 01, 2026 |
| CVE-2025-60481 | MEDIUM | 5.5 | A NULL pointer dereference in the gf_odf_ac4_cfg_dsi_v1 function (/odf/descriptors.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service (DoS) via supplying … | Jun 01, 2026 |
| CVE-2025-55664 | MEDIUM | 5.5 | A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 01, 2026 |
| CVE-2024-40646 | HIGH | 8.6 | Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path … | Jun 01, 2026 |
| CVE-2026-9309 | MEDIUM | 5.4 | Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior … | Jun 01, 2026 |
| CVE-2026-9308 | MEDIUM | 5.4 | Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string … | Jun 01, 2026 |
| CVE-2026-34193 | MEDIUM | 4.3 | Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the … | Jun 01, 2026 |
| CVE-2026-10532 | UNKNOWN | — | Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObjectInputStream (logback-core) modules) allows Object Injection, albeit heavily restricted. More precisely, an attacker able to … | Jun 01, 2026 |
| CVE-2026-10258 | MEDIUM | 6.3 | A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/add_sub_topic.php. This manipulation of the argument … | Jun 01, 2026 |
| CVE-2026-10257 | MEDIUM | 6.3 | A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/update_ss_img.php. The manipulation of … | Jun 01, 2026 |
| CVE-2026-10256 | MEDIUM | 6.3 | A vulnerability was identified in itsourcecode Content Management System 1.0. This vulnerability affects unknown code of the file /save_comment.php. The manipulation of the argument Name … | Jun 01, 2026 |
| CVE-2026-10255 | MEDIUM | 5.3 | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function sell_statement of the file application/controllers/ShowForm.php. … | Jun 01, 2026 |
| CVE-2026-10254 | MEDIUM | 5.3 | A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file … | Jun 01, 2026 |
| CVE-2026-10253 | HIGH | 7.3 | A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unknown function of the file /manage_payment.php. The manipulation of the argument … | Jun 01, 2026 |
| CVE-2026-10252 | HIGH | 7.3 | A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown function of the file /manage_tenant.php. The manipulation of … | Jun 01, 2026 |
| CVE-2026-10251 | HIGH | 7.3 | A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a … | Jun 01, 2026 |
| CVE-2026-49328 | MEDIUM | 5.3 | Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or … | Jun 01, 2026 |
| CVE-2026-25600 | MEDIUM | 6.4 | The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the … | Jun 01, 2026 |