Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23503
Total
1676
Critical
7379
High
7473
Medium
CVE ID Severity Score Description Published
CVE-2025-53830 CRITICAL 9.1 Anti-Virus for ownCloud is an anti-virus application for file storage, synchronization, and sharing application ownCloud. Versions of Anti-Virus for ownCloud before 1.2.3 are vulnerable to … Jul 06, 2026
CVE-2025-53829 HIGH 8.0 ownCloud is a file storage, synchronization, and sharing application. In ownCloud 10 prior to version 10.15.3, an attacker with administrative privileges can exploit a path … Jul 06, 2026
CVE-2025-53828 HIGH 8.5 SharePoint for ownCloud is an application for using SharePoint with the file storage, synchronization, and sharing application ownCloud Classic. In SharePoint for ownCloud prior to … Jul 06, 2026
CVE-2025-53827 CRITICAL 9.1 ownCloud Core is the server-side component of the file storage, synchronization, and sharing application ownCloud Classic. In versions prior to 10.15.3, the Updater on ownCloud … Jul 06, 2026
CVE-2026-7185 UNKNOWN A validation vulnerability has been identified in certain web features related to file management or upload in several products of the TAO 2.0 suite. This … Jul 06, 2026
CVE-2026-58380 HIGH 7.3 A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscanner_gettoken() function writes a null terminator one … Jul 06, 2026
CVE-2026-54893 UNKNOWN URL path injection in the Microsoft Graph adapter of Swoosh. Swoosh.Adapters.MsGraph builds its Microsoft Graph API request URL by interpolating the sender's email address into … Jul 06, 2026
CVE-2026-13698 UNKNOWN A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key … Jul 06, 2026
CVE-2026-13708 HIGH 7.5 Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol. i_readjpeg_wiol walks the marker list libjpeg … Jul 06, 2026
CVE-2026-13705 HIGH 7.1 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle. read_rgb_16_rle … Jul 06, 2026
CVE-2025-15668 LOW 3.3 A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation … Jul 06, 2026
CVE-2025-15667 LOW 3.3 A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gf_isom_nalu_sample_rewrite of the file src/isomedia/avc_ext.c of the component MP4Box. This manipulation … Jul 06, 2026
CVE-2026-6901 HIGH 7.7 Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5. Jul 06, 2026
CVE-2026-6900 HIGH 7.4 Improper certificate validation vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5. Jul 06, 2026
CVE-2026-58226 UNKNOWN Inefficient Algorithmic Complexity vulnerability in elixir-mint hpax allows unauthenticated denial-of-service via unbounded HPACK integer decoding. hpax decodes HPACK variable-length integers with no upper bound on … Jul 06, 2026
CVE-2026-56810 UNKNOWN Allocation of Resources Without Limits or Throttling vulnerability in elixir-mint mint (Mint.HTTP1 module) allows a denial of service via an oversized chunked transfer-encoded response. This … Jul 06, 2026
CVE-2026-4249 HIGH 8.6 The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated … Jul 06, 2026
CVE-2026-49297 HIGH 8.1 Apache Airflow's Google provider operators `GCSToSFTPOperator` and `GCSTimeSpanFileTransformOperator` joined GCS object names returned by the bucket listing API directly to a destination filesystem path without … Jul 06, 2026
CVE-2026-49042 HIGH 7.3 Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade … Jul 06, 2026
CVE-2026-46588 HIGH 7.3 Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended … Jul 06, 2026
CVE-2026-46587 HIGH 7.3 Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended … Jul 06, 2026
CVE-2026-44937 UNKNOWN Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 … Jul 06, 2026
CVE-2026-44936 MEDIUM 5.0 Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, … Jul 06, 2026
CVE-2026-12686 UNKNOWN An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within … Jul 06, 2026
CVE-2025-8591 MEDIUM 6.1 The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an … Jul 06, 2026