Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13408
Total
885
Critical
3896
High
4230
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-33727 | MEDIUM | 6.4 | Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Version 6.4 has a local privilege-escalation vulnerability allows code execution as root from the … | Apr 06, 2026 |
| CVE-2026-33405 | LOW | 3.1 | Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, the formatInfo() … | Apr 06, 2026 |
| CVE-2026-31354 | UNKNOWN | — | Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31353 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31352 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML … | Apr 06, 2026 |
| CVE-2026-31351 | MEDIUM | 4.8 | An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via … | Apr 06, 2026 |
| CVE-2026-31350 | UNKNOWN | — | An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload … | Apr 06, 2026 |
| CVE-2026-21382 | HIGH | 7.8 | Memory Corruption when handling power management requests with improperly sized input/output buffers. | Apr 06, 2026 |
| CVE-2026-21381 | HIGH | 7.6 | Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection. | Apr 06, 2026 |
| CVE-2026-21380 | HIGH | 7.8 | Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory. | Apr 06, 2026 |
| CVE-2026-21378 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | Apr 06, 2026 |
| CVE-2026-21376 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | Apr 06, 2026 |
| CVE-2026-21375 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | Apr 06, 2026 |
| CVE-2026-21374 | HIGH | 7.8 | Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation. | Apr 06, 2026 |
| CVE-2026-21373 | HIGH | 7.8 | Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | Apr 06, 2026 |
| CVE-2026-21372 | HIGH | 7.8 | Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations. | Apr 06, 2026 |
| CVE-2026-21371 | HIGH | 7.8 | Memory Corruption when retrieving output buffer with insufficient size validation. | Apr 06, 2026 |
| CVE-2026-21367 | HIGH | 7.6 | Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans. | Apr 06, 2026 |
| CVE-2025-47400 | HIGH | 7.1 | Cryptographic issue while copying data to a destination buffer without validating its size. | Apr 06, 2026 |
| CVE-2025-47392 | HIGH | 8.8 | Memory corruption when decoding corrupted satellite data files with invalid signature offsets. | Apr 06, 2026 |
| CVE-2025-47391 | HIGH | 7.8 | Memory corruption while processing a frame request from user. | Apr 06, 2026 |
| CVE-2025-47390 | HIGH | 7.8 | Memory corruption while preprocessing IOCTL request in JPEG driver. | Apr 06, 2026 |
| CVE-2025-47389 | HIGH | 7.8 | Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. | Apr 06, 2026 |
| CVE-2025-47374 | MEDIUM | 6.5 | Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling. | Apr 06, 2026 |
| CVE-2024-14032 | HIGH | 7.8 | Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as … | Apr 06, 2026 |