Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
14094
Total
949
Critical
4140
High
4452
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-3882 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Apr 01, 2026 |
| CVE-2026-32929 | HIGH | 7.8 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product. | Apr 01, 2026 |
| CVE-2026-32928 | HIGH | 7.8 | V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the … | Apr 01, 2026 |
| CVE-2026-32927 | HIGH | 7.8 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected … | Apr 01, 2026 |
| CVE-2026-32926 | HIGH | 7.8 | V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected … | Apr 01, 2026 |
| CVE-2026-32925 | HIGH | 7.8 | V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the … | Apr 01, 2026 |
| CVE-2025-66487 | LOW | 2.7 | IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email … | Apr 01, 2026 |
| CVE-2025-66486 | MEDIUM | 4.8 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed … | Apr 01, 2026 |
| CVE-2025-66485 | MEDIUM | 5.4 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow … | Apr 01, 2026 |
| CVE-2025-66484 | MEDIUM | 5.5 | IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI … | Apr 01, 2026 |
| CVE-2025-66483 | MEDIUM | 6.3 | IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on … | Apr 01, 2026 |
| CVE-2025-36375 | MEDIUM | 6.5 | IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and IBM DataPower Gateway 10.6.0 10.6.0.0 through 10.6.0.8 IBM DataPower … | Apr 01, 2026 |
| CVE-2025-0711 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Apr 01, 2026 |
| CVE-2026-5313 | MEDIUM | 4.3 | A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbi__gif_load_next in the library stb_image.h of the component GIF … | Apr 01, 2026 |
| CVE-2026-3987 | UNKNOWN | — | A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated remote attacker to execute arbitrary code … | Apr 01, 2026 |
| CVE-2026-34572 | HIGH | 8.8 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34571 | CRITICAL | 9.9 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, a Stored … | Apr 01, 2026 |
| CVE-2026-34570 | UNKNOWN | — | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34569 | CRITICAL | 9.9 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34568 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34567 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34566 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34565 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34564 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |
| CVE-2026-34563 | CRITICAL | 9.1 | CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application … | Apr 01, 2026 |