Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,724
Quick preset (or use dates below)
Clear Filters
Showing 10,601 - 10,620 of 14,108 CVEs
CVE-2026-26999 HIGH - 7.5

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before t...

Vendor: go
Product: github.com/traefik/traefik/v2
Published: Mar 04, 2026
Source: GitHub
CVE-2026-20105 HIGH - 7.7

A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to exhaust device memory resulting in a denial of...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20103 HIGH - 8.6

A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust device memory resulting in a denial of service (DoS) condition t...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20101 HIGH - 8.6

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability is due to insufficient error chec...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20100 HIGH - 7.7

A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload un...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20082 HIGH - 8.6

A vulnerability in the handling of the embryonic connection limits in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause incoming TCP SYN packets to be dropped incorrectly. This vulnerability is due to improper handling of new...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20062 HIGH - 7.2

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This vulnera...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20049 HIGH - 7.7

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv2) IPsec traffic of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to ...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20039 HIGH - 8.6

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability ...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD
CVE-2026-20014 HIGH - 7.7

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, remote attacker with valid VPN user credentials to cause a DoS condition on an affected device that may also impact the availability of services to devices elsewhere...

Vendor: Cisco
Product: Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software
Published: Mar 04, 2026
Source: NVD

The XWiki blog application allows users of the XWiki platform to create and manage blog posts. Versions prior to 9.15.7 are vulnerable to Stored Cross-Site Scripting (XSS) via the Blog Post Title. The vulnerability arises because the post title is injected directly into the HTML <title> tag wi...

Vendor: maven
Product: org.xwiki.contrib.blog:application-blog-ui
Published: Mar 04, 2026
Source: GitHub
CVE-2026-20002 HIGH - 8.1

A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inadequate validation of user-supplied input. An attacker could exploit this vulner...

Vendor: Cisco
Product: Cisco Secure Firewall Management Center (FMC)
Published: Mar 04, 2026
Source: NVD
CVE-2019-25507 HIGH - 8.2

Ashop Shopping Cart Software contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'shop' parameter. Attackers can send GET requests to index.php with malicious 'shop' values using UNION-base...

Vendor: Ashopsoftware
Product: Ashop Shopping Cart Software
Published: Mar 04, 2026
Source: NVD
CVE-2019-25506 HIGH - 8.2

FreeSMS 2.1.2 contains a boolean-based blind SQL injection vulnerability in the password parameter that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login endpoint. Attackers can exploit the vulnerable password parameter in requests to /pages/crc_handle...

Vendor: Freesms
Product: FreeSMS
Published: Mar 04, 2026
Source: NVD
CVE-2019-25505 HIGH - 7.1

Tradebox 5.4 contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the symbol parameter. Attackers can send POST requests to the monthly_deposit endpoint with malicious symbol values using boolean-based blind, time-ba...

Vendor: Bdtask
Product: Tradebox
Published: Mar 04, 2026
Source: NVD
CVE-2019-25504 HIGH - 8.2

NCrypted Jobgator contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the experience parameter. Attackers can send POST requests to the agents Find-Jobs endpoint with malicious experience values to extract sensiti...

Vendor: Ncrypted
Product: NCrypted Jobgator
Published: Mar 04, 2026
Source: NVD
CVE-2019-25503 HIGH - 7.1

PHPads 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the bannerID parameter in click.php3. Attackers can submit crafted bannerID values using SQL comment syntax and functions like extractvalue to...

Vendor: Blondish
Product: PHPads
Published: Mar 04, 2026
Source: NVD
CVE-2019-25501 HIGH - 8.2

Simple Job Script contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting malicious SQL code through the app_id parameter. Attackers can send POST requests to delete_application_ajax.php with crafted payloads to extract sensitive data, bypass authent...

Vendor: niteosoft
Product: Simple Job Script
Published: Mar 04, 2026
Source: NVD
CVE-2019-25500 HIGH - 8.2

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the employerid parameter. Attackers can send POST requests to the register-recruiters endpoint with time-based SQL injection payloads to extrac...

Vendor: niteosoft
Product: Simple Job Script
Published: Mar 04, 2026
Source: NVD
CVE-2019-25499 HIGH - 8.2

Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the job_id parameter. Attackers can send POST requests to get_job_applications_ajax.php with malicious job_id values to bypass authentication, ...

Vendor: niteosoft
Product: Simple Job Script
Published: Mar 04, 2026
Source: NVD