CVE Vulnerability Database

Search and browse 11,425 known security vulnerabilities. Filter by severity, vendor, product, and year.

11,425 vulnerabilities found
Recent Highest Score Oldest
CVE-2026-24193
7.8 high

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

May 26, 2026
CVE-2026-24192
7.8 high

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause an incorrect conversion between numeric types, leading to a heap buffer overflow. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data

May 26, 2026
CVE-2026-24191
7.8 high

NVIDIA Display Driver for Windows contains a vulnerability where an attacker could cause a time-of-check time-of-use issue. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

May 26, 2026
CVE-2026-24190
7.8 high

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a user could cause improper access to GPU resources. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and

May 26, 2026
CVE-2026-24187
8.8 high

NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution.

May 26, 2026
CVE-2026-24182
6.5 medium

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service.

May 26, 2026
CVE-2025-33221
4.4 medium

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service.

May 26, 2026
CVE-2026-9565
6.3 medium

A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function is_dangerous of the file apps/runtime/src-tauri/src/agent/tools/bash.rs of the component Blacklist Handler. Executing a manipulation can lead to os command injection. The attack can be executed remotely. Th

May 26, 2026
CVE-2026-9564
2.4 low

A vulnerability was found in SourceCodester/oretnom23 Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /admin/?page=patients/view_patient. Performing a manipulation of the argument Remarks results in cross site scripting. Remote exploitation of

May 26, 2026
CVE-2026-9562
7.3 high

A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such manipulation leads to improper access controls. The attack may be launched remotely. The exploit has been

May 26, 2026
CVE-2026-8852
6.2 medium

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_fastcgi module.

Ibm Http Server May 26, 2026
CVE-2026-8850
7.5 high

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_ibm_upload.

Ibm Http Server May 26, 2026
CVE-2026-48905
6.1 medium

Lack of input filtering leads to an XSS vector in the HTML filter code.

Joomla Joomla\! May 26, 2026
CVE-2026-48904
9.8 critical

An improper access check allows privelege escalation through the com_users group editing webservice endpoint.

Joomla Joomla\! May 26, 2026
CVE-2026-48903
6.1 medium

Inadequate content filtering within the checkAttribute methods leads to XSS vulnerabilities in various components.

Joomla Joomla\! May 26, 2026
CVE-2026-48902
9.8 critical

The password and username reset features created plain http links for https connections if the "Force SSL" flag wasn't explicitly set.

Joomla Joomla\! May 26, 2026
CVE-2026-48901
7.5 high

The InputFilter::getInstance() method omitted a security sensitive parameter from the instance cache key.

Joomla Joomla\! May 26, 2026
CVE-2026-48900
4.3 medium

An improper access check allowed low privileged users to edit the task types of existing scheduler tasks.

Joomla Joomla\! May 26, 2026
CVE-2026-48899
9.8 critical

An improper access check allows privilege escalation through the com_users batch task.

Joomla Joomla\! May 26, 2026
CVE-2026-48898
9.8 critical

An improper access check allows privilege escalation through the com_users batch task.

Joomla Joomla\! May 26, 2026
CVE-2026-48897
7.5 high

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

Joomla Joomla\! May 26, 2026
CVE-2026-48896
7.5 high

Insufficient state checks lead to a vector that allows to bypass 2FA checks.

Joomla Joomla\! May 26, 2026
CVE-2026-48864
7.8 high

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can le

Opensuse Libsolv May 26, 2026
CVE-2026-48697
7.4 high

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute_web_request_secure() function in src/fast_library.cpp creates a boost::asio::ssl::context with tls_client mode and calls set_default_verify_paths() to load CA certificates, but neve

Pavel-Odintsov Fastnetmon May 26, 2026