Export limit exceeded: 351926 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351926 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4055 | 1 Mattermost | 1 Mattermost | 2026-05-21 | 4.3 Medium |
| Mattermost versions 11.5.x <= 11.5.1 fail to validate team-level run_create permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request. Mattermost Advisory ID: MMSA-2026-00629 | ||||
| CVE-2026-44051 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 8.1 High |
| In Netatalk 3.0.2 through 4.4.2, arbitrary file read via attacker-controlled symlink creation. Fixed in 4.4.3. | ||||
| CVE-2026-44052 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.5 High |
| In Netatalk 2.1.0 through 4.4.2, ldap simple-bind password exposure in log output. Fixed in 4.4.3. | ||||
| CVE-2026-44054 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 6.5 Medium |
| In Netatalk 2.0.0 through 4.4.2, predictable afpd session token. Fixed in 4.4.3. | ||||
| CVE-2026-44055 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.5 High |
| In Netatalk 3.1.4 through 4.4.2, bitwise or logic bug enables shell injection. Fixed in 4.4.3. | ||||
| CVE-2026-44060 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.5 High |
| In Netatalk 1.5.0 through 4.4.2, integer underflow in dsi_writeinit() leads to denial of service. Fixed in 4.4.3. | ||||
| CVE-2026-44061 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 5.9 Medium |
| In Netatalk 1.5.0 through 4.4.2, des-ecb auth with timing side channel. Fixed in 4.5.0. | ||||
| CVE-2026-44064 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.1 High |
| In Netatalk 1.3 through 4.4.2, asp session id out-of-bounds access. Fixed in 4.4.3. | ||||
| CVE-2026-44066 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.1 High |
| In Netatalk 3.1.0 through 4.4.2, heap out-of-bounds reads in spotlight rpc unmarshalling. Fixed in 4.4.3. | ||||
| CVE-2026-44067 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 3.7 Low |
| In Netatalk 2.1.0 through 4.4.2, ea header parsing heap over-read. Fixed in 4.5.0. | ||||
| CVE-2026-44069 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 3.4 Low |
| In Netatalk 3.0.0 through 4.4.2, integer underflow in volxlate. Fixed in 4.5.0. | ||||
| CVE-2026-44070 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 3.1 Low |
| In Netatalk 2.0.0 through 4.4.2, unbounded realloc in charset conversion. Fixed in 4.5.0. | ||||
| CVE-2026-44072 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 2.5 Low |
| In Netatalk 2.2.1 through 4.4.2, system() after failed chdir(). Fixed in 4.5.0. | ||||
| CVE-2026-44073 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 4 Medium |
| In Netatalk 1.5.0 through 4.4.2, seteuid failure ignored in auth modules. Fixed in 4.5.0. | ||||
| CVE-2026-44076 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 6.7 Medium |
| In Netatalk 3.1.0 through 4.4.2, shell injection via volume path. Fixed in 4.4.3. | ||||
| CVE-2026-7835 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 3.1 Low |
| In Netatalk 3.0.3 through 4.4.2, format string argument mismatch. Fixed in 4.5.0. | ||||
| CVE-2026-44047 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 8.8 High |
| In Netatalk 3.1.0 through 4.4.2, sql injection in mysql cnid backend. Fixed in 4.4.3. | ||||
| CVE-2026-44048 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 8.8 High |
| In Netatalk 2.0.4 through 4.4.2, stack buffer overflow via ucs-2 type confusion in convert_charset(). Fixed in 4.4.3. | ||||
| CVE-2026-44053 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 7.4 High |
| In Netatalk 1.5.0 through 4.2.2, weak cryptography in dhcast128 uam. Fixed in 4.5.0. | ||||
| CVE-2026-44058 | 1 Netatalk | 1 Netatalk | 2026-05-21 | 6.4 Medium |
| In Netatalk 2.2.2 through 4.4.2, authentication bypass via admin auth user. Fixed in 4.5.0. | ||||