Common Vulnerabilities and Exposures (CVE)

CVE-2023-21830

May 28, 2026 17:52:18 UTC

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20....

CVE-2026-2704

May 28, 2026 17:52:14 UTC

A security vulnerability has been detected in Open Babel up to 3.1.1. The affected element is the function OpenBabel::transform3d::DescribeAsString of the file src/math/transform3d.cpp of the component CIF File Handler. The manipulation lea...

CVE-2023-21835

May 28, 2026 17:50:33 UTC

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8...

CVE-2026-43898

May 28, 2026 17:50:31 UTC

SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6, sandbox-defined functions expose Function.caller, allowing sandboxed code to recover the internal LispType.Call runtime callback. That callback can then be invoked with attacker-...

CVE-2023-33127

May 28, 2026 17:50:14 UTC

.NET and Visual Studio Elevation of Privilege Vulnerability

CVE-2023-33170

May 28, 2026 17:49:42 UTC

ASP.NET and Visual Studio Security Feature Bypass Vulnerability

CVE-2014-1692

May 28, 2026 17:49:19 UTC

The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory ...

CVE-1999-0632

May 28, 2026 17:48:17 UTC

The RPC portmapper service is running.

CVE-2026-45307

May 28, 2026 17:47:22 UTC

Speakr is a personal, self-hosted web application designed for transcribing audio recordings. Prior to 0.8.20-alpha, the is_safe_url() helper used to validate post-login redirect targets applied urljoin(request.host_url, target) before pars...

CVE-2014-5455

May 28, 2026 17:46:56 UTC

Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDR...

CVE-2026-45021

May 28, 2026 17:45:14 UTC

Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any ...

CVE-1999-0524

May 28, 2026 17:44:18 UTC

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

CVE-2014-2653

May 28, 2026 17:43:51 UTC

The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.

CVE-2023-25136

May 28, 2026 17:43:14 UTC

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to ...

CVE-2023-44339

May 28, 2026 17:41:58 UTC

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to ...