Filter and search through 392,393 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-22588 | ### Summary An Authenticated Insecure Direct Object Reference (IDOR) vulnerability was identified that allows an authenticated user to retrieve other ... | 6.5 | 231 | Neutral | No |
| Yes |
| CVE-2026-22587 | Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated attacker could craft a payload in the 'Reports' page th... | 5.5 | 234 | Neutral | No | No |
| CVE-2026-22586 | Hard-coded Cryptographic Key vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Center, Subscription Cen... | 9.8 | 596 | Neutral | No | No |
| CVE-2026-22585 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Salesforce Marketing Cloud Engagement (CloudPages, Forward to a Friend, Profile Cent... | 9.8 | 596 | Neutral | No | No |
| CVE-2026-22584 | Improper Control of Generation of Code ('Code Injection') vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code ... | 9.8 | 751 | Neutral | No | Yes |
| CVE-2026-22583 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (CloudPagesU... | 9.8 | 596 | Neutral | No | No |
| CVE-2026-22582 | Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (MicrositeUr... | 9.8 | 596 | Neutral | No | No |
| CVE-2026-22581 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22580 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22579 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22578 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22577 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22544 | An attacker with a network connection could detect credentials in clear text. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22543 | The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher,... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22542 | An attacker with access to the system's internal network can cause a denial of service on the system by making two concurrent connections through the ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22541 | The massive sending of ICMP requests causes a denial of service on one of the boards from the EVCharger that allows control the EV interfaces. Since t... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22540 | The massive sending of ARP requests causes a denial of service on one board of the charger that allows control of the EV interfaces. Since the board m... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22539 | As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the cha... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22537 | The lack of hardening of the system allows the user used to manage and maintain the charger to consult different files containing clear-text credentia... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-22536 | The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictio... | 0.0 | 0 | Neutral | No | No |