Search Results (14517 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-9965 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.8 High
Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2021-4019 5 Debian, Fedoraproject, Neovim and 2 more 5 Debian Linux, Fedora, Neovim and 2 more 2026-05-29 7.8 High
vim is vulnerable to Heap-based Buffer Overflow
CVE-2026-9879 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.8 High
Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2021-22788 1 Schneider-electric 28 140cpu65150, 140cpu65150 Firmware, 140noc77101 and 25 more 2026-05-29 7.5 High
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
CVE-2026-9896 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.8 High
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9910 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.8 High
Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9926 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.3 High
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9973 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-29 8.8 High
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2020-7563 1 Schneider-electric 40 Modicon M340 Bmx Noc 0401, Modicon M340 Bmx Noc 0401 Firmware, Modicon M340 Bmx Noe 0100 and 37 more 2026-05-29 6.3 Medium
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.
CVE-2021-33485 1 Codesys 7 Control, Control Rte, Control Runtime System Toolkit and 4 more 2026-05-29 9.8 Critical
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
CVE-2026-37457 1 Frrouting 1 Frrouting 2026-05-29 7.5 High
An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted FlowSpec component.
CVE-2021-28465 1 Microsoft 1 Web Media Extensions 2026-05-28 7.8 High
Web Media Extensions Remote Code Execution Vulnerability
CVE-2019-19378 1 Linux 1 Linux Kernel 2026-05-28 7.8 High
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-13721 2 Google, Redhat 2 Chrome, Rhel Extras 2026-05-28 8.8 High
Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2023-38233 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2026-05-28 7.8 High
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-38231 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2026-05-28 7.8 High
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-47359 1 Videolan 1 Vlc Media Player 2026-05-28 9.8 Critical
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
CVE-2024-54508 2 Apple, Redhat 13 Ipados, Iphone Os, Macos and 10 more 2026-05-28 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-6785 1 Mozilla 2 Firefox, Thunderbird 2026-05-27 7.5 High
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.
CVE-2026-6753 1 Mozilla 2 Firefox, Thunderbird 2026-05-27 7.3 High
Incorrect boundary conditions in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10.