Export limit exceeded: 363261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363261 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14405 | 1 Google | 1 Chrome | 2026-07-03 | 9.6 Critical |
| Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14425 | 1 Google | 1 Chrome | 2026-07-03 | 9.6 Critical |
| Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-14393 | 1 Google | 1 Chrome | 2026-07-03 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14394 | 1 Google | 1 Chrome | 2026-07-03 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-52191 | 1 Utt | 1 Nv518g | 2026-07-03 | N/A |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component | ||||
| CVE-2026-38968 | 1 Ntop | 1 Ntopng | 2026-07-03 | N/A |
| ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding session cookies under attacker-controlled timing. | ||||
| CVE-2026-52192 | 1 Utt | 1 Nv518g | 2026-07-03 | N/A |
| An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_445C5C component | ||||
| CVE-2026-38970 | 2026-07-03 | N/A | ||
| pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without enforcing a maximum nesting depth. | ||||
| CVE-2026-11578 | 2026-07-03 | N/A | ||
| The Fluent Forms WordPress plugin before 6.2.5 does not properly restrict the deletion of form submission entries to the forms a restricted Manager is authorized to manage, allowing a Manager limited to specific forms to permanently delete submission entries belonging to other forms. This requires a non-default configuration in which an administrator has created at least one Manager restricted to specific forms. | ||||
| CVE-2026-58379 | 1 Redhat | 1 Enterprise Linux | 2026-07-03 | 7.3 High |
| A flaw was found in GIMP's Paint Shop Pro (PSP) file format parser. This heap buffer overflow vulnerability allows a remote attacker to cause arbitrary code execution or a denial of service (DoS) by tricking a user into opening a specially crafted PSP image file. The vulnerability occurs because the software incorrectly calculates buffer sizes when processing low bit-depth images, leading to an overwrite of adjacent memory. | ||||
| CVE-2026-12168 | 2026-07-03 | 7.8 High | ||
| An improper validation vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port. | ||||
| CVE-2026-54405 | 1 Ubiquiti | 1 Unifi Network Application | 2026-07-03 | 7.5 High |
| A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to execute a Denial of Service (DoS) attack on the application. | ||||
| CVE-2026-54403 | 2026-07-03 | 8.6 High | ||
| A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances. | ||||
| CVE-2026-54409 | 2026-07-03 | 7.5 High | ||
| A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras. | ||||
| CVE-2026-54408 | 2026-07-03 | 8.6 High | ||
| A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming. | ||||
| CVE-2026-50746 | 2026-07-03 | 10 Critical | ||
| A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device. | ||||
| CVE-2026-50747 | 2026-07-03 | 9.9 Critical | ||
| A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device. | ||||
| CVE-2026-54402 | 2026-07-03 | 9.9 Critical | ||
| A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device. | ||||
| CVE-2026-54401 | 2026-07-03 | 7.7 High | ||
| A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances. | ||||
| CVE-2026-55117 | 2026-07-03 | 8.6 High | ||
| A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device. | ||||