Search Results (84832 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-42205 1 Avo Hq 1 Avo 2026-05-12 8.8 High
Avo is a framework to create admin panels for Ruby on Rails apps. Prior to version 3.31.2, a broken access control vulnerability was identified in the ActionsController of the Avo framework. Due to insecure action lookup logic, an authenticated user can execute any Action class (descendants of Avo::BaseAction) on any resource, even if the action is not registered for that specific resource. This leads to Privilege Escalation and unauthorized data manipulation across the entire application. This issue has been patched in version 3.31.2.
CVE-2026-7489 2 Sun.net, Sunnet 2 Ehrd Ctms, Ctms 2026-05-12 8.8 High
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
CVE-2026-28908 1 Apple 1 Macos 2026-05-12 7.5 High
A denial of service issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to modify protected parts of the file system.
CVE-2026-28925 1 Apple 1 Macos 2026-05-12 7.5 High
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2026-28965 1 Apple 3 Ios And Ipados, Ipados, Iphone Os 2026-05-12 7.5 High
A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen.
CVE-2026-43661 1 Apple 6 Ios And Ipados, Ipados, Iphone Os and 3 more 2026-05-12 7.5 High
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory.
CVE-2026-28923 1 Apple 1 Macos 2026-05-12 8.8 High
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
CVE-2026-28840 1 Apple 1 Macos 2026-05-12 7.8 High
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges.
CVE-2026-7258 2 Php, Php Group 2 Php, Php 2026-05-12 7.5 High
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, some functions, including urldecode(), pass signed char to ctype functions (like isxdigit()). On the systems with default signed char and optimized table-lookup ctype functions - such as NetBSD - this can lead to accessing array with negative offset, which can trigger a denial of service.
CVE-2026-7262 2 Php, Php Group 2 Php, Php 2026-05-12 7.5 High
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element.  This leads to dereferences a NULL pointer, causing a segmentation fault. This allows a remote unauthenticated attacker to crash the PHP SOAP server process, resulting in denial of service.
CVE-2026-7568 2 Php, Php Group 2 Php, Php 2026-05-12 7.5 High
In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the metaphone() function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed integer overflow occurs, resulting in undefined behavior. This can lead to an out-of-bounds read, causing a segmentation fault or access to unrelated memory, and may affect the availability of the PHP process.
CVE-2026-7263 2 Php, Php Group 2 Php, Php 2026-05-12 7.5 High
In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, DOMNode::C14N() method may process the XML data incorrectly, causing a circular linked list in the data structure representing the XML document. This may cause subsequent processing of the XML document to enter infinite loop, causing denial of service in the processing application.
CVE-2026-41002 2 Spring, Vmware 2 Spring Cloud Config, Spring Cloud Config 2026-05-12 7.4 High
The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support Only). Spring Cloud Config 4.3.x: affected from 4.3.0 through 4.3.2 (inclusive); upgrade to 4.3.3 or greater. Spring Cloud Config 5.0.x: affected from 5.0.0 through 5.0.2 (inclusive); upgrade to 5.0.3 or greater.
CVE-2026-28924 1 Apple 1 Macos 2026-05-12 7.5 High
A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access Contacts without user consent.
CVE-2026-28951 1 Apple 4 Ios And Ipados, Ipados, Iphone Os and 1 more 2026-05-12 7.8 High
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges.
CVE-2026-28954 1 Apple 4 Ios And Ipados, Ipados, Iphone Os and 1 more 2026-05-12 7.5 High
A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks.
CVE-2026-28995 1 Apple 7 Ios And Ipados, Ipados, Iphone Os and 4 more 2026-05-12 8.8 High
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A malicious app may be able to break out of its sandbox.
CVE-2026-28974 1 Apple 7 Ios And Ipados, Ipados, Iphone Os and 4 more 2026-05-12 7.5 High
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
CVE-2026-28969 1 Apple 7 Ios And Ipados, Ipados, Iphone Os and 4 more 2026-05-12 7.5 High
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
CVE-2026-41640 1 Nocobase 1 Nocobase 2026-05-12 7.5 High
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using parameterized queries. The nodeIds array contains primary key values read from database rows. An attacker who can create a record with a malicious string primary key can inject arbitrary SQL when any subsequent request triggers recursive eager loading on that collection. This issue has been patched in version 2.0.39.