Search

Search Results (363667 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14935 2 Gstreamer, Redhat 2 Gstreamer, Enterprise Linux 2026-07-10 3.7 Low
A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams.
CVE-2026-57851 1 Msi 1 Kerncorelib64.sys 2026-07-10 7.8 High
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.
CVE-2026-48954 1 Joomla 1 Joomla! 2026-07-10 N/A
Improper validation leads to a generic XSS vector in the language override feature.
CVE-2026-48949 1 Joomla 1 Joomla! 2026-07-10 N/A
Lack of validation leads to an XSS vulnerability in the MFA management views.
CVE-2026-48948 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows user to download vcard exports of com_contact contacts that are inaccessible.
CVE-2026-48953 1 Joomla 1 Joomla! 2026-07-10 N/A
Lack of escaping leads to an XSS vulnerability in the generic image output layout.
CVE-2026-48951 1 Joomla 1 Joomla! 2026-07-10 N/A
Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components.
CVE-2026-48957 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows unauthorized users to access com_privacy datasets.
CVE-2026-48956 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows users to display a list of modules in the frontend.
CVE-2026-48955 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows unauthorized users to access workflow stage and transition information.
CVE-2026-48950 1 Joomla 1 Joomla! 2026-07-10 N/A
Lack of escaping leads to an XSS vulnerability in the file management view of com_templates.
CVE-2026-48958 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows unauthorized users to create custom fields via webservices endpoints.
CVE-2026-48947 1 Joomla 1 Joomla! 2026-07-10 N/A
An improper access check allows privileged users to overwrite media files without editing permissions.
CVE-2026-48952 1 Joomla 1 Joomla! 2026-07-10 N/A
Lack of escaping leads to an XSS vulnerability in the update list view of com_installer.
CVE-2026-44877 1 Hpe 1 Networking Instant On 2026-07-10 6.5 Medium
An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system.
CVE-2026-55417 1 Chevereto 2 Chevereto, Chevereto-free 2026-07-10 N/A
Chevereto is a self-hosted media-sharing platform. Starting in version 3.7.5 and prior to version 4.5.4, when a user enables the private profile option, visiting their profile HTML route (`/username`) correctly returns 404. However, the `/json` AJAX listing endpoint does not apply the same check. An unauthenticated caller who knows the target's user ID can retrieve all of that user's publicly-scoped images, revealing the username (which should be private). This is patched in Chevereto v4.5.4. No known workarounds are available.
CVE-2026-58583 1 Fluxink 1 Color Management Driver 2026-07-10 7.1 High
FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.
CVE-2026-59707 1 Localai 1 Localai 2026-07-10 8.6 High
LocalAI contains an unauthenticated server-side request forgery vulnerability in the POST /models/apply endpoint that allows attackers to fetch arbitrary internal URLs. The endpoint passes unsanitized gallery URL fields directly to gallery.GetGalleryConfigFromURLWithContext without proper validation, enabling attackers to force the server to issue HTTP GET requests to private and loopback ranges with partial response content leaked through error messages.
CVE-2026-55592 1 Lissy93 1 Dashy 2026-07-10 3.9 Low
Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy origin and can read same-origin browser data, interact with the Dashy DOM, and send requests as the victim. This issue is fixed in version 4.3.7.
CVE-2026-49471 1 Oraios 1 Serena 2026-07-10 8.3 High
Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A DNS rebinding attack allows a malicious webpage to reach this API from any browser and write arbitrary content to the agent's persistent memory store, which the agent reads and acts on autonomously. Combined with execute_shell_command using shell=True, this creates a remote code execution chain requiring only that the victim visit a malicious webpage while Serena is running. This issue is fixed in version v1.5.2.