Search Results (9233 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-8953 1 Mozilla 2 Firefox, Thunderbird 2026-05-19 9.6 Critical
Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVE-2024-26257 1 Microsoft 2 365 Apps, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33161 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33149 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2024-30101 1 Microsoft 6 365 Apps, Office, Office 2016 and 3 more 2026-05-19 7.5 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-33153 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 6.8 Medium
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2026-40359 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-05-19 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-40419 1 Microsoft 6 365 Apps, Office, Office 2019 and 3 more 2026-05-19 7.8 High
Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally.
CVE-2026-8513 1 Google 2 Android, Chrome 2026-05-19 8.3 High
Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8522 2 Apple, Google 2 Macos, Chrome 2026-05-19 8.8 High
Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8549 1 Google 1 Chrome 2026-05-19 8.8 High
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8550 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-19 6.5 Medium
Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8542 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.3 High
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8530 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.3 High
Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8580 1 Google 1 Chrome 2026-05-19 9.6 Critical
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8575 1 Google 1 Chrome 2026-05-19 8.3 High
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8544 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-05-19 8.8 High
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8555 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.8 High
Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-28733 1 Openharmony 1 Openharmony 2026-05-19 6.5 Medium
in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.
CVE-2026-32848 1 Netbsd 1 Src 2026-05-19 4.7 Medium
NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier on SMP systems. Attackers can exploit mutable per-operation state embedded in the csession struct to corrupt kernel heap memory.