Export limit exceeded: 362646 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362646 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14419 | 1 Google | 1 Chrome | 2026-07-08 | 9.6 Critical |
| Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-55429 | 1 Coder | 1 Coder | 2026-07-08 | 8.7 High |
| Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `UpsertWorkspaceApp` overwrites an existing app's `agent_id` on a primary-key conflict and `insertAgentApp` accepts the app ID from the provisioner's `CompleteJob` payload without verifying it belongs to the workspace being built. `CompleteJob` runs under `dbauthz.AsProvisionerd` so the authorization layer does not block the cross-workspace upsert. Exploitation requires elevated access as a template author or external provisioner operator. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 verifies that any existing `workspace_apps` row matching the supplied ID belongs to the workspace being built and rejects cross-workspace agent reassignment. No known workarounds are available. | ||||
| CVE-2026-14432 | 1 Google | 1 Chrome | 2026-07-08 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14426 | 1 Google | 1 Chrome | 2026-07-08 | 7.5 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-52191 | 1 Utt | 1 Nv518g | 2026-07-08 | 7.5 High |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component | ||||
| CVE-2026-38972 | 1 Rizonesoft | 1 Notepad3 | 2026-07-08 | 7.8 High |
| Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened. | ||||
| CVE-2026-38971 | 1 Ardupilot | 1 Ardupilot | 2026-07-08 | 9.1 Critical |
| ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control(). | ||||
| CVE-2026-10077 | 2026-07-08 | 6.8 Medium | ||
| The yootheme WordPress theme before 5.0.35 does not prevent its bundled front-end framework from treating certain HTML attributes, which are permitted by wp_kses_post(), as markup, allowing users with the Author role to perform Stored Cross-Site Scripting attacks that execute in the browser of any user who views the affected post. | ||||
| CVE-2026-11781 | 2026-07-08 | 2.7 Low | ||
| The Adminify WordPress plugin before 4.2.10 does not perform per-user read-capability checks on the results returned by one of its administration search features, allowing users with a low-privilege role (Contributor) to disclose non-public content that WordPress would not otherwise expose to them, such as other authors' unpublished post titles, pending comment content, the site's Adminify WordPress plugin before 4.2.10 inventory, and user account names. | ||||
| CVE-2026-11965 | 2026-07-08 | 6.5 Medium | ||
| The User Registration & Membership WordPress plugin before 5.2.0 does not enforce payment completion before activating a paid membership subscription, allowing unauthenticated users (after self-registering an account through the open registration flow) to obtain an active subscription on any paid plan without paying and access the gated content. | ||||
| CVE-2026-60002 | 1 Openbsd | 1 Openssh | 2026-07-08 | 7.7 High |
| ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.) | ||||
| CVE-2026-60001 | 1 Openbsd | 1 Openssh | 2026-07-08 | 6.5 Medium |
| sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay. | ||||
| CVE-2026-60000 | 1 Openbsd | 1 Openssh | 2026-07-08 | 3.7 Low |
| sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication. | ||||
| CVE-2026-59999 | 1 Openbsd | 1 Openssh | 2026-07-08 | 5.9 Medium |
| In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not. | ||||
| CVE-2026-59998 | 1 Openbsd | 1 Openssh | 2026-07-08 | 4.8 Medium |
| sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory. | ||||
| CVE-2026-59997 | 1 Openbsd | 1 Openssh | 2026-07-08 | 4.2 Medium |
| internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection. | ||||
| CVE-2026-59996 | 1 Openbsd | 1 Openssh | 2026-07-08 | 4.2 Medium |
| scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations. | ||||
| CVE-2026-59995 | 1 Openbsd | 1 Openssh | 2026-07-08 | 4.2 Medium |
| sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server. | ||||
| CVE-2026-44269 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-07 | 4.4 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access. | ||||
| CVE-2026-44268 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-07 | 4.4 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access. | ||||