Export limit exceeded: 365026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365026 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58601 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-14 | 7.8 High |
| Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-58279 | 1 Microsoft | 1 Azure Cyclecloud | 2026-07-14 | 6.5 Medium |
| Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56193 | 1 Microsoft | 8 365 Apps, Office 2016, Office 2019 and 5 more | 2026-07-14 | 7.1 High |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-56164 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-14 | 5.3 Medium |
| Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2026-56155 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-14 | 7.8 High |
| Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-55948 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-07-14 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55002 | 1 Microsoft | 5 Sql Server 2016, Sql Server 2017, Sql Server 2019 and 2 more | 2026-07-14 | 7.8 High |
| External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-45077 | 2026-07-14 | N/A | ||
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener (Symfony\Bridge\Monolog\Command\ServerLogCommand) binds to 0.0.0.0:9911 by default and processes each received frame with unserialize(base64_decode($message)) without authentication, integrity checks, or an allowed_classes allowlist, allowing any reachable host to submit attacker-chosen serialized PHP payloads that can crash the listener and may trigger object-injection gadget effects. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-15757 | 2026-07-14 | N/A | ||
| A security flaw was discovered in the NETGEAR DGND3700v1 that could allow someone on the same local WiFi network to send unauthorized commands to the device. This issue was identified through testing in a controlled research environment using a simulated version of the router's software and has not been confirmed on physical production devices. | ||||
| CVE-2026-15715 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-14 | 4.3 Medium |
| A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /exam.php. Such manipulation of the argument day leads to cross site scripting. It is possible to launch the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-14394 | 1 Google | 1 Chrome | 2026-07-14 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-52188 | 1 Utt | 1 Nv518g | 2026-07-14 | 6.5 Medium |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub_497498 component | ||||
| CVE-2026-38968 | 1 Ntop | 1 Ntopng | 2026-07-14 | 9.8 Critical |
| ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding session cookies under attacker-controlled timing. | ||||
| CVE-2026-38970 | 2026-07-14 | 7.5 High | ||
| pdfcpu through v0.11.1 contains an uncontrolled-recursion denial-of-service issue in pkg/pdfcpu/model/parse.go. The parser descends recursively through nested PDF objects, including arrays, via ParseObjectContext() and parseArray() without enforcing a maximum nesting depth. | ||||
| CVE-2026-59199 | 1 Python-pillow | 1 Pillow | 2026-07-14 | 7.5 High |
| Pillow is a Python imaging library. Prior to 12.3.0, Pillow public image coordinate APIs can trigger a native heap out-of-bounds write when given coordinates near the signed 32-bit integer limits in Image.paste(), Image.crop(), or Image.alpha_composite(). This issue is fixed in version 12.3.0. | ||||
| CVE-2026-60118 | 1 Hieventsdev | 1 Hi.events | 2026-07-14 | 5.3 Medium |
| Hi.Events through v1.10.0-beta contains a missing server-side visibility enforcement vulnerability that allows unauthenticated attackers to purchase hidden tickets by referencing hidden product and price IDs in order creation requests without authorization checks. Attackers can enumerate sequential hidden ticket IDs from visible ones and submit order creation requests referencing those IDs to purchase VIP, invite-only, or discounted tickets intentionally withheld from public sale. | ||||
| CVE-2026-59203 | 1 Python-pillow | 1 Pillow | 2026-07-14 | 5.3 Medium |
| Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0. | ||||
| CVE-2026-59205 | 1 Python-pillow | 1 Pillow | 2026-07-14 | 7.5 High |
| Pillow is a Python imaging library. Prior to 12.3.0, Pillow's ImageCms.ImageCmsTransform.apply(im, imOut) API can trigger controlled native heap corruption when the caller supplies an output image whose mode does not match the transform's declared output mode. This issue is fixed in version 12.3.0. | ||||
| CVE-2026-45065 | 2026-07-14 | N/A | ||
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, UrlGenerator validates route parameters against a pattern built as ^ plus the raw requirement plus $; with ungrouped alternations, middle alternatives match as unanchored substrings, allowing a value such as //evil.com to satisfy a common locale requirement and generate a protocol-relative off-site URL. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-45067 | 2026-07-14 | N/A | ||
| ### Description `Symfony\Component\Mime\Address` is the value-object every Symfony Mailer address (to/cc/bcc/from/reply-to) flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email addresses whose local-part (the part before `@`) is an RFC-5322 *quoted string* containing raw `\r\n` bytes — e.g. `"x\r\nBcc: attacker@evil"@example.com`. The stored address is later emitted verbatim into (1) the rendered message headers and (2) `SmtpTransport`'s `MAIL FROM:<...>` / `RCPT TO:<...>` protocol lines, turning the embedded CRLF into a new mail header and/or a new SMTP command. ### Resolution The `Address` constructor now rejects addresses containing line breaks. The patch for this issue is available [here](https://github.com/symfony/symfony/commit/dc2dbd29211eb4ddc451373fa1374fb926e94604) for branch 5.4. ### Credits We would like to thank Claude Mythos Preview (via Project Glasswing) for reporting the issue and providing the fix. | ||||