Export limit exceeded: 357201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357201 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-36805 | 1 Tenda | 1 G0 | 2026-06-10 | N/A |
| Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36807 | 1 Tenda | 1 W15e | 2026-06-10 | N/A |
| Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formAddWebAuthUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36809 | 1 Tenda | 1 W15e | 2026-06-10 | N/A |
| Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteID parameter of the formModifyWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36817 | 1 Tenda | 1 W15e | 2026-06-10 | N/A |
| Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36819 | 1 Tenda | 1 W20e | 2026-06-10 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36822 | 1 Tenda | 1 W20e | 2026-06-10 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the macAddr parameter of the formDelStaState function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2026-36725 | 1 Fastapiadmin | 1 Fastapiadmin | 2026-06-10 | 6.1 Medium |
| A markdown based cross-site scripting (XSS) vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the notice_content parameter. | ||||
| CVE-2025-52293 | 1 Gpac | 1 Mp4box | 2026-06-10 | 7.5 High |
| A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC SPS data. | ||||
| CVE-2023-29146 | 1 Malwarebytes | 1 Endpoint Detection And Response | 2026-06-10 | 8.2 High |
| The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit). Attackers could create a colliding hash value for two different strings by attaching 4GB of data to a string that is less than 4GB in size. | ||||
| CVE-2025-55657 | 1 Gpac | 1 Mp4box | 2026-06-10 | 7.5 High |
| A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2026-36770 | 1 Tenda | 1 Us W3v1.0br | 2026-06-10 | 7.5 High |
| Shenzhen Tenda Technology Co., Ltd Tenda US_W3V1.0BR v1.0.0.3 was discovered to contain a stack overflow in the Go parameter of the ask_to_reboot function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2026-45643 | 1 Microsoft | 12 365 Apps, Microsoft 365 Apps For Enterprise, Microsoft Office 365 For Mac and 9 more | 2026-06-10 | 7.8 High |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-47292 | 1 Microsoft | 1 Visual Studio Code Mssql Extension | 2026-06-10 | 7.8 High |
| Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-45476 | 1 Microsoft | 2 Linux Kernel - Microsoft Mana Network Driver, Linux Kernel Mana Network Driver | 2026-06-10 | 8.2 High |
| Use after free in Linux MANA Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-48565 | 1 Microsoft | 1 Windows Narrator Braille | 2026-06-10 | 7.8 High |
| Untrusted search path in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54509 | 1 Amd | 6 Epyc 8004 Series Processors, Epyc 9004 Series Processors, Epyc 9005 Series Processors and 3 more | 2026-06-10 | N/A |
| Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) potentially resulting in loss of integrity. | ||||
| CVE-2026-10045 | 1 Shenzhen Kangda Xin Intelligent Network Technology | 1 Dr300 | 2026-06-10 | 9.8 Critical |
| Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash, inspect active connections, and view currently connected devices. | ||||
| CVE-2026-8863 | 7 Baramundi Software, Blancco Uk, Finland Matriculation Board and 4 more | 12 Baramundi Management Suite, Whitecanyon Wipedrive, Abitti 1 and 9 more | 2026-06-10 | 7.8 High |
| Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders. | ||||
| CVE-2026-6445 | 1 Everpure | 1 Flasharray | 2026-06-10 | N/A |
| A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges. | ||||
| CVE-2026-6444 | 1 Everpure | 1 Flasharray | 2026-06-10 | N/A |
| A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges. | ||||