Export limit exceeded: 11736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11736 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6522 | 1 Extremepacs | 1 Extreme Xds | 2026-05-20 | 7.2 High |
| Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users. This issue affects Extreme XDS: before 3914. | ||||
| CVE-2023-6523 | 1 Extremepacs | 1 Extreme Xds | 2026-05-20 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse. This issue affects Extreme XDS: before 3914. | ||||
| CVE-2026-46721 | 1 Typo3 | 1 Extension "frontend User Registration" | 2026-05-20 | N/A |
| The create and edit flows do not restrict which user properties may be submitted and do not enforce access control on the frontend user group assignment. As a result, an attacker can assign an arbitrary frontend user group to a newly registered or edited account, gaining unauthorized access to content and functionality restricted to privileged frontend user groups. | ||||
| CVE-2026-46722 | 1 Typo3 | 1 Extension "faceted Search" | 2026-05-20 | N/A |
| The OOXML parsing of the file indexer does not disable external entity resolution. A crafted xlsx or pptx document placed in an indexed directory can cause local files to be read or outbound HTTP requests to be performed, with the retrieved content being written to the search index. | ||||
| CVE-2026-46723 | 1 Typo3 | 1 Extension "faceted Search" | 2026-05-20 | N/A |
| The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index. | ||||
| CVE-2023-6724 | 1 Simgesel | 1 Hearing Tracking System | 2026-05-20 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0. | ||||
| CVE-2022-2808 | 1 Algan | 1 Prens Student Information System | 2026-05-20 | 8.8 High |
| Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection. This issue affects Prens Student Information System: before 2.1.11. | ||||
| CVE-2026-45037 | 2 Eugeny, Tabby | 2 Tabby, Tabby | 2026-05-19 | 7.1 High |
| Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without validating the protocol scheme. This allows a malicious SSH or Telnet server to send crafted terminal output containing dangerous protocol URIs which Tabby renders as clickable links, triggering arbitrary OS protocol handlers on the victim's machine. This vulnerability is fixed in 1.0.232. | ||||
| CVE-2026-23557 | 1 Xen | 1 Xen | 2026-05-19 | 6.5 Medium |
| Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES command within a transaction due to an assert() triggering. In case xenstored was built with NDEBUG #defined nothing bad will happen, as assert() is doing nothing in this case. Note that the default is not to define NDEBUG for xenstored builds even in release builds of Xen. | ||||
| CVE-2025-21402 | 1 Microsoft | 6 Office, Office Long Term Servicing Channel, Office Macos 2021 and 3 more | 2026-05-19 | 7.8 High |
| Microsoft Office OneNote Remote Code Execution Vulnerability | ||||
| CVE-2023-33150 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2026-05-19 | 9.6 Critical |
| Microsoft Office Security Feature Bypass Vulnerability | ||||
| CVE-2025-21361 | 1 Microsoft | 5 Office, Office Long Term Servicing Channel, Office Macos 2021 and 2 more | 2026-05-19 | 7.8 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2024-20673 | 1 Microsoft | 8 Excel, Office, Office Long Term Servicing Channel and 5 more | 2026-05-19 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2026-8401 | 1 Mozilla | 1 Firefox | 2026-05-19 | 9.8 Critical |
| Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11. | ||||
| CVE-2026-8571 | 1 Google | 2 Android, Chrome | 2026-05-19 | 8.3 High |
| Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-8572 | 1 Google | 2 Android, Chrome | 2026-05-19 | 3.1 Low |
| Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-8583 | 1 Google | 2 Android, Chrome | 2026-05-19 | 5.3 Medium |
| Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-8517 | 2 Apple, Google | 2 Macos, Chrome | 2026-05-19 | 8.8 High |
| Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-45315 | 2 Open-webui, Openwebui | 2 Open-webui, Open Webui | 2026-05-19 | 8.7 High |
| Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHE_DIR/audio/transcriptions/.. The /cache/{path} route serves these files via FileResponse, which sets Content-Type from the on-disk extension and emits no Content-Disposition. A verified user with the default-on chat.stt permission can upload a polyglot WAV+HTML file named pwn.html and trick any other user into opening the resulting URL — the response comes back as text/html and any embedded <script> runs in the Open WebUI origin. This vulnerability is fixed in 0.9.3. | ||||
| CVE-2026-36438 | 1 Intelbras | 1 Vip-1230-d-g4 | 2026-05-19 | 5.3 Medium |
| An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd | ||||