Export limit exceeded: 362505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 362505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (362505 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20462 | 1 Mediatek, Inc. | 1 Mediatek Chipset | 2026-07-06 | 6.7 Medium |
| In Telephony, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS11006447; Issue ID: MSV-7871. | ||||
| CVE-2026-11570 | 2026-07-06 | 4.2 Medium | ||
| The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled. | ||||
| CVE-2026-11880 | 2026-07-06 | 3.1 Low | ||
| The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing authenticated users with a low-privilege account to cancel subscriptions belonging to other users. | ||||
| CVE-2026-24250 | 1 Nvidia | 1 Megatron-bridge | 2026-07-06 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24264 | 1 Nvidia | 1 Triton Inference Server | 2026-07-06 | 7.5 High |
| NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highly compressed data. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-24270 | 2026-07-06 | 9.8 Critical | ||
| NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2026-57984 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57985 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.6 High |
| Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57988 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.1 High |
| Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57992 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58522 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 6.8 Medium |
| Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-57981 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 8.8 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57986 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57991 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.4 High |
| Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58276 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-13769 | 2026-07-06 | 5.5 Medium | ||
| Overly permissive file permissions in AWS CLI before 1.44.78 (v1) and 2.34.29 (v2) on Unix-like systems where the umask has not been configured to restrict file permissions (the default on most systems) may allow other local users on the same host to read credentials written by certain CLI subcommands (aws codeartifact login, aws iam create-virtual-mfa-device, aws deploy register). To remediate this issue, users should upgrade to AWS CLI 1.44.78 (v1) or 2.34.29 (v2) or later. | ||||
| CVE-2026-14410 | 1 Google | 1 Chrome | 2026-07-06 | 4.3 Medium |
| Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14415 | 1 Google | 1 Chrome | 2026-07-06 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14381 | 1 Google | 1 Chrome | 2026-07-06 | 4.3 Medium |
| Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14396 | 1 Google | 1 Chrome | 2026-07-06 | 6.5 Medium |
| Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||