Export limit exceeded: 365964 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365964 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-15697 | 1 Svgdotjs | 1 Svg.js | 2026-07-16 | 6.3 Medium |
| A vulnerability was found in svgdotjs svg.js up to 3.2.5. This affects the function EventTarget.on of the file svgdotjs/svg.js of the component npm Package API. Performing a manipulation results in improperly controlled modification of object prototype attributes. The attack may be initiated remotely. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-59203 | 1 Python-pillow | 1 Pillow | 2026-07-16 | 5.3 Medium |
| Pillow is a Python imaging library. From 12.0.0 through 12.2.0, Pillow's EPS parser in PIL/EpsImagePlugin.py accepts a negative byte count in the %%BeginBinary directive, allowing a crafted EPS file to cause Image.open() to seek backwards to the same directive and parse it repeatedly in an infinite loop. This issue is fixed in version 12.3.0. | ||||
| CVE-2026-62642 | 1 Roundcube | 1 Webmail | 2026-07-16 | 4.3 Medium |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, an infinite loop was discovered in the TNEF decoder, which may lead to denial of service upon opening an email with a TNEF attachment. | ||||
| CVE-2026-62643 | 1 Roundcube | 1 Webmail | 2026-07-16 | 7.2 High |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. NOTE: this issue exists because of insufficient fixes for CVE-2026-35540 and CVE-2026-48843. | ||||
| CVE-2026-59198 | 1 Python-pillow | 1 Pillow | 2026-07-16 | 6.5 Medium |
| Pillow is a Python imaging library. From 5.2.0 until 12.3.0, Pillow's TGA RLE encoder reads past its packed row buffer when saving a mode 1 image with TGA RLE compression, allowing adjacent process heap bytes to be copied into the generated TGA file. This issue is fixed in version 12.3.0. | ||||
| CVE-2026-54433 | 1 Roundcube | 1 Webmail | 2026-07-16 | 7.2 High |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, there is Stored Cross-Site Scripting (XSS) via a crafted plain-text email message. The attacker-controlled JavaScript executes within the victim's authenticated session simply by opening or previewing the message (zero-click). | ||||
| CVE-2026-59197 | 1 Python-pillow | 1 Pillow | 2026-07-16 | 8.2 High |
| Pillow is a Python imaging library. Prior to 12.3.0, Pillow's public rank-filter API can trigger a native heap out-of-bounds write when given a very large odd filter size because ImageFilter.RankFilter.filter() calls image.expand(size // 2, size // 2) before rank-filter size validation and ImagingExpand() computes output dimensions with unchecked signed int arithmetic. This issue is fixed in version 12.3.0. | ||||
| CVE-2026-14645 | 1 Sonatype | 1 Nexus Repository Manager | 2026-07-16 | N/A |
| Nexus Repository 3 does not validate the destination of the "Webhook: Global" capability's configured URL before making an outbound HTTP request, allowing a user holding the Capability Administration permission to cause the server to send requests to internal network locations (Server-Side Request Forgery). This permission is granted by role assignment, independent of authentication status, so an unauthenticated user could also trigger this behavior if the anonymous role has been granted the permission. | ||||
| CVE-2026-59884 | 1 Pyasn1 | 1 Pyasn1 | 2026-07-16 | 7.5 High |
| pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.4, the BER decoder shared by the CER and DER codecs parses long-form tags by accumulating continuation octets without an upper bound on the tag ID size, allowing a crafted input to force construction of an arbitrarily large integer with CPU cost growing quadratically and to trigger unhandled ValueError exceptions in Python 3.11+ error formatting paths. Any application decoding untrusted BER, CER, or DER input is affected. This issue is fixed in version 0.6.4. | ||||
| CVE-2026-14646 | 1 Sonatype | 1 Nexus Repository Manager | 2026-07-16 | N/A |
| Nexus Repository 3 did not apply its existing Server-Side Request Forgery (SSRF) protections to HTTP redirect targets returned by proxy repository upstream servers. Any user with read access to a proxy repository backed by an attacker-controlled or compromised upstream server — including an anonymous user, if anonymous access is enabled — could receive a response from an internal network address or cloud metadata endpoint as repository content, potentially exposing sensitive information such as cloud IAM credentials. | ||||
| CVE-2026-55053 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-55039 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-61440 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-07-16 | 6.5 Medium |
| PraisonAI Platform before 0.1.9 fails to properly authorize label and issue-label mutations, allowing workspace members to rename and recolor shared labels and add or remove labels on owner-created issues. Attackers with workspace member privileges can exploit PATCH and POST/DELETE endpoints to alter shared label taxonomy and manipulate issue-label associations without owner or admin authorization. | ||||
| CVE-2026-15809 | 1 Redhat | 2 Confidential Compute Attestation, Openshift | 2026-07-16 | 7.8 High |
| A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable. | ||||
| CVE-2026-50675 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-54988 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-16 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55124 | 1 Microsoft | 11 365 Apps, Office 2019, Office 2021 and 8 more | 2026-07-16 | 5.5 Medium |
| Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-55051 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-07-16 | 6.5 Medium |
| Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-55138 | 1 Microsoft | 10 365 Apps, Excel 2016, Microsoft Office 365 For Mac and 7 more | 2026-07-16 | 5.5 Medium |
| Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-54124 | 1 Microsoft | 8 Terminal, Windows 10 21h2, Windows 10 22h2 and 5 more | 2026-07-16 | 7.8 High |
| Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code locally. | ||||