Export limit exceeded: 364200 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364200 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-13885 1 Google 1 Chrome 2026-07-12 8.8 High
Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13887 1 Google 1 Chrome 2026-07-12 6.5 Medium
Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13922 1 Google 1 Chrome 2026-07-12 6.5 Medium
Side-channel information leakage in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13937 1 Google 1 Chrome 2026-07-12 6.5 Medium
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13953 1 Google 1 Chrome 2026-07-12 6.5 Medium
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13960 1 Google 1 Chrome 2026-07-12 4.3 Medium
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13968 1 Google 1 Chrome 2026-07-12 7.5 High
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: Medium)
CVE-2026-14042 1 Google 1 Chrome 2026-07-12 4.3 Medium
Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14050 1 Google 1 Chrome 2026-07-12 6.5 Medium
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14060 1 Google 1 Chrome 2026-07-12 7.8 High
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Low)
CVE-2026-14079 1 Google 1 Chrome 2026-07-12 4.3 Medium
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14096 1 Google 1 Chrome 2026-07-12 6.5 Medium
Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14129 1 Google 1 Chrome 2026-07-12 4.2 Medium
Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14132 1 Google 1 Chrome 2026-07-12 4.3 Medium
Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-50043 1 Seiko-sol 2 Skybridge Mb-a100, Skybridge Mb-a110 2026-07-12 N/A
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product with an administrative privilege.
CVE-2026-15491 1 Rafymrx 1 Toko-online-roti 2026-07-12 7.3 High
A weakness has been identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. This affects an unknown part. This manipulation causes missing authentication. The attack is possible to be carried out remotely. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-24266 1 Nvidia 1 Triton Inference Server 2026-07-12 5.9 Medium
NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A successful exploit of this vulnerability might lead to denial of service.
CVE-2026-24270 2026-07-12 9.8 Critical
NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2026-15489 1 Rafymrx 1 Toko-online-roti 2026-07-12 7.3 High
A vulnerability was identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this vulnerability is an unknown functionality of the file proses/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-56842 1 Ubiquiti 1 Unifi Network Application 2026-07-12 7.5 High
A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed.