Export limit exceeded: 366035 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366035 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14047 | 1 Google | 1 Chrome | 2026-07-15 | 4.3 Medium |
| Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. (Chromium security severity: Low) | ||||
| CVE-2026-52887 | 1 Nocobase | 1 Nocobase | 2026-07-15 | 10 Critical |
| NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestMsgReceiveTimestamp][$lt] value was inserted into a Sequelize.literal() template string without escaping or parameter binding, allowing a signed-up authenticated user to run stacked PostgreSQL statements and potentially execute commands with COPY ... TO PROGRAM. This vulnerability is fixed in 2.0.61. | ||||
| CVE-2026-42533 | 1 F5 | 2 Nginx Open Source, Nginx Plus | 2026-07-15 | 8.1 High |
| A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Impact: This vulnerability may allow remote attackers to cause a denial-of-service (DoS) on the NGINX system or to possibly trigger a code execution. There is no control plane exposure; this is a data plane issue only. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2026-47429 | 2 Redhat, Vitest.dev | 2 Hummingbird, Vitest | 2026-07-15 | 9.8 Critical |
| Vitest is a testing framework powered by Vite. Prior to 3.2.5 and 4.1.0, the Vitest UI/API server on Windows used isFileServingAllowed incorrectly for /__vitest_attachment__, allowing \\?\\..\\ path traversal to read files outside the project; exposed API write and rerun features such as saveTestFile and rerun could also allow arbitrary script execution. This issue is fixed in versions 3.2.5 and 4.1.0. | ||||
| CVE-2026-57821 | 1 Apache | 1 Fineract | 2026-07-15 | 8.1 High |
| A SQL Injection vulnerability exists in Apache Fineract's Office Search API (GET /api/v1/offices) in versions up to and including 1.14.0. The orderBy request parameter is concatenated into a SQL query without sufficient validation, allowing an authenticated user with permission to view offices to inject arbitrary SQL via a crafted orderBy value. This is a bypass of the ColumnValidator fix introduced for CVE-2024-32838, which does not detect bare subqueries in the ORDER BY position. This can be leveraged to perform time-based blind SQL injection for data exfiltration. Because the injected query blocks the database connection for its full duration, concurrent exploitation can exhaust the application's database connection pool, resulting in denial of service for other users. Users are recommended to upgrade to a version containing the fix. | ||||
| CVE-2026-56375 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 3.3 Low |
| ImageMagick through 7.1.2-18 contains a memory leak vulnerability in the ASHLAR coder when an action fails. Attackers can trigger failed actions to exhaust memory resources and cause denial of service. | ||||
| CVE-2026-61464 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 1.8 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains a heap-based buffer over-write vulnerability that occurs when running an X11 import with a crafted window title, which can result in heap memory corruption and denial of service. | ||||
| CVE-2026-61860 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 3.7 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains a use-after-free vulnerability that occurs when freetype initialization fails: the method does not exit and continues to use memory that was already freed. This can be triggered during image processing and may lead to a denial of service. | ||||
| CVE-2026-61864 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 2.9 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in color transformation to the log colorspace: when the operation fails, a small amount of memory is not released. | ||||
| CVE-2026-61865 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 2.9 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the hough lines operation: when a specific operation fails, a small memory leak occurs. | ||||
| CVE-2026-61643 | 1 Labring | 1 Fastgpt | 2026-07-15 | 5.9 Medium |
| FastGPT is a knowledge-based AI application platform. From 4.14.17 until 4.15.0-beta5, an authenticated FastGPT user can save a workflow node that points to another user's private HTTP toolset by using a crafted saved tool id such as http-<victim_toolset_app_id>/<tool_name>. The normal toolset routes deny access, but the workflow save and runtime path did not apply the same authorization check to the referenced toolset, allowing /api/v2/chat/completions to resolve the saved reference and execute the victim-owned HTTP tool. This issue is fixed in version 4.15.0-beta5. | ||||
| CVE-2026-61443 | 2 Mervinpraison, Praison | 2 Praisonai, Praisonai | 2026-07-15 | 8.1 High |
| PraisonAI before 1.6.78 contains a remote code execution vulnerability in SkillTools.run_skill_script() that executes scripts without path containment validation. Attackers can supply absolute file paths to execute arbitrary scripts from any filesystem location, including those outside the intended working directory. | ||||
| CVE-2026-61457 | 1 Getgrav | 1 Grav | 2026-07-15 | 8.8 High |
| The Grav API plugin (getgrav/grav-plugin-api) before 1.0.3 contains a file upload extension bypass in the API media controller. HandlesMediaUploads::validateFileExtension() inspects only the final file extension via pathinfo($filename, PATHINFO_EXTENSION), so a user with api.media.write permission can upload a file with a double extension such as shell.php.jpg to bypass the dangerous extensions blocklist. The web server may then execute the file as PHP, resulting in remote code execution. | ||||
| CVE-2026-61867 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 2.9 Low |
| ImageMagick before 7.1.2-26 contains a memory leak vulnerability in the TIFF encoder when memory allocation fails. Attackers can trigger allocation failures during TIFF image processing to cause memory exhaustion and denial of service. | ||||
| CVE-2026-61871 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 3.7 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains a memory leak in the ICON decoder that occurs when a memory allocation fails. Processing a crafted ICON file that triggers an allocation failure leaks memory, which may lead to a denial of service. | ||||
| CVE-2025-32781 | 1 Apolloconfig | 1 Apollo | 2026-07-15 | 6.5 Medium |
| Apollo is a reliable configuration management system suitable for microservice configuration management scenarios. Prior to 2.5.0, Apollo Portal does not verify application and namespace permissions when an authenticated user requests a release by ID through GET /envs/{env}/releases/{releaseId} while configView.memberOnly.envs is enabled, allowing a low-privileged Portal user who obtains or guesses a valid releaseId to read configuration data from other applications and namespaces without calling UserPermissionValidator.shouldHideConfigToCurrentUser(...). This issue is fixed in version 2.5.0. | ||||
| CVE-2026-1562 | 1 Pegasystems | 1 Pega Infinity | 2026-07-15 | N/A |
| Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting (XSS) vulnerability in a user interface component. Requires a high privileged user with a developer role. | ||||
| CVE-2026-50684 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more | 2026-07-15 | 4.8 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Active Directory Federation Services (AD FS) allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2026-50649 | 1 Microsoft | 2 .net, Visual Studio 2026 | 2026-07-15 | 7.8 High |
| Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-47304 | 1 Microsoft | 3 .net, Visual Studio 2022, Visual Studio 2026 | 2026-07-15 | 8.1 High |
| Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||