Export limit exceeded: 356918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21032 | 1 Samsung Mobile | 1 Samsung Assistant | 2026-06-07 | N/A |
| Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. | ||||
| CVE-2026-21033 | 1 Samsung Mobile | 1 Samsung Assistant | 2026-06-07 | N/A |
| Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. | ||||
| CVE-2026-21034 | 1 Samsung Mobile | 1 Samsung Auto | 2026-06-07 | N/A |
| Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration. | ||||
| CVE-2026-21035 | 1 Samsung Mobile | 1 Samsung Plus Tv | 2026-06-07 | N/A |
| Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information. | ||||
| CVE-2026-21036 | 1 Samsung Mobile | 1 Samsung Internet | 2026-06-07 | N/A |
| Improper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to access sensitive information. | ||||
| CVE-2026-21037 | 1 Samsung Mobile | 1 Samsung Members | 2026-06-07 | N/A |
| Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege. | ||||
| CVE-2026-21038 | 1 Samsung Mobile | 1 Android Usb Driver For Windows | 2026-06-07 | N/A |
| Improper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory. | ||||
| CVE-2026-50259 | 3 Redhat, X.org, Xorg | 3 Enterprise Linux, Xorg-server, Xwayland | 2026-06-07 | 7.8 High |
| A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50260 | 2 Redhat, X.org | 2 Enterprise Linux, Xorg-server | 2026-06-07 | 7.8 High |
| A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50261 | 2 Redhat, X.org | 2 Enterprise Linux, Xorg-server | 2026-06-07 | 7.8 High |
| A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50264 | 2 Redhat, X.org | 2 Enterprise Linux, Xorg-server | 2026-06-07 | 7.8 High |
| An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50230 | 1 Lyrion | 1 Lyrion Music Server | 2026-06-07 | 6.1 Medium |
| Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML and JavaScript code through the search parameter. Attackers can craft malicious URLs with JavaScript payloads in the search parameter to execute code in users' browsers within the context of the affected application. | ||||
| CVE-2026-50234 | 1 Lyrion | 1 Lyrion Music Server | 2026-06-07 | 7.5 High |
| Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers can manipulate file path parameters to access sensitive files outside the intended directory structure. | ||||
| CVE-2026-50235 | 1 Lyrion | 1 Lyrion Music Server | 2026-06-07 | 6.1 Medium |
| Lyrion Music Server 9.2.0 contains a reflected cross-site scripting vulnerability in advanced search parameters that fail to properly sanitize user input before displaying it in search forms. Attackers can inject malicious scripts through unfiltered search parameters to execute arbitrary JavaScript in users' browsers and steal session information. | ||||
| CVE-2026-6207 | 1 Havelsan | 1 Geographic Tracking System | 2026-06-07 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2026-6208 | 1 Havelsan | 1 Geographic Tracking System | 2026-06-07 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2026-6209 | 1 Havelsan | 1 Geographic Tracking System | 2026-06-07 | N/A |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2026-9270 | 1 Binary | 1 Datadog::dogstatsd | 2026-06-07 | N/A |
| DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The send_stats method does not remove newlines from metric names ($stat variable), allowing attackers to change the metric name prefix. The send_stats method does not validate the content of the value ($delta variable), allowing attackers to inject metrics, especially from methods that do not restrict the data type for the value, such as set, gauge, count and histogram. The send_stats method does not validate the content of the tags, which may contain newlines, pipes and colons that allow metric injections. Note that the SYNOPSIS shows an example of passing a website form "loginName" parameter as a tag, which is unsafe. | ||||
| CVE-2026-11362 | 1 Binary | 1 Datadog::dogstatsd | 2026-06-07 | N/A |
| DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The format_event method (used by the event method) does not validate the content of the tags, which may contain commas (allowing tags to be injected) or newlines, pipes and colons that allow metric injections. (There is an ineffective s/|//g to remove pipes, but because the pipe is not escaped, it is interpreted as a regular expression metacharacter and has no effect.) | ||||
| CVE-2026-48104 | 1 Mcmilk | 1 7-zip | 2026-06-07 | 4.2 Medium |
| 7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain an uninitialized heap read in the SquashFS archive handler caused by a sparsely populated index array. In the SquashFS handler, _blockToNode is allocated with capacity for every metadata block but populated only when an inode crosses a block boundary, so a crafted image with few inodes spanning many blocks leaves most slots holding raw heap contents (the underlying allocator does not zero-initialize POD storage). When OpenDir looks up an attacker-influenced blockIndex (derived from the RootInode superblock field), it reads two of these uninitialized slots and passes them as the left/right bounds of a binary search over _nodesPos, which dereferences the midpoint without bounds checking; if the resulting value happens to match the search key, the returned index is used to read a full node struct from _nodes whose fields feed further directory parsing, forming a chained OOB read primitive that is heap-layout-dependent and not reliably triggerable. The SquashFS handler is enabled by default in stock 7z.dll and the issue triggers during Open() with no interaction beyond opening the file; impact is denial of service from wild-pointer dereference and potential heap information disclosure, with no write primitive. Version 26.01 fixes the issue. | ||||