Export limit exceeded: 364661 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46099 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-29207 1 Apache 1 Ofbiz 2026-05-19 6.5 Medium
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. Please note that in the updated version, "Data Resource" records with dataTemplateTypeId = "FTL" are no longer supported. Additionally, in the updated version, the "Ecommerce Customer" security group no longer includes content management grants. Users are advised to remove these permissions from any production site as well.
CVE-2026-8391 1 Mozilla 1 Firefox 2026-05-19 5.3 Medium
Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
CVE-2026-8946 1 Mozilla 2 Firefox, Thunderbird 2026-05-19 7.5 High
Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVE-2024-30103 1 Microsoft 7 365 Apps, Office, Office 2019 and 4 more 2026-05-19 8.8 High
Microsoft Outlook Remote Code Execution Vulnerability
CVE-2025-21338 1 Microsoft 29 Office, Office Long Term Servicing Channel, Office Macos and 26 more 2026-05-19 7.8 High
GDI+ Remote Code Execution Vulnerability
CVE-2023-33158 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7.8 High
Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33162 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2026-05-19 5.5 Medium
Microsoft Excel Information Disclosure Vulnerability
CVE-2023-33152 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2026-05-19 7 High
Microsoft ActiveX Remote Code Execution Vulnerability
CVE-2026-40360 1 Microsoft 11 365 Apps, Excel, Excel 2016 and 8 more 2026-05-19 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-40364 1 Microsoft 10 365 Apps, Office, Office 2019 and 7 more 2026-05-19 8.4 High
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2026-8510 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 7.5 High
Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8566 1 Google 2 Android, Chrome 2026-05-19 4.3 Medium
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8519 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.8 High
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8525 2 Apple, Google 2 Macos, Chrome 2026-05-19 8.3 High
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8546 3 Apple, Google, Microsoft 3 Macos, Chrome, Windows 2026-05-19 5.3 Medium
Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8543 2 Apple, Google 2 Macos, Chrome 2026-05-19 5.3 Medium
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8531 2 Google, Microsoft 2 Chrome, Windows 2026-05-19 8.8 High
Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8534 2 Google, Linux 3 Chrome, Chrome Os, Linux Kernel 2026-05-19 8.3 High
Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8535 2 Google, Linux 3 Chrome, Chrome Os, Linux Kernel 2026-05-19 5.3 Medium
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)
CVE-2026-8536 2 Apple, Google 2 Macos, Chrome 2026-05-19 3.1 Low
Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. (Chromium security severity: High)