Export limit exceeded: 85390 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (85390 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-57520 1 Bitwarden 1 Server 2026-06-30 7.1 High
Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by exploiting a missing role hierarchy check in the bulk user-remove endpoint. Attackers can supply Admin organization-user IDs in a bulk DELETE request to bypass the guard enforced on the single-user removal path, effectively removing one or more Admin accounts from an organization.
CVE-2026-56768 1 Haiwen 1 Seahub 2026-06-30 8.8 High
Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link token can call the GET endpoint to obtain a fileserver zip token and download entire shared directory trees.
CVE-2025-57283 1 Browserstack 1 Browserstack-local 2026-06-30 7.8 High
The Node.js package browserstack-local 1.5.8 contains a command injection vulnerability. This occurs because the logfile variable is not properly sanitized in lib/Local.js.
CVE-2026-44209 1 Masci 1 Banks 2026-06-30 7.5 High
Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt() are vulnerable to Server-Side Template Injection (SSTI), which can lead to Remote Code Execution (RCE) on the host system. This vulnerability is fixed in 2.4.2.
CVE-2025-67030 1 Codehaus-plexus 1 Plexus-utils 2026-06-30 8.8 High
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
CVE-2026-0719 1 Redhat 9 Enterprise Linux, Enterprise Linux Eus, Openshift Devspaces and 6 more 2026-06-30 8.6 High
A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.
CVE-2026-24747 2 Linuxfoundation, Pytorch 2 Pytorch, Pytorch 2026-06-30 8.8 High
PyTorch is a Python package that provides tensor computation. Prior to version 2.10.0, a vulnerability in PyTorch's `weights_only` unpickler allows an attacker to craft a malicious checkpoint file (`.pth`) that, when loaded with `torch.load(..., weights_only=True)`, can corrupt memory and potentially lead to arbitrary code execution. Version 2.10.0 fixes the issue.
CVE-2026-24031 2 Dovecot, Open-xchange 3 Dovecot, Dovecot, Ox Dovecot Pro 2026-06-30 7.7 High
Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_username_chars. If this is not possible, install latest fixed version. No publicly available exploits are known.
CVE-2025-48431 1 Apache 1 Thrift 2026-06-30 7.5 High
Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal "free(): invalid pointer" error message.
CVE-2025-61662 2 Gnu, Redhat 10 Grub2, Enterprise Linux, Enterprise Linux Eus and 7 more 2026-06-30 7.8 High
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit this condition by invoking the orphaned command, causing the application to access a memory location that is no longer valid. An attacker could exploit this vulnerability to cause grub to crash, leading to a Denial of Service. Possible data integrity or confidentiality compromise is not discarded.
CVE-2025-46397 2 Fig2dev Project, Redhat 3 Fig2dev, Enterprise Linux, Rhel Eus 2026-06-30 7.8 High
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVE-2026-43715 1 Apple 3 Ios And Ipados, Macos, Safari 2026-06-30 8.8 High
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-5222 2 Redhat, Unicode 5 Enterprise Linux, Openshift, Rhel E4s and 2 more 2026-06-30 7 High
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
CVE-2025-23368 1 Redhat 11 Build Keycloak, Data Grid, Integration and 8 more 2026-06-30 8.1 High
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
CVE-2025-9784 1 Redhat 17 Apache Camel Hawtio, Apache Camel Spring Boot, Build Of Apache Camel For Spring Boot and 14 more 2026-06-30 7.5 High
A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS).
CVE-2026-4775 3 Debian, Libtiff, Redhat 13 Debian Linux, Libtiff, Ai Inference Server and 10 more 2026-06-30 7.8 High
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.
CVE-2026-43725 1 Apple 3 Ios And Ipados, Macos, Safari 2026-06-30 7.1 High
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.
CVE-2026-42013 2 Gnu, Redhat 14 Gnutls, Discovery, Enterprise Linux and 11 more 2026-06-30 8.2 High
A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.
CVE-2026-42012 2 Gnu, Redhat 14 Gnutls, Discovery, Enterprise Linux and 11 more 2026-06-30 7.1 High
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.
CVE-2026-42011 1 Redhat 13 Discovery, Enterprise Linux, Enterprise Linux Eus and 10 more 2026-06-30 7.4 High
A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.