Export limit exceeded: 363775 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363775 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-13199 | 2026-07-07 | 4 Medium | ||
| EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the quality of random numbers or delay booting while sufficient entropy is accumulated from other sources. | ||||
| CVE-2026-44941 | 1 Suse | 1 Libzypp | 2026-07-07 | 8.4 High |
| A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root. | ||||
| CVE-2026-21368 | 1 Qualcomm | 1 Snapdragon | 2026-07-07 | 5.3 Medium |
| Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks. | ||||
| CVE-2026-21369 | 2026-07-07 | 5.3 Medium | ||
| Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification. | ||||
| CVE-2026-21370 | 1 Qualcomm | 1 Snapdragon | 2026-07-07 | 5.3 Medium |
| Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values. | ||||
| CVE-2026-29049 | 2 Chainguard, Chainguard-dev | 2 Melange, Melange | 2026-07-07 | 4.3 Medium |
| melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout (pkg/renovate/cache/cache.go). An attacker-controlled URI in a melange config can cause unbounded disk writes, exhausting disk on the build runne. Version 0.43.4 contains a patch. | ||||
| CVE-2026-21384 | 2026-07-07 | 5.3 Medium | ||
| Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits. | ||||
| CVE-2026-48316 | 1 Adobe | 1 Coldfusion | 2026-07-07 | 10 Critical |
| ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed. | ||||
| CVE-2023-45815 | 1 Archivebox | 1 Archivebox | 2026-07-07 | 6.4 Medium |
| ArchiveBox is an open source self-hosted web archiving system. Any users who are using the `wget` extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to target your ArchiveBox instance. Malicious Javascript could potentially act using your logged-in admin credentials and add/remove/modify snapshots, add/remove/modify ArchiveBox users, and generally do anything an admin user could do. The impact is less severe for non-logged-in users, as malicious Javascript cannot *modify* any archives, but it can still *read* all the other archived content by fetching the snapshot index and iterating through it. Because all of ArchiveBox's archived content is served from the same host and port as the admin panel, when archived pages are viewed the JS executes in the same context as all the other archived pages (and the admin panel), defeating most of the browser's usual CORS/CSRF security protections and leading to this issue. Version 0.9.0 contains a patch. As a mitigation for this issue would be to disable the wget extractor by setting `archivebox config --set SAVE_WGET=False`, ensure you are always logged out, or serve only a [static HTML version](https://github.com/ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#2-export-and-host-it-as-static-html) of your archive. | ||||
| CVE-2026-12166 | 1 Little Orbit | 1 Gamefirst Anti-cheat | 2026-07-07 | 5.5 Medium |
| A NULL pointer dereference vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash. | ||||
| CVE-2026-12168 | 1 Little Orbit | 1 Gamefirst Anti-cheat | 2026-07-07 | 7.8 High |
| An improper validation vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port. | ||||
| CVE-2026-54403 | 2026-07-07 | 8.6 High | ||
| A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances. | ||||
| CVE-2026-54408 | 2026-07-07 | 8.6 High | ||
| A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming. | ||||
| CVE-2026-54406 | 1 Ubiquiti | 1 Unifi Network Application | 2026-07-07 | 8.7 High |
| A malicious actor with access to the network and high privileges could exploit a Path Traversal vulnerability found in self-hosted instances of UniFi Network Application to escalate write permission on the host device. | ||||
| CVE-2026-54400 | 2026-07-07 | 9.1 Critical | ||
| A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device. | ||||
| CVE-2026-34171 | 1 Coollabsio | 1 Coolify | 2026-07-07 | 8 High |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GET /invitations/{uuid} endpoint can perform a state-changing password reset using an attacker-known invitation UUID, allowing an attacker who can cause a victim to visit the crafted invitation URL to reset the victim account password to a predictable value. This issue is fixed in version 4.0.0-beta.471. | ||||
| CVE-2026-34034 | 1 Coollabsio | 1 Coolify | 2026-07-07 | 8.8 High |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the sentinel_token setting is used in shell commands without sufficient validation, allowing an authenticated user with access to server Sentinel settings to inject shell syntax and execute commands on the host when Sentinel is restarted. This issue is fixed in version 4.0.0-beta.466. | ||||
| CVE-2026-58593 | 1 Nodebb | 1 Nodebb | 2026-07-07 | 7.5 High |
| NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled. | ||||
| CVE-2026-42200 | 1 Coollabsio | 1 Coolify | 2026-07-07 | 8.8 High |
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL initialization script (generate_init_scripts() method in app/Actions/Database/StartPostgresql.php) filename handling did not sufficiently restrict paths, allowing an authenticated user to write files outside the intended directory and achieve command execution through database initialization. This issue is fixed in version 4.0.0-beta.474. | ||||
| CVE-2026-43927 | 1 Fossbilling | 1 Fossbilling | 2026-07-07 | N/A |
| FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request completes the usage increment, a client can obtain unlimited discounted or free orders from a single-use or limited-use promo code. Version 0.8.0 patches the issue. Some workarounds are available. Disable promo codes entirely until a patch is available or monitor the `promo` table for `used` values exceeding `maxuses` and manually review affected orders. | ||||