Export limit exceeded: 363139 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363139 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24247 | 1 Nvidia | 1 Megatron-bridge | 2026-07-02 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24249 | 1 Nvidia | 1 Megatron-bridge | 2026-07-02 | 7.8 High |
| NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-24270 | 2026-07-02 | 9.8 Critical | ||
| NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2026-58652 | 2026-07-02 | 7.5 High | ||
| luci-app-travelmate (and the travelmate package) contain a privilege-escalation flaw: a LuCI/rpcd session holding the luci-app-travelmate write ACL is granted config-wide UCI write access to the travelmate configuration. While the LuCI UI restricts the auto-login script picker to /etc/travelmate/*.login, this is only a frontend restriction. The backend travelmate service (running as root) reads the raw UCI 'script' and 'script_args' values and executes the configured path when the captive-portal auto-login branch (f_check() in travelmate-functions.sh) is reached. An attacker with delegated write permissions can set script to /bin/sh and script_args to attacker-controlled arguments, resulting in arbitrary command execution as root. Confirmed in luci-app-travelmate/travelmate 2.4.5-r3; the sink is still present in travelmate 2.4.6-1 and no patched version is known. | ||||
| CVE-2026-58653 | 1 Praison | 1 Praisonai | 2026-07-02 | 4.3 Medium |
| PraisonAI before 0.1.7 fails to validate that project_id in issue create and update request bodies belongs to the URL workspace. An attacker can create issues referencing projects from other workspaces, causing cross-tenant data pollution in project statistics aggregation without workspace constraints. | ||||
| CVE-2026-4772 | 2026-07-02 | 5.4 Medium | ||
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117. | ||||
| CVE-2026-4770 | 2026-07-02 | 4.6 Medium | ||
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows DOM-Based XSS. This issue affects Web Application Firewall: from v1.0.42.239 before v1.4.0.117. | ||||
| CVE-2026-57737 | 2 Averta, Wordpress | 2 Shortcodes And Extra Features For Phlox Theme, Wordpress | 2026-07-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta LTD Shortcodes and extra features for Phlox theme allows DOM-Based XSS. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.16. | ||||
| CVE-2026-57359 | 2 Reviewx, Wordpress | 2 Reviewx, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in ReviewX <= 2.3.10 versions. | ||||
| CVE-2026-14449 | 2026-07-02 | N/A | ||
| u5CMS through v12.8.8 is vulnerable to reflected XSS via the ‘thanks’ parameter in multiple form components | ||||
| CVE-2026-55595 | 1 Imagemagick | 1 Imagemagick | 2026-07-02 | 4.7 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26. | ||||
| CVE-2026-54786 | 1 Bytecodealliance | 1 Wasmtime | 2026-07-02 | N/A |
| Wasmtime is a runtime for WebAssembly. All versions prior to 24.0.10; versions 25.0.0 through those before 36.0.11; versions 37.0.0 through those before 44.0.3; and versions 45.0.0 and 45.0.1 contain a native implementation of WASIp1 which suffers from a leak in the fd_renumber function where the file descriptor being renumbered to is not properly closed. Wasmtime's implementation erroneously only updated the table of descriptors for WASIp1 and didn't update the underlying table of descriptors used by the host. This behavior means that while fd_renumber works correctly from a guest's perspective it ends up leaking resources in the host that aren't cleaned up until the corresponding Store is destroyed. In a loop, guests can use fd_renumber to cause hosts to exhaust both resources and file descriptors. This bug only affects the native implementation of WASIp1, meaning that only runtimes which load core wasm modules and expose fd_renumber are affected. Runtimes are additionally only affected if they expose the ability to acquire a file descriptor, such as opening a file. For runtimes that deny access to files they are unaffected. This issue has been fixed in versions 24.0.10, 36.0.11, 44.0.3, and 45.0.2. | ||||
| CVE-2026-55660 | 2026-07-02 | N/A | ||
| Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler, the OAuth authentication popup handler, and the admin↔preview iframe GraphQL reducer — that act on event.data without verifying event.origin or event.source and post messages using non-specific target origins, while insufficient URL sanitization in rich-text content allows malicious URLs to persist and execute. A page the victim visits (or a window in an opener/iframe relationship with a Tina admin) can forge messages to drive the editor, inject preview content, or observe/forge the OAuth popup channel to take over an authenticated editing session. This issue has been fixed in versions @tinacms/app 2.5.6 and tinacms 3.9.3. | ||||
| CVE-2026-57621 | 2 Arraytics, Wordpress | 2 Booktics, Wordpress | 2026-07-02 | 9.8 Critical |
| Unauthenticated PHP Object Injection in Booktics <= 1.0.21 versions. | ||||
| CVE-2026-57670 | 2 Codepeople, Wordpress | 2 Google Maps Cp, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Google Maps CP <= 1.2.5 versions. | ||||
| CVE-2026-57671 | 2 Perfmatters, Wordpress | 2 Perfmatters, Wordpress | 2026-07-02 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.4 versions. | ||||
| CVE-2025-69152 | 2026-07-02 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding Photography WordPress <= 2.2.2 versions. | ||||
| CVE-2026-27425 | 2026-07-02 | 7.1 High | ||
| Unauthenticated Cross Site Scripting (XSS) in Automotive Listings <= 18.6 versions. | ||||
| CVE-2026-50284 | 2026-07-02 | N/A | ||
| Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22. | ||||
| CVE-2026-14427 | 1 Google | 1 Chrome | 2026-07-02 | 8.3 High |
| Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||