Export limit exceeded: 45937 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45937 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-53861 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 6.6 Medium |
| OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSIX inline-command flags. Attackers can execute shell content outside the intended allowlist check by using combined flag forms, potentially allowing unauthorized command execution depending on operator configuration. | ||||
| CVE-2026-53855 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 8.1 High |
| OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content. | ||||
| CVE-2026-7273 | 1 Zyxel | 10 Gs1900-10hp Firmware, Gs1900-16 Firmware, Gs1900-24 Firmware and 7 more | 2026-06-18 | 8.8 High |
| A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request. | ||||
| CVE-2025-55645 | 1 Gpac | 2 Gpac, Mp4box | 2026-06-18 | 5.5 Medium |
| A heap buffer overflow in the gf_cenc_set_pssh function (isomedia/drm_sample.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-24131 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-06-18 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3. An attacker on the local network may be able to cause a denial-of-service. | ||||
| CVE-2025-31201 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-18 | 9.8 Critical |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4.1 and iPadOS 18.4.1, macOS Sequoia 15.4.1, tvOS 18.4.1, visionOS 2.4.1. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. | ||||
| CVE-2025-55661 | 1 Gpac | 1 Mp4box | 2026-06-18 | 5.5 Medium |
| A heap buffer overflow in the Opus audio stream parser component of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2026-8357 | 1 The Document Foundation | 1 Libreoffice | 2026-06-18 | 7.8 High |
| LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element past its end. In fixed versions the array is sized to hold the largest possible nesting. | ||||
| CVE-2026-0130 | 1 Google | 1 Android | 2026-06-18 | 3.5 Low |
| In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2026-46448 | 1 Openstack | 1 Nova | 2026-06-17 | 5.4 Medium |
| In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation. | ||||
| CVE-2026-10828 | 1 Moxa | 2 Nport W2150a-w4 W2250a-w4 Series, Nport W2150a W2250a Series | 2026-06-17 | N/A |
| A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and prior. This vulnerability stems from insufficient input validation and improper handling of externally supplied format strings. An attacker could exploit this vulnerability by sending crafted input to the web service, causing unintended memory disclosure. Successful exploitation may allow an attacker to leak sensitive memory contents and determine critical memory addresses, potentially bypassing Address Space Layout Randomization (ASLR) protections. | ||||
| CVE-2026-12303 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-06-17 | 4.3 Medium |
| Information disclosure due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | ||||
| CVE-2026-12318 | 1 Mozilla | 1 Firefox | 2026-06-17 | 7.3 High |
| Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | ||||
| CVE-2026-12325 | 1 Mozilla | 1 Firefox | 2026-06-17 | 6.5 Medium |
| Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. | ||||
| CVE-2026-0127 | 1 Google | 1 Android | 2026-06-17 | 6.5 Medium |
| In NrmmMsgCodec::DecodeUPUTransparentContext of cn_NrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0144 | 1 Google | 1 Android | 2026-06-17 | 6.5 Medium |
| In writeAocCommand of AocAudioCodec.cpp, there is a possible memory safety issue due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0165 | 1 Google | 1 Android | 2026-06-17 | 5.7 Medium |
| In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2026-5265 | 1 Redhat | 2 Enterprise Linux, Fast Datapath | 2026-06-17 | 6.5 Medium |
| When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length (ip_tot_len for IPv4, ip6_plen for IPv6) without validating it against the actual packet buffer size. A VM can send a short packet with an inflated IP length field that triggers an ICMP error (e.g., by hitting a reject ACL), causing ovn-controller to read heap memory beyond the valid packet data and include it in the ICMP response sent back to the VM. | ||||
| CVE-2026-12323 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-06-17 | 5.4 Medium |
| Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | ||||
| CVE-2026-12324 | 1 Mozilla | 1 Firefox | 2026-06-17 | 7.3 High |
| Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | ||||