Export limit exceeded: 363662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363662 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363662 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-51947 | 1 Pivotal | 1 Crm | 2026-07-06 | 9.8 Critical |
| An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253. | ||||
| CVE-2026-36909 | 2026-07-06 | 6.2 Medium | ||
| A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | ||||
| CVE-2026-26145 | 1 Microsoft | 1 Azure Synapse | 2026-07-06 | 4.8 Medium |
| Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-45499 | 1 Microsoft | 2 Azure Open-ai, Azure Open-ai | 2026-07-06 | 9.9 Critical |
| Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-58292 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58289 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 9 Critical |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57983 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 8.7 High |
| Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-57975 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-15668 | 1 Gpac | 1 Gpac | 2026-07-06 | 3.3 Low |
| A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is f29f955f2a3b5e8e507caad3e52319f961bf37bf. It is advisable to implement a patch to correct this issue. | ||||
| CVE-2026-11570 | 2026-07-06 | 4.2 Medium | ||
| The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled. | ||||
| CVE-2026-24270 | 2026-07-06 | 9.8 Critical | ||
| NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2026-57984 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57985 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.6 High |
| Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57988 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.1 High |
| Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57992 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58522 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 6.8 Medium |
| Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-57981 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 8.8 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57986 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-57991 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.4 High |
| Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58276 | 1 Microsoft | 1 Edge Chromium | 2026-07-06 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||