Export limit exceeded: 45980 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28940 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-05-13 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory. | ||||
| CVE-2026-28952 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-05-13 | 7.5 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination. | ||||
| CVE-2026-28956 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 6.5 Medium |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2026-28991 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 7.5 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service. | ||||
| CVE-2026-43655 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-05-13 | 7.3 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2026-40364 | 1 Microsoft | 7 365 Apps, Office 2019, Office 2021 and 4 more | 2026-05-13 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-40363 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-05-13 | 8.4 High |
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-35433 | 1 Microsoft | 1 .net | 2026-05-13 | 7.3 High |
| Improper input validation in .NET allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-28819 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-05-13 | 5.4 Medium |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2026-28918 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 6.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination. | ||||
| CVE-2026-28846 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 7.5 High |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected app termination. | ||||
| CVE-2026-40360 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-05-13 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2022-4988 | 1 Kmx | 1 Alien::freeimage | 2026-05-13 | 7.3 High |
| Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have known vulnerabilities. | ||||
| CVE-2026-5172 | 1 Dnsmasq | 1 Dnsmasq | 2026-05-13 | 7.3 High |
| A buffer overflow in dnsmasq’s extract_addresses() function allows an attacker to trigger a heap out-of-bounds read and crash by exploiting a malformed DNS response, enabling extract_name() to advance the pointer past the record’s end. | ||||
| CVE-2026-2291 | 1 Dnsmasq | 1 Dnsmasq | 2026-05-13 | 7.3 High |
| dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. | ||||
| CVE-2026-41901 | 1 Thymeleaf | 1 Thymeleaf | 2026-05-13 | 9 Critical |
| Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous expressions in some specific sandboxed (restricted) contexts, it fails to properly neutralize specific constructs that allow this kind of expressions to be executed. If an application developer passes to the template engine unsanitized variables that contain such expressions, and these values are used in sandboxed contexts inside the templates, these expressions can be executed achieving Server-Side Template Injection (SSTI). This vulnerability is fixed in 3.1.5.RELEASE. | ||||
| CVE-2026-29972 | 1 Debevv | 1 Nanomodbus | 2026-05-13 | 8.2 High |
| nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recv_read_registers_res() in nanomodbus.c. When a client calls nmbs_read_holding_registers() or nmbs_read_input_registers(), the library writes register data from the server response to the caller-provided buffer based on the response's byte_count field before validating that byte_count matches the requested quantity. A malicious Modbus TCP server can send a response with byte_count=250 (125 registers) regardless of the requested quantity, causing up to 248 bytes of attacker-controlled data to overflow the buffer, potentially allowing remote code execution. | ||||
| CVE-2026-32661 | 1 Canon Marketing Japan | 2 Guardianwall Mail Security Cloud (saas Version), Guardianwall Mailsuite (on-premises Version) | 2026-05-13 | N/A |
| Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud (SaaS version). If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd with grdnwww user privilege. | ||||
| CVE-2026-7428 | 1 Google Cloud | 1 Alloydb For Postgresql | 2026-05-13 | N/A |
| Prior to 2025-11-03, well-intended users of Terraform or REST API for Google Cloud AlloyDB for PostgreSQL could have created clusters with an insecure default password which could have been exploited by a remote attacker to gain full administrative access to the database. Exploitation required network access to the AlloyDB cluster and was limited to Terraform or the REST API, as other clients blocked it. | ||||
| CVE-2026-43938 | 1 Yafnet | 1 Yafnet | 2026-05-13 | 8.1 High |
| YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger (YAFNET.Core/Logger/DbLogger.cs) captures the incoming request's User-Agent header into a JObject, serializes it with JsonConvert, and stores the result in the EventLog.Description column whenever an event (e.g., an unhandled exception) is logged. The admin event-log page (YetAnotherForum.NET/Pages/Admin/EventLog.cshtml.cs) later deserializes that JSON in FormatStackTrace() and interpolates the UserAgent value directly into an HTML string with no encoding, and the Razor view EventLog.cshtml emits the result through @Html.Raw. This vulnerability is fixed in 4.0.5 and 3.2.12. | ||||