Export limit exceeded: 355048 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 82361 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (82361 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0059 | 1 Google | 1 Android | 2026-06-02 | 8 High |
| In multiple functions of sdp_discovery.cc, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0096 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0097 | 1 Google | 1 Android | 2026-06-02 | 8 High |
| In multiple locations, there is a possible way to bypass user interaction when pairing an LE device due to a logic error. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0098 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0100 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-28580 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-59604 | 1 Qualcomm | 531 Ar8035, Ar8035 Firmware, Cologne and 528 more | 2026-06-02 | 7.8 High |
| Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer. | ||||
| CVE-2025-59605 | 1 Qualcomm | 281 Ar8035, Ar8035 Firmware, Csra6620 and 278 more | 2026-06-02 | 7.8 High |
| Memory Corruption when processing device identifier strings that exceed the expected maximum length. | ||||
| CVE-2025-59606 | 1 Qualcomm | 282 Cologne, Cologne Firmware, Cq7790 and 279 more | 2026-06-02 | 7.8 High |
| Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization. | ||||
| CVE-2026-0036 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0045 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0076 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-44660 | 2 Ultrajson, Ultrajson Project | 2 Ultrajson, Ultrajson | 2026-06-02 | 7.5 High |
| UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operation leaks the full size of the serialized payload. This vulnerability is fixed in 5.12.1. | ||||
| CVE-2026-39976 | 1 Laravel | 1 Passport | 2026-06-02 | 7.1 High |
| Laravel Passport provides OAuth2 server support to Laravel. From 13.0.0 to before 13.7.1, there is an Authentication Bypass for client_credentials tokens. the league/oauth2-server library sets the JWT sub claim to the client identifier (since there's no user). The token guard then passes this value to retrieveById() without validating it's actually a user identifier, potentially resolving an unrelated real user. Any machine-to-machine token can inadvertently authenticate as an actual user. This vulnerability is fixed in 13.7.1. | ||||
| CVE-2026-45136 | 1 Cnighswonger | 1 Claude-code-cache-fix | 2026-06-02 | 7.8 High |
| claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user's Claude Code process. This vulnerability is fixed in 3.5.2. | ||||
| CVE-2026-44709 | 1 Mcdope | 1 Pam Usb | 2026-06-02 | 7.8 High |
| pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly without any validation. Any process that can set environment variables before pamusb-pinentry is invoked can point PINENTRY_FALLBACK_APP at an arbitrary binary or script and have it executed with the privileges of the pam_usb tool chain. This vulnerability is fixed in 0.8.7. | ||||
| CVE-2026-35535 | 2 Siemens, Sudo Project | 3 Ruggedcom Rst2428p, Sinec Os, Sudo | 2026-06-02 | 7.4 High |
| In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation. | ||||
| CVE-2026-5463 | 2 Dan Mcinerney, Danmcinerney | 2 Pymetasploit3, Pymetasploit3 | 2026-06-02 | 8.6 High |
| Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended commands, potentially leading to arbitrary command execution and manipulation of Metasploit sessions. | ||||
| CVE-2026-48064 | 1 Mcdope | 1 Pam Usb | 2026-06-02 | 8.1 High |
| pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display managers such as gdm-password or lightdm to bypass process/TTY heuristics for local sessions), the PAM_RHOST check in pusb_do_auth() is also skipped. PAM_RHOST is set by remote daemons (sshd, XDMCP servers) to identify the remote client address. Because the check is gated inside if (opts.deny_remote), a genuine remote XDMCP connection reaches the USB device authentication step instead of being rejected. This vulnerability is fixed in 0.9.1. | ||||
| CVE-2022-4986 | 2 Beldan, Belden | 3 Eaglesdv, Eaglesdv Firmware, Hirschmann Eaglesdv | 2026-06-02 | 7.5 High |
| Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability. | ||||