Export limit exceeded: 22717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3913 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-16 | 8.8 High |
| Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-3916 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-16 | 9.6 Critical |
| Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-3920 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-16 | 8.8 High |
| Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-3926 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-16 | 8.8 High |
| Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-3632 | 3 Gnome, Libsoup, Redhat | 3 Libsoup, Libsoup, Enterprise Linux | 2026-04-16 | 3.9 Low |
| A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure. | ||||
| CVE-2026-2092 | 1 Redhat | 1 Build Keycloak | 2026-04-16 | 7.7 High |
| A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language (SAML) broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. This allows the attacker to inject an encrypted assertion for an arbitrary principal, leading to unauthorized access and potential information disclosure. | ||||
| CVE-2026-20636 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-16 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20620 | 1 Apple | 1 Macos | 2026-04-16 | 7.7 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An attacker may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2026-20675 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-04-16 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted image may lead to disclosure of user information. | ||||
| CVE-2026-20609 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-04-16 | 4.4 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents. | ||||
| CVE-2004-0421 | 4 Libpng, Openpkg, Redhat and 1 more | 7 Libpng, Openpkg, Enterprise Linux and 4 more | 2026-04-16 | N/A |
| The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | ||||
| CVE-2002-0969 | 2 Microsoft, Oracle | 2 Windows, Mysql | 2026-04-16 | 7.8 High |
| Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | ||||
| CVE-2003-0358 | 3 Debian, Falconseye Project, Nethack | 3 Debian Linux, Falconseye, Nethack | 2026-04-16 | N/A |
| Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. | ||||
| CVE-1999-0945 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. | ||||
| CVE-2001-1323 | 2 Mit, Redhat | 2 Kerberos 5, Linux | 2026-04-16 | N/A |
| Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via base-64 encoded data, which is not properly handled when the radix_encode function processes file glob output from the ftpglob function. | ||||
| CVE-1999-0038 | 7 Bsdi, Data General, Debian and 4 more | 9 Bsd Os, Dg Ux, Debian Linux and 6 more | 2026-04-16 | 8.4 High |
| Buffer overflow in xlock program allows local users to execute commands as root. | ||||
| CVE-2003-1228 | 1 Mathopd | 1 Mathopd | 2026-04-16 | N/A |
| Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | ||||
| CVE-1999-0029 | 1 Sgi | 1 Irix | 2026-04-16 | 8.4 High |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. | ||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2026-04-16 | N/A |
| Buffer overflow of rlogin program using TERM environmental variable. | ||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2026-04-16 | 7.8 High |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||||