Export limit exceeded: 357759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 357759 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357759 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-47955 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-06-12 | 7.8 High |
| Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-47915 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-06-12 | 7.8 High |
| Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-11785 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 4.3 Medium |
| A flaw was found in 389 Directory Server. A type confusion in the SSO token extended operation handler causes partial stack address information to be disclosed in LDAP responses to authenticated users. | ||||
| CVE-2026-11786 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 1.9 Low |
| A flaw was found in 389 Directory Server. The LDIF parser reads past the end of a heap buffer when processing attribute types with trailing semicolons during database import, causing an out-of-bounds read detectable under memory instrumentation. | ||||
| CVE-2026-11787 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 5 Medium |
| A flaw was found in 389 Directory Server. The ldap_utf8prev() function reads bytes before the start of a buffer without bounds checking, causing a heap buffer over-read in string filter parsing that may influence internal filter processing behavior. | ||||
| CVE-2026-11788 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 5.9 Medium |
| A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure. | ||||
| CVE-2026-6739 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 6.7 Medium |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to require system-level permission when patching protected default system roles, which allows authenticated users with delegated user-management permissions to escalate privileges by altering built-in role permissions via the role patch API.. Mattermost Advisory ID: MMSA-2026-00656 | ||||
| CVE-2026-6689 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 4.3 Medium |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Fail to enforce PermissionInviteUser when setting AllowOpenInvite or AllowedDomains during team creation (the check was only applied on update/patch), which allows an authenticated user holding PermissionCreateTeam but not PermissionInviteUser on the resulting team to configure invite-controlled team settings (make the team publicly joinable via open invite and/or constrain membership via allowed domains) that they are not permitted to set on an existing team via POST /api/v4/teams with allow_open_invite: true and/or a non-empty allowed_domains in the request body.. Mattermost Advisory ID: MMSA-2026-00655 | ||||
| CVE-2026-7387 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 8.8 High |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to require role-management authorization when setting the scheme_admin flag on group syncable link and patch endpoints, which allows a user with group-link permissions to escalate themselves and group members to team or channel admin via crafted API requests.. Mattermost Advisory ID: MMSA-2026-00665 | ||||
| CVE-2026-3433 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 4.3 Medium |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to restrict role_updated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change notifications for private teams they are not a member of via the websocket connection.. Mattermost Advisory ID: MMSA-2026-00616 | ||||
| CVE-2026-6046 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 5.3 Medium |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to validate that a username returned during bot registration belongs to a bot account, which allows an unprivileged attacker to intercept private messages sent by plugins via direct message channels by pre-registering a user account with a predictable plugin bot username.. Mattermost Advisory ID: MMSA-2026-00649 | ||||
| CVE-2026-6961 | 1 Mattermost | 1 Mattermost | 2026-06-12 | 7.6 High |
| Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to sanitize FileInfo.Name received from federated peers during shared channel file sync, which allows an attacker who controls a federated server to write files to arbitrary locations within the target server's filestore via path traversal sequences in the filename field.. Mattermost Advisory ID: MMSA-2026-00661 | ||||
| CVE-2026-11789 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 4.9 Medium |
| A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing salt length from a crafted password hash shorter than 16 bytes, causing a buffer over-read that crashes the LDAP server during authentication. | ||||
| CVE-2026-11790 | 1 Redhat | 4 389 Directory Server, Directory Server, Enterprise Linux and 1 more | 2026-06-12 | 4.9 Medium |
| A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password storage plugin does not enforce an upper bound on the iteration count extracted from stored password hashes. A privileged attacker who can modify a user's password hash can cause excessive CPU consumption during authentication, resulting in denial of service. | ||||
| CVE-2026-46746 | 1 Siemens | 1 Sinec Ins | 2026-06-12 | 8.8 High |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The application does not properly sanitize user input in the /api/sftp/uploadFiles endpoint, allowing the injection of shell command payloads via crafted directory names. These payloads are stored and executed when directory listings are retrieved. This could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the affected service user (sinecins). | ||||
| CVE-2026-10544 | 1 Devolutions | 2 Devolutions Server, Server | 2026-06-12 | 6.5 Medium |
| Improper neutralization of special elements in the built-in PAM provider password rotation templates in Devolutions Server allows an authenticated user with write access to a vault to execute arbitrary commands on the systems managed by the affected PAM provider. This issue affects : * Devolutions Server 2026.2.4.0 * Devolutions Server 2026.1.20.0 and earlier | ||||
| CVE-2026-12023 | 2 Apple, Google | 2 Macos, Chrome | 2026-06-12 | 8.3 High |
| Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12025 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-12 | 5.3 Medium |
| Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12028 | 1 Google | 2 Android, Chrome | 2026-06-12 | 8.3 High |
| Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12029 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-12 | 8.3 High |
| Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||