Export limit exceeded: 366528 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366528 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366528 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-45065 | 1 Symfony | 1 Symfony | 2026-07-15 | N/A |
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, UrlGenerator validates route parameters against a pattern built as ^ plus the raw requirement plus $; with ungrouped alternations, middle alternatives match as unanchored substrings, allowing a value such as //evil.com to satisfy a common locale requirement and generate a protocol-relative off-site URL. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-45063 | 1 Symfony | 1 Symfony | 2026-07-15 | N/A |
| Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, X509Authenticator extracts the user identifier from $_SERVER['SSL_CLIENT_S_DN'] with an unanchored regex that matches emailAddress= anywhere in the distinguished name, allowing an attacker with a trusted certificate containing emailAddress=victim inside another RDN value such as CN to authenticate as the victim. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12. | ||||
| CVE-2026-34328 | 1 Microsoft | 10 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-07-15 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Audio Service allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-58635 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Windows Narrator Braille allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-57979 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-15 | 6.5 Medium |
| Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-56185 | 1 Microsoft | 1 Windows Admin Center | 2026-07-15 | 6.5 Medium |
| Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network. | ||||
| CVE-2026-54127 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 2 more | 2026-07-15 | 7.4 High |
| Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-54987 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-15 | 7.8 High |
| Heap-based buffer overflow in Windows Overlay Filter allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-15607 | 1 Tanstack | 1 Db | 2026-07-15 | 4.3 Medium |
| A vulnerability was detected in tanstack db up to 0.6.8. Affected by this vulnerability is the function select of the file src/query/compiler/select.ts of the component Alias Path Handler. The manipulation results in improperly controlled modification of object prototype attributes. The attack may be launched remotely. The exploit is now public and may be used. The patch is identified as ac09b1177a100eafa85cba3cd09dd1f53f933ded. A patch should be applied to remediate this issue. | ||||
| CVE-2026-49175 | 1 Microsoft | 7 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 4 more | 2026-07-15 | 7.8 High |
| Heap-based buffer overflow in Windows DNS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-49169 | 1 Microsoft | 2 Windows Server 2025, Windows Server 2025 (server Core Installation) | 2026-07-15 | 8 High |
| Use after free in DNS Server allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-15703 | 1 Sourcecodester | 1 Simple And Nice Shopping Cart Script | 2026-07-15 | 7.3 High |
| A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This vulnerability affects unknown code of the file /admin/userproductdeletequery.php. Performing a manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. | ||||
| CVE-2026-15594 | 1 Waooai | 1 Waoowaoo | 2026-07-15 | 3.7 Low |
| A vulnerability was found in waooAI waoowaoo up to 0.4.1. Impacted is the function stablePublicIdFromStorageKey in the library src/lib/media/hash.ts of the component Media Handler. The manipulation of the argument storageKey results in improper authorization. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is considered difficult. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-13753 | 1 Hp | 1 Hp 2800 Printer Series | 2026-07-15 | 7.5 High |
| A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version <=TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive configuration data such as plaintext Wi‑Fi Direct credentials, unique device identity information, and other administrative security state details. When accessed through the web interface, these setting pages explicitly require administrator credentials before sensitive information is displayed. | ||||
| CVE-2026-11405 | 2026-07-15 | 9.8 Critical | ||
| The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key). - After normal authentication fails, it calls GetValue("sys.rzadmin.password") to read a backdoor password from the device configuration. - It performs a direct strcmp() comparison (plaintext, not hashed) between the config value and the user-supplied password. A successful match grants role=2 (admin-level access) and creates a valid session. The rzadmin username is never checked — any username works with the backdoor | ||||
| CVE-2026-59889 | 1 Fasterxml | 1 Jackson-databind | 2026-07-15 | 6.5 Medium |
| jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.18.0 until 2.18.9, 2.21.5, 2.22.1, 3.1.5, and 3.2.1, UnwrappedPropertyHandler.processUnwrapped() replays buffered JSON for a @JsonUnwrapped property and calls prop.deserializeAndSet() without a prop.visibleInView(ctxt.getActiveView()) guard, allowing a property annotated with both @JsonView and @JsonUnwrapped to be written from attacker JSON under a less-privileged active view. This issue is fixed in versions 2.18.9, 2.21.5, 2.22.1, 3.1.5, and 3.2.1. | ||||
| CVE-2026-24233 | 1 Nvidia | 1 Tensorrt-llm | 2026-07-15 | 8.4 High |
| NVIDIA TensorRT-LLM for Linux contains a vulnerability in the restricted unpickler used for model weight deserialization, where a local, unauthenticated attacker could cause deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure. | ||||
| CVE-2026-47472 | 1 Nvidia | 1 Tensorrt-llm | 2026-07-15 | 7.8 High |
| NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, and denial of service. | ||||
| CVE-2026-49459 | 1 Cure53 | 1 Dompurify | 2026-07-15 | 6.1 Medium |
| DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Prior to 3.4.6, DOMPurify.sanitize(root, { IN_PLACE: true }) could preserve event-handler attributes on an attacker-controlled <form> root when a descendant name clobbered properties checked by _isClobbered, because _forceRemove no-opped on the parent-less root and _sanitizeAttributes returned early. This issue is fixed in version 3.4.6. | ||||
| CVE-2026-47471 | 1 Nvidia | 1 Tensorrt-llm | 2026-07-15 | 7.5 High |
| NVIDIA TensorRT-LLM for any platform contains a vulnerability in tensor deserialization, where an attacker could cause a heap based buffer overflow. A successful exploit of this vulnerability might lead to information disclosure, data tampering, or denial of service. | ||||