Export limit exceeded: 82231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (82231 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25402 | 1 Open Ises | 1 Open Ises Project | 2026-06-02 | 8.2 High |
| The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the p1 parameter. Attackers can send GET requests to inc_types_graph.php with crafted SQL payloads to extract sensitive database information including schema names and other data. | ||||
| CVE-2018-25399 | 1 Open Ises | 1 Open Ises Project | 2026-06-02 | 8.2 High |
| The Open ISES Project 3.30A contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tick_lat and tick_lng parameters. Attackers can send GET requests to nearby.php with crafted SQL payloads to extract sensitive database information including usernames, database names, and version details. | ||||
| CVE-2018-25392 | 2 Maxonerp, Talagasoft | 2 Maxon, Maxon Erp | 2026-06-02 | 7.1 High |
| MaxOn ERP Software 8.x-9.x contains an SQL injection vulnerability that allows authenticated users to execute arbitrary SQL queries through the nomor, user, and jenis parameters in the log_activity function. Attackers can send POST requests to /index.php/user/log_activity with malicious SQL code in these parameters to extract sensitive database information including version and database names. | ||||
| CVE-2018-25382 | 2 Bylancer, Zechat Project | 2 Zechat, Zechat | 2026-06-02 | 8.2 High |
| Zechat 1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the uname parameter. Attackers can send crafted requests to profile.php with UNION-based SQL injection payloads to retrieve table names, column names, and sensitive data from the information_schema database. | ||||
| CVE-2025-48595 | 1 Google | 1 Android | 2026-06-02 | 8.4 High |
| In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0093 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0099 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2026-46510 | 1 Kaspernj | 1 Form-data-objectizer | 2026-06-02 | 8.2 High |
| form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys (e.g. name[sub]) into nested objects without filtering __proto__, constructor, or prototype. A single HTTP form field whose name starts with __proto__[...] causes the library to mutate Object.prototype, which is a prototype pollution primitive of the entire Node.js process. This vulnerability is fixed in 1.0.1. | ||||
| CVE-2026-45609 | 1 Spring-ai-community | 1 Mcp-security | 2026-06-02 | 7.2 High |
| mcp-security provides Security and Authorization support for Model Context Protocol in Spring AI. Prior to 0.1.9, the mcp-security framework fails to implement the mandatory SSRF mitigations outlined in the Model Context Protocol (MCP) security specifications. Specifically, it processes untrusted URLs for OAuth-related discovery and metadata without verifying if the targets are malicious or internal to the network. This only affects installations with Dynamic Client Registration (DCR) enabled This vulnerability is fixed in 0.1.9. | ||||
| CVE-2026-28764 | 1 Mediaarea | 2 Mediainfo, Mediainfolib | 2026-06-02 | 7.8 High |
| MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability | ||||
| CVE-2026-0094 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0095 | 1 Google | 1 Android | 2026-06-02 | 8 High |
| In l2c_fcr_clone_buf of l2c_fcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-28577 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-28580 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-59604 | 1 Qualcomm | 1 Snapdragon | 2026-06-02 | 7.8 High |
| Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer. | ||||
| CVE-2026-24092 | 1 Qualcomm | 1 Snapdragon | 2026-06-02 | 7.2 High |
| Memory Corruption when processing fastboot commands to set display mode. | ||||
| CVE-2026-25259 | 1 Qualcomm | 1 Snapdragon | 2026-06-02 | 7.8 High |
| Memory corruption while processing multiple IOCTL command for escape operations. | ||||
| CVE-2026-24425 | 2 Symfony, Twigphp | 2 Twig, Twig | 2026-06-02 | 8.8 High |
| Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities to pass arbitrary PHP callables to sort, filter, map, and reduce filters. Attackers can exploit the runtime check that fails to use the current template source to bypass sandbox restrictions and execute arbitrary code when the sandbox is enabled through a source policy rather than globally. | ||||
| CVE-2026-42184 | 1 Tauri | 1 Tauri | 2026-06-02 | 8.8 High |
| Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's is_local_url() function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to http://<scheme>.localhost/ because those platforms' WebView implementations cannot serve custom URI schemes directly. The issue is that Tauri's check to see if the origin is local, only checks the first subdomain of the URL. An attacker can abuse this by hosting a page on a domain whose subdomain matches the custom scheme of the application. This vulnerability is fixed in 2.10.3. | ||||
| CVE-2026-24087 | 1 Qualcomm | 1 Snapdragon | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot OEM commands. | ||||