Export limit exceeded: 357190 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357190 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-10956 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 8.8 High |
| Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-11181 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 6.3 Medium |
| Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-6973 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-06-09 | 7.2 High |
| A configuration control vulnerability in the Ivanti Endpoint Manager Mobile before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to inject arbitrary Apache directives, leading to remote code execution. | ||||
| CVE-2026-11701 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 5.4 Medium |
| Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11235 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 8.8 High |
| Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11236 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-09 | 8.3 High |
| Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11237 | 1 Google | 1 Chrome | 2026-06-09 | 8.3 High |
| Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-34237 | 2 Lfprojects, Modelcontextprotocol | 2 Mcp Java Sdk, Java-sdk | 2026-06-09 | 6.1 Medium |
| MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 0.83.0, 1.0.1, and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 0.83.0, 1.0.1, and 1.1.1. | ||||
| CVE-2026-11268 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-06-09 | 6.5 Medium |
| Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11272 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-09 | 8.8 High |
| Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-11274 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-09 | 4.3 Medium |
| Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-49132 | 1 Microsoft | 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more | 2026-06-09 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2024-49123 | 1 Microsoft | 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more | 2026-06-09 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2024-49075 | 1 Microsoft | 17 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 14 more | 2026-06-09 | 7.5 High |
| Windows Remote Desktop Services Denial of Service Vulnerability | ||||
| CVE-2024-49128 | 1 Microsoft | 8 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 5 more | 2026-06-09 | 8.1 High |
| Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2024-49119 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2026-06-09 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2024-49116 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2026-06-09 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2024-49109 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2026-06-09 | 6.6 Medium |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | ||||
| CVE-2024-49120 | 1 Microsoft | 8 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 5 more | 2026-06-09 | 8.1 High |
| Windows Remote Desktop Services Remote Code Execution Vulnerability | ||||
| CVE-2024-49071 | 1 Microsoft | 1 Defender For Endpoint | 2026-06-09 | 6.5 Medium |
| Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network. | ||||