Export limit exceeded: 356028 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (356028 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-11105 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Insufficient validation of untrusted input in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11114 | 1 Google | 1 Chrome | 2026-06-06 | 9.6 Critical |
| Use after free in Device Trust in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11115 | 1 Google | 1 Chrome | 2026-06-06 | 7.3 High |
| Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium) | ||||
| CVE-2026-11116 | 1 Google | 1 Chrome | 2026-06-06 | 8.8 High |
| Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium) | ||||
| CVE-2026-11131 | 1 Google | 1 Chrome | 2026-06-06 | 9.6 Critical |
| Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11139 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11140 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11141 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11143 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2026-11145 | 1 Google | 1 Chrome | 2026-06-06 | 6.5 Medium |
| Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11146 | 1 Google | 1 Chrome | 2026-06-06 | 9.6 Critical |
| Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-11150 | 1 Google | 1 Chrome | 2026-06-06 | 6.1 Medium |
| Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-21017 | 2 Samsung, Samsung Mobile | 2 Android, Samsung Mobile Devices | 2026-06-06 | 5.5 Medium |
| Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. | ||||
| CVE-2026-21029 | 1 Samsung | 2 Android, Mobile Devices | 2026-06-06 | 7.8 High |
| Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. | ||||
| CVE-2025-2415 | 1 Akinsoft | 1 Myrezzta | 2026-06-06 | 8.6 High |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft MyRezzta allows Authentication Bypass. This issue affects MyRezzta: from s2.03.01 before v2.05.01. | ||||
| CVE-2025-2416 | 1 Akinsoft | 1 Limondesk | 2026-06-06 | 8.6 High |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft LimonDesk allows Authentication Bypass. This issue affects LimonDesk: from s1.02.14 before v1.02.17. | ||||
| CVE-2025-2417 | 1 Akinsoft | 1 E-mutabakat | 2026-06-06 | 8.6 High |
| Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft e-Mutabakat allows Authentication Bypass. This issue affects e-Mutabakat: from 2.02.06 before v2.02.06. | ||||
| CVE-2025-2421 | 1 Felisify | 1 Sambabox | 2026-06-06 | 9.8 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injection. This issue affects SambaBox: before 5.1. | ||||
| CVE-2025-2488 | 1 Felisify | 1 Sambabox | 2026-06-06 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting (XSS). This issue affects SambaBox: before 5.1. | ||||
| CVE-2025-2812 | 1 Mydata | 1 Ticket Sales Automation | 2026-06-06 | 9.8 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection. This issue affects Ticket Sales Automation: before 03.04.2025 (DD.MM.YYYY). | ||||