Export limit exceeded: 357524 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357524 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-12020 | 1 Google | 1 Chrome | 2026-06-12 | 8.8 High |
| Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12023 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12029 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12034 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | ||||
| CVE-2026-12032 | 1 Google | 1 Chrome | 2026-06-12 | 3.1 Low |
| Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12031 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12030 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12022 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | ||||
| CVE-2026-12019 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12018 | 1 Google | 1 Chrome | 2026-06-12 | 8.8 High |
| Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High) | ||||
| CVE-2026-12017 | 1 Google | 1 Chrome | 2026-06-12 | 3.1 Low |
| Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12016 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-12010 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-12009 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Insufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-12007 | 1 Google | 1 Chrome | 2026-06-12 | 8.8 High |
| Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2025-59382 | 1 Qnap Systems | 3 Qts, Quts Hero, Qutscloud | 2026-06-12 | N/A |
| QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version: | ||||
| CVE-2026-11933 | 2026-06-12 | 8.8 High | ||
| A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when converting BSON documents to JavaScript arrays. An authenticated user with read privileges who is able to run server-side JavaScript (for example, via $where or $function) can cause the server to access memory that has already been freed. This may result in disclosure of information from the mongod process memory or a denial of service through a server crash. | ||||
| CVE-2026-12008 | 1 Google | 1 Chrome | 2026-06-12 | 8.3 High |
| Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-49235 | 1 Nlnetlabs | 1 Routinator | 2026-06-12 | 7.5 High |
| When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes. | ||||
| CVE-2026-49233 | 1 Nlnetlabs | 1 Routinator | 2026-06-12 | 7.5 High |
| Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache. | ||||