Export limit exceeded: 367166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 367166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43892 | 1 Fortinet | 1 Fortios | 2026-07-17 | 4.1 Medium |
| A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions may allow an authenticated remote attacker to return a portion of device memory in the redirect response via submitting a specially crafted request. | ||||
| CVE-2026-62644 | 1 Roundcube | 1 Webmail | 2026-07-17 | 6.4 Medium |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, the password plugin of the Roundcube Webmail was subject to username spoofing via session data, which could lead to account takeover. | ||||
| CVE-2025-51677 | 1 Openrisc | 1 Or1200 | 2026-07-17 | N/A |
| An issue was discovered in openRISC OR1200 commit 83ac6b. An output mismatch between the RTL and the netlist of the or1200 cpu output port can lead to unexpected behavior. | ||||
| CVE-2026-51833 | 1 Xenforo | 1 Xenforo | 2026-07-17 | N/A |
| Xenforo 2.3.8 is vulnerable to SSRF. Attackers that have administrator privileges or are able to add/save RSS feeds can enumerate internal services (ports) or expose the original IP address of the server. | ||||
| CVE-2026-54243 | 1 Statamic | 1 Cms | 2026-07-17 | 6.1 Medium |
| Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula trigger character, such as =, +, -, or @, could be interpreted as a live formula when a Control Panel user opens the export in a spreadsheet application. Form submissions can come from unauthenticated front-end visitors, so the malicious value can be supplied by an anonymous user and is later triggered by an editor opening the export. This issue is fixed in versions 5.73.24 and 6.20.1. | ||||
| CVE-2026-50197 | 1 Zalando | 1 Skipper | 2026-07-17 | N/A |
| Skipper is an HTTP router and reverse proxy for service composition. Prior to 0.26.10, zalando/skipper's OpenPolicyAgent integration silently bypasses request-body inspection on HTTP/1.1 Transfer-Encoding: chunked and HTTP/2 requests that omit the content-length pseudo-header, because the opaAuthorizeRequestWithBody filter and OpenPolicyAgentInstance.ExtractHttpBodyOptionally in filters/openpolicyagent/openpolicyagent.go produce an empty raw_body and input.parsed_body while the upstream service receives the full attacker-controlled body. This issue is fixed in version 0.26.10. | ||||
| CVE-2026-48373 | 1 Adobe | 1 Acrobat Reader | 2026-07-17 | 7.8 High |
| Acrobat Reader is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-50289 | 1 Sebhildebrandt | 1 Systeminformation | 2026-07-17 | N/A |
| systeminformation is a System and OS information library for node.js. Prior to 5.31.7, networkInterfaces() on Linux is vulnerable to OS command injection through the Debian/Ubuntu interfaces(5) source directive because lib/network.js checkLinuxDCHPInterfaces() reads /etc/network/interfaces, extracts a source <path> token from file content, and interpolates it unquoted into cat ${file} 2> /dev/null | grep 'iface\|source' executed by execSync(cmd, util.execOptsLinux), allowing a path containing shell metacharacters to execute commands in any process that calls networkInterfaces(), including via getStaticData() and getAllData(). This issue is fixed in version 5.31.7. | ||||
| CVE-2026-44974 | 1 Hapijs | 1 Content | 2026-07-17 | N/A |
| @hapi/content provided HTTP Content-* headers parsing. Prior to 6.0.2, Content.disposition() retained the last occurrence of each duplicate parameter while Content.type() retained the first occurrence of duplicate charset and boundary parameters, creating a parameter-smuggling primitive when another component in the request-processing chain resolves duplicates the opposite way. This can allow an upload filename allowlist bypass in headers such as Content-Disposition: form-data; name="file"; filename="safe.txt"; filename="shell.php". This issue is fixed in version 6.0.2. | ||||
| CVE-2026-56171 | 1 Microsoft | 2 Remote Desktop Web Client, Windows Admin Center | 2026-07-17 | 7.1 High |
| Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-57108 | 2 Microsoft, Redhat | 2 .net, Hummingbird | 2026-07-17 | 7.5 High |
| Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-55027 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-17 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50650 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.8 High |
| Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-50649 | 2 Microsoft, Redhat | 3 .net, Visual Studio 2026, Hummingbird | 2026-07-17 | 7.8 High |
| Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50648 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50646 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.8 High |
| Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-50528 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 8.2 High |
| Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-50527 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-50526 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7 High |
| Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally. | ||||
| CVE-2026-50525 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Visual Studio 2026 and 1 more | 2026-07-17 | 7.5 High |
| Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network. | ||||