Export limit exceeded: 46559 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (46559 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7162 | 1 Winfsp | 1 Winfsp | 2026-07-17 | 7.8 High |
| Successful exploitation of the integer overflow vulnerability could allow an attacker to achieve system-level access to the affected software. | ||||
| CVE-2026-59840 | 1 Fortinet | 4 Fortios, Fortipam, Fortiproxy and 1 more | 2026-07-17 | 4.1 Medium |
| A buffer over-read vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.5, FortiProxy 7.4.0 through 7.4.13, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions may allow attacker to information disclosure via <insert attack vector here> | ||||
| CVE-2026-15767 | 1 Google | 1 Chrome | 2026-07-17 | 8.8 High |
| Heap buffer overflow in libyuv in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High) | ||||
| CVE-2026-24238 | 1 Nvidia | 1 Tensorrt | 2026-07-17 | 7.8 High |
| NVIDIA TensorRT for contains a vulnerability where an attacker might cause an improper validation of array index. A successful exploit of this vulnerability might lead to code execution. | ||||
| CVE-2022-4990 | 1 Asus | 1 Ai Suite 3 | 2026-07-17 | N/A |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information. | ||||
| CVE-2022-4989 | 1 Asus | 1 Ai Suite 3 | 2026-07-17 | N/A |
| ** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information. | ||||
| CVE-2026-38754 | 1 Busybox | 1 Busybox | 2026-07-17 | 7.5 High |
| A heap overflow in the ifsbreakup() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. | ||||
| CVE-2026-38755 | 1 Busybox | 1 Busybox | 2026-07-17 | 7.5 High |
| A heap overflow in the evalcommand() function (shell/ash.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input. | ||||
| CVE-2026-51380 | 1 Tenda | 1 Ac10 | 2026-07-17 | 9.8 Critical |
| Buffer Overflow vulnerability in Tenda AC10 v3 (firmware V03.03.16.09) allows attackers to cause a permanent Denial of Service (DoS) or potentially execute remote code via the /cgi-bin/UploadCfg endpoint | ||||
| CVE-2026-15030 | 1 Asus | 3 Business Manager, System Control Interface, System Control Interface V3 | 2026-07-17 | N/A |
| Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information. | ||||
| CVE-2026-58549 | 1 Huawei | 1 Harmonyos | 2026-07-17 | 4 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-58550 | 1 Huawei | 1 Harmonyos | 2026-07-17 | 4 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-58552 | 1 Huawei | 1 Harmonyos | 2026-07-17 | 5.1 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-58553 | 1 Huawei | 1 Harmonyos | 2026-07-17 | 4 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-10649 | 2 Clusterlabs, Redhat | 7 Pacemaker, Enterprise Linux, Enterprise Linux Eus and 4 more | 2026-07-17 | 8.6 High |
| A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial of service (DoS) in the CIB remote listener. This can result in the affected service crashing. | ||||
| CVE-2026-14386 | 1 Google | 1 Chrome | 2026-07-17 | 6.5 Medium |
| Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-52189 | 1 Utt | 1 Nv518g | 2026-07-17 | 7.5 High |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_487330 component | ||||
| CVE-2026-52187 | 1 Utt | 1 Nv518g | 2026-07-17 | 7.5 High |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component | ||||
| CVE-2026-38973 | 2026-07-17 | 4.4 Medium | ||
| mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method(). | ||||
| CVE-2026-38979 | 1 Ajenti | 1 Ajenti | 2026-07-17 | 5.4 Medium |
| ajenti through v2.2.13 has a clickjacking weakness in the browser-facing login and administrative UI. In ajenti-core/aj/http.py, the core HTTP response path initializes an empty header list, forwards handler-added headers verbatim, and finalizes responses through WSGI start_response() without adding anti-framing protections such as X-Frame-Options or a Content-Security-Policy frame-ancestors restriction. | ||||