Export limit exceeded: 46565 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46565 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-52888 1 Nocobase 1 Nocobase 2026-07-16 6.8 Medium
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. In 2.0.59 and earlier, NocoBase @nocobase/plugin-collection-sql used the checkSQL() function in packages/plugins/@nocobase/plugin-collection-sql/src/server/utils.ts with an incomplete keyword blacklist that did not restrict PostgreSQL system catalog tables such as pg_shadow, pg_roles, and pg_stat_activity, allowing an admin-role user to read password hashes and database metadata through the SQL Collection feature. This vulnerability is fixed in 2.1.0-alpha.46.
CVE-2026-49804 1 Microsoft 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more 2026-07-16 6.6 Medium
Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack.
CVE-2026-50300 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2026-07-16 5.5 Medium
Integer underflow (wrap or wraparound) in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-46637 2026-07-16 N/A
Twig is a template language for PHP. Prior to 3.26.0, several filters in twig/markdown-extra and twig/cssinliner-extra are registered with is_safe => [all], causing Twig to treat plain text or HTML output as safe in HTML, JavaScript, CSS, URL, and other contexts where the output is not properly escaped. This issue is fixed in version 3.26.0.
CVE-2026-50341 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 5.5 Medium
Buffer over-read in Windows NTFS allows an authorized attacker to disclose information locally.
CVE-2026-50475 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 5.5 Medium
Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally.
CVE-2026-45066 2026-07-16 N/A
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, HtmlSanitizer URL sanitization can allow off-allowlist URLs through allowLinkHosts() or allowMediaHosts() because UrlSanitizer::parse() follows RFC 3986 while browsers follow WHATWG URL parsing, and because <area href> is checked against the media policy rather than the link policy. This issue is fixed in versions 6.4.40, 7.4.12, and 8.0.12.
CVE-2026-56192 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-07-16 5.5 Medium
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-55050 1 Microsoft 11 365 Apps, Office 2019, Office 2021 and 8 more 2026-07-16 5.5 Medium
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
CVE-2026-55026 1 Microsoft 11 365 Apps, Office 2016, Office 2019 and 8 more 2026-07-16 6.2 Medium
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.
CVE-2026-58380 2 Gnome, Redhat 2 Gimp, Enterprise Linux 2026-07-16 7.3 High
A flaw was found in GIMP's PNM file format parser. When parsing a specially crafted PNM file, the pnmscanner_gettoken() function writes a null terminator one byte past the end of a stack-allocated buffer due to an off-by-one error in the loop boundary check. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution.
CVE-2026-50408 1 Microsoft 9 365 Apps, Excel 2016, Office 2019 and 6 more 2026-07-16 5.5 Medium
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
CVE-2026-50497 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 6.5 Medium
Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network.
CVE-2026-50491 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-16 7 High
Out-of-bounds read in Code Integrity DLL (ci.dll) allows an authorized attacker to elevate privileges locally.
CVE-2026-58384 2 Gnu, Redhat 2 Gimp, Enterprise Linux 2026-07-16 7.3 High
A flaw was found in GIMP's PSD parser. An integer overflow in read_RLE_channel() can cause an undersized heap allocation for the RLE row-length table, after which subsequent per-row writes corrupt heap memory. This could lead to memory corruption, potentially resulting in denial of service or arbitrary code execution.
CVE-2026-50420 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-16 6.2 Medium
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to disclose information locally.
CVE-2026-56455 2026-07-16 5.3 Medium
HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of Service (DoS). The application fails to properly validate input sizes, allowing an attacker to pass an excessive amount of information into a memory container, which can cause the system to crash or become unresponsive. To mitigate this flaw, comprehensive input length checks must be implemented and enforced on both the client and server sides.
CVE-2026-24268 1 Nvidia 1 Tensorrt 2026-07-16 7.8 High
NVIDIA TensorRT contains a vulnerability where an attacker might cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution.
CVE-2026-40957 2026-07-16 N/A
o   CVE-2026-40957 is a frameable content vulnerability in the Secure Access server login page prior to 14.55. Attackers with control of a malicious web site could use it to potentially steal credentials from an unwary administrator.
CVE-2026-40954 2026-07-16 N/A
CVE-2026-40954 is an integer underflow vulnerability in the traffic parsing function of Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client