Export limit exceeded: 364918 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364918 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-13461 1 Payrange 1 Payrange 2026-07-12 9.6 Critical
When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device.
CVE-2026-43752 1 Claris 1 Filemaker Server 2026-07-12 4.9 Medium
An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1.
CVE-2026-15482 1 Aster Telecom 1 Azcall 2026-07-12 7.3 High
A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestao_loja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-15481 1 Trendnet 1 Tew-635brm 2026-07-12 8.8 High
A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability affects the function ipoa_test of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoa_ipaddr results in command injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor explains: "We are unable to confirm if the vulnerability exists. This item has been EOL since 2011. We will make an official announcement of possible vulnerabilities, and recommend users to switch devices." This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2026-21039 1 Samsung 1 Mobile Devices 2026-07-12 N/A
Improper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings.
CVE-2026-21040 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs.
CVE-2026-21041 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-21042 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Out-of-bounds write in libsavsac.so prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code.
CVE-2026-21043 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege.
CVE-2026-21044 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Improper authorization in KnoxGuardManager prior to SMR Jul-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
CVE-2026-21046 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code.
CVE-2026-21048 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory.
CVE-2026-21049 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Out-of-bounds write in libpadm.so library prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code.
CVE-2026-21050 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-21051 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings.
CVE-2026-21052 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-12 N/A
Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege.
CVE-2026-21053 1 Samsung Mobile 1 Samsung Email 2026-07-12 N/A
Improper input validation in Samsung Email prior to version 6.2.13.1 allows local attackers to create arbitrary files within the application sandbox.
CVE-2026-21054 1 Samsung Mobile 1 Inputsharing 2026-07-12 N/A
Improper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data.
CVE-2026-21056 1 Samsung Mobile 1 Samsung Health 2026-07-12 N/A
Improper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to access connected device information.
CVE-2026-21057 1 Samsung Mobile 1 Samsung Pass 2026-07-12 N/A
Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory.