Export limit exceeded: 366404 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366404 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14102 | 1 Google | 1 Chrome | 2026-07-14 | 8.8 High |
| Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14105 | 1 Google | 1 Chrome | 2026-07-14 | 9.6 Critical |
| Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14109 | 1 Google | 1 Chrome | 2026-07-14 | 9.6 Critical |
| Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14123 | 1 Google | 1 Chrome | 2026-07-14 | 4.3 Medium |
| Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14126 | 1 Google | 1 Chrome | 2026-07-14 | 4.3 Medium |
| Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14128 | 1 Google | 1 Chrome | 2026-07-14 | 4.3 Medium |
| Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14132 | 1 Google | 1 Chrome | 2026-07-14 | 4.3 Medium |
| Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14145 | 1 Google | 1 Chrome | 2026-07-14 | 6.1 Medium |
| Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14146 | 1 Google | 1 Chrome | 2026-07-14 | 6.5 Medium |
| Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-47984 | 2026-07-14 | 8.2 High | ||
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47997 | 2026-07-14 | 5.9 Medium | ||
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47988 | 2026-07-14 | 8.6 High | ||
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47999 | 2026-07-14 | 4.8 Medium | ||
| Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | ||||
| CVE-2026-47998 | 2026-07-14 | 5.9 Medium | ||
| Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-48000 | 2026-07-14 | 4.3 Medium | ||
| Adobe Commerce is affected by an Improper Redirect (Open Redirect) vulnerability that could result in a Security feature bypass. An attacker could construct a malicious URL that redirects a victim to an attacker-controlled site, potentially enabling credential theft and account takeover. Exploitation of this issue requires user interaction in that a victim must click on a malicious link. | ||||
| CVE-2026-48001 | 2026-07-14 | 3.7 Low | ||
| Adobe Commerce is affected by an Information Exposure vulnerability that could lead to a limited disclosure of sensitive information. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-47994 | 2026-07-14 | 8.7 High | ||
| Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field, potentially gaining elevated access or control over the victim's account or session. Scope is changed. | ||||
| CVE-2026-55121 | 1 Microsoft | 11 365 Apps, Office 2016, Office 2019 and 8 more | 2026-07-14 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-56181 | 1 Microsoft | 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more | 2026-07-14 | 8.3 High |
| Origin validation error in Windows Network Address Translation (NAT) allows an unauthorized attacker to perform spoofing over an adjacent network. | ||||
| CVE-2026-57102 | 1 Microsoft | 1 Visual Studio Code | 2026-07-14 | 8.8 High |
| Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. | ||||