Export limit exceeded: 21189 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (21189 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-23265 1 Apple 8 Ios, Ipad Os, Ipados and 5 more 2026-04-02 9.8 Critical
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2024-23234 1 Apple 1 Macos 2026-04-02 7.8 High
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to execute arbitrary code with kernel privileges.
CVE-2024-23226 1 Apple 8 Ios, Ipad Os, Ipados and 5 more 2026-04-02 8.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to arbitrary code execution.
CVE-2024-23214 1 Apple 3 Ipados, Iphone Os, Macos 2026-04-02 8.8 High
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. Processing maliciously crafted web content may lead to arbitrary code execution.
CVE-2026-20664 1 Apple 6 Ios And Ipados, Ipados, Iphone Os and 3 more 2026-04-02 4.3 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-28859 1 Apple 8 Ios And Ipados, Ipados, Iphone Os and 5 more 2026-04-02 4.3 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.
CVE-2025-43505 1 Apple 1 Xcode 2026-04-02 8.8 High
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to heap corruption.
CVE-2024-44157 1 Apple 2 Apple Tv, Itunes 2026-04-02 5.5 Medium
A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination.
CVE-2026-20698 1 Apple 7 Ios And Ipados, Ipados, Iphone Os and 4 more 2026-04-02 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2026-28857 1 Apple 6 Ios And Ipados, Ipados, Iphone Os and 3 more 2026-04-02 6.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2024-40810 1 Apple 1 Macos 2026-04-02 5.5 Medium
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause a coprocessor crash.
CVE-2025-43501 2 Apple, Webkitgtk 8 Ios, Ipados, Iphone Os and 5 more 2026-04-02 4.3 Medium
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2026-32917 1 Openclaw 1 Openclaw 2026-04-02 9.8 Critical
OpenClaw before 2026.3.13 contains a remote command injection vulnerability in the iMessage attachment staging flow that allows attackers to execute arbitrary commands on configured remote hosts. The vulnerability exists because unsanitized remote attachment paths containing shell metacharacters are passed directly to the SCP remote operand without validation, enabling command execution when remote attachment staging is enabled.
CVE-2025-15518 1 Tp-link 19 Archer Nx200, Archer Nx200 Firmware, Archer Nx200 V1.0 and 16 more 2026-04-02 7.2 High
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the operating system, impacting the confidentiality, integrity, and availability of the device.
CVE-2025-15519 1 Tp-link 19 Archer Nx200, Archer Nx200 Firmware, Archer Nx200 V1.0 and 16 more 2026-04-02 7.2 High
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the operating system, impacting the confidentiality, integrity, and availability of the device.
CVE-2026-4903 1 Tenda 2 Ac5, Ac5 Firmware 2026-04-02 8.8 High
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.
CVE-2026-4904 1 Tenda 2 Ac5, Ac5 Firmware 2026-04-02 8.8 High
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2026-4905 1 Tenda 2 Ac5, Ac5 Firmware 2026-04-02 8.8 High
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
CVE-2026-4906 1 Tenda 2 Ac5, Ac5 Firmware 2026-04-02 8.8 High
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-27650 1 Buffalo 93 Fs-m1266, Fs-m1266 Firmware, Fs-s1266 and 90 more 2026-04-02 9.8 Critical
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.