Export limit exceeded: 366404 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366404 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366404 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-61500 | 2026-07-15 | 9.8 Critical | ||
| Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random() generator and discloses outputs of the same generator to unauthenticated clients during login. A remote attacker can collect a small number of login responses, reconstruct the generator's state, recover the signing key, and forge a valid administrator session cookie, leading to full administrative access and remote code execution via the server_code configuration feature. | ||||
| CVE-2026-47482 | 2026-07-15 | 7.5 High | ||
| NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause missing release of memory after effective lifetime. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-15548 | 1 Shibby | 1 Tomato | 2026-07-15 | 8.8 High |
| A security vulnerability has been detected in Shibby Tomato up to 1.28.0000. This vulnerability affects the function sub_407220 of the file /usr/sbin/httpd of the component DNS List Rendering. The manipulation leads to stack-based buffer overflow. The attack is possible to be carried out remotely. This project is superseded by FreshTomato. | ||||
| CVE-2026-47481 | 2026-07-15 | 6.5 Medium | ||
| NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an authentication bypass through an alternative path or channel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2026-50350 | 1 Microsoft | 6 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 3 more | 2026-07-15 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-47480 | 2026-07-15 | 7.5 High | ||
| NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an uncaught exception. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-61736 | 2026-07-15 | 9.3 Critical | ||
| LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, the server defaults to CORS_ORIGINS=* combined with allow_credentials=True in lightrag/api/lightrag_server.py, causing Starlette CORSMiddleware to effectively whitelist every origin for credentialed cross-origin requests. Any malicious website visited by an authenticated LightRAG user can silently make authenticated API requests, exfiltrating documents and knowledge graph data or performing destructive actions such as deleting the document store. This vulnerability is fixed in 1.5.4. | ||||
| CVE-2026-36035 | 2026-07-15 | 6.5 Medium | ||
| Incorrect access control in the /api/License/deactivateOffline endpoint of CAXPerts UniversalPlantViewer WebServices Server v2.7.6 allows authenticated attackers with low-level privileges to cause a Denial of Service (DoS) via removing the license from the webserver. | ||||
| CVE-2026-50293 | 1 Microsoft | 6 Windows 10 21h2, Windows 10 22h2, Windows 11 24h2 and 3 more | 2026-07-15 | 7.8 High |
| Use after free in Windows Internal Task Bar allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-15711 | 1 Redhat | 1 Enterprise Linux | 2026-07-15 | 7.5 High |
| A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames (e.g., PING, PONG, CLOSE) contain a payload of 125 bytes or less. A remote, unauthenticated attacker can exploit this by sending a non-compliant, oversized control frame. Because the parser handles this protocol violation improperly instead of throwing an immediate connection termination error, it triggers a internal processing crash, resulting in a remote denial of service (DoS) for applications utilizing libsoup WebSockets. | ||||
| CVE-2026-49803 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-15542 | 1 Will-moss | 1 Isaiah | 2026-07-15 | 7.3 High |
| A vulnerability has been found in will-moss Isaiah up to 1.36.9. This affects an unknown function of the file app/main.go of the component Websocket Connection Authentication. The manipulation leads to improper authentication. The attack can be initiated remotely. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2026-54433 | 1 Roundcube | 1 Webmail | 2026-07-15 | 7.2 High |
| In Roundcube Webmail before 1.6.17 and 1.7.x before 1.7.2, there is Stored Cross-Site Scripting (XSS) via a crafted plain-text email message. The attacker-controlled JavaScript executes within the victim's authenticated session simply by opening or previewing the message (zero-click). | ||||
| CVE-2026-47737 | 2026-07-15 | 7.5 High | ||
| Puma is a Ruby/Rack web server built for parallelism. From 5.5.0 until 7.2.1 and 8.0.2, Puma is vulnerable to source IP spoofing when set_remote_address proxy_protocol: :v1 is enabled and persistent connections are used because Puma incorrectly re-parses PROXY protocol headers after each keep-alive request on the same connection, allowing an attacker to inject a second PROXY header and overwrite REMOTE_ADDR. This issue is fixed in versions 7.2.1 and 8.0.2. | ||||
| CVE-2026-14504 | 1 Sonatype | 1 Nexus Repository Manager | 2026-07-15 | N/A |
| An authorization bypass in Nexus Repository 3's component upload API allowed a user with only read/browse privileges on a Swift, Terraform, or Conda hosted repository to upload arbitrary artifacts, bypassing the intended write-permission check. | ||||
| CVE-2026-15714 | 1 Redhat | 1 Enterprise Linux | 2026-07-15 | 6.5 Medium |
| An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata. | ||||
| CVE-2026-48371 | 2026-07-15 | 5.4 Medium | ||
| Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed. | ||||
| CVE-2026-51807 | 2026-07-15 | 9.8 Critical | ||
| Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute arbitrary code via the j2k_precinct_subband::parse_packet_header() in source/core/coding/coding_units.cpp | ||||
| CVE-2026-47477 | 2026-07-15 | 7.5 High | ||
| NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a stack-based buffer overflow. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-60082 | 1 Hmbrand | 1 Dbi | 2026-07-15 | 9.1 Critical |
| DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index. This could be triggered by a caller supplying inconsistent metadata and rows to the prepare method. | ||||