Export limit exceeded: 357004 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357004 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-41983 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 4.3 Medium |
| DoS vulnerability in the browser kernel. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-41985 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 5.1 Medium |
| UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2026-41986 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 2.4 Low |
| Logic bypass vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-27671 | 1 Sap Se | 1 Sap Netweaver And Abap Platform | 2026-06-09 | 9.8 Critical |
| Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high impact on the confidentiality, integrity, and availability of the application. | ||||
| CVE-2026-41973 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-09 | 5.9 Medium |
| Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-44748 | 1 Sap Se | 1 Sap Netweaver And Abap Platform | 2026-06-09 | 9.9 Critical |
| SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to sensitive user data and potential disruption of normal system usage. This causes a high impact on confidentiality, integrity and availability of the application. | ||||
| CVE-2026-41984 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 5.2 Medium |
| UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2026-11672 | 1 Google | 1 Chrome | 2026-06-09 | 8.3 High |
| Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-11681 | 1 Google | 1 Chrome | 2026-06-09 | 8.8 High |
| Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-11682 | 1 Google | 1 Chrome | 2026-06-09 | 8.3 High |
| Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-11607 | 1 Typo3 | 1 Typo3 | 2026-06-09 | N/A |
| Backend users with access to the Form Framework were able to use files not ending in .form.yaml as form definitions, which were processed without denying the incorrect file extension. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to escalate privileges by creating administrative backend user accounts. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.51, 12.0.0-12.4.46, 13.0.0-13.4.31 and 14.0.0-14.3.3. | ||||
| CVE-2026-41976 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-09 | 6.6 Medium |
| Permission control vulnerability in the audio framework. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-41977 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-09 | 5 Medium |
| DoS vulnerability in the log service. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-41981 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 5.3 Medium |
| Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-41974 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-09 | 3.6 Low |
| Permission control vulnerability in service notifications. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-44541 | 1 Ethyca | 1 Fides | 2026-06-09 | N/A |
| Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fides_description override. This issue has been patched in version 2.84.5. | ||||
| CVE-2026-28262 | 1 Dell | 1 Idrac Tools | 2026-06-09 | 6 Medium |
| Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering. | ||||
| CVE-2026-41982 | 1 Huawei | 1 Harmonyos | 2026-06-09 | 6.4 Medium |
| Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-47343 | 1 Typo3 | 1 Typo3 | 2026-06-09 | N/A |
| Non-privileged backend users with file mount access were able to perform write operations (move, delete, rename) on folders representing the root of an active file mount due to missing authorization restrictions. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0 through 11.5.50, 12.0.0 through 12.4.45, 13.0.0 through 13.4.30, and 14.0.0 through 14.3.2. | ||||
| CVE-2026-47346 | 1 Typo3 | 1 Typo3 | 2026-06-09 | N/A |
| Backend users with file write permissions were able to upload form definition files with mixed-case extensions (e.g., .FORM.YAML) to bypass the Form Framework's upload restriction. Maliciously crafted form definition files can be used to execute arbitrary SQL statements, allowing attackers to escalate privileges by creating administrative backend user accounts. This issue affects TYPO3 CMS versions before 10.4.57, 11.0.0-11.5.50, 12.0.0-12.4.45, 13.0.0-13.4.30 and 14.0.0-14.3.2. | ||||