Export limit exceeded: 355880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9953 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-01 | 6.5 Medium |
| Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-9954 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-01 | 7.5 High |
| Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-9955 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-01 | 4.3 Medium |
| Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-9958 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-01 | 8.8 High |
| Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||||
| CVE-2026-9971 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-01 | 5.4 Medium |
| Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-33844 | 1 Microsoft | 1 Azure Managed Instance For Apache Cassandra | 2026-06-01 | 9 Critical |
| Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-26164 | 1 Microsoft | 2 365 Copilot Business Chat, 365 Copilot Chat | 2026-06-01 | 7.5 High |
| Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-26129 | 1 Microsoft | 2 365 Copilot Business Chat, 365 Copilot Chat | 2026-06-01 | 7.5 High |
| Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-42834 | 1 Microsoft | 2 Azure Portal Windows Admin Center, Windows Admin Center | 2026-06-01 | 7.8 High |
| Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-9972 | 2 Apple, Google | 2 Macos, Chrome | 2026-06-01 | 8.3 High |
| Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-42833 | 1 Microsoft | 1 Dynamics 365 | 2026-06-01 | 9.1 Critical |
| Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-40420 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-06-01 | 8.8 High |
| Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-35436 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-06-01 | 8.8 High |
| Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40418 | 1 Microsoft | 6 365 Apps, Office, Office 2019 and 3 more | 2026-06-01 | 7.8 High |
| Use after free in Microsoft Office allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40413 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-06-01 | 7.4 High |
| Windows TCP/IP Denial of Service Vulnerability | ||||
| CVE-2026-9982 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-06-01 | 8.3 High |
| Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-40401 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-06-01 | 7.1 High |
| Windows TCP/IP Denial of Service Vulnerability | ||||
| CVE-2026-40397 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-06-01 | 7.8 High |
| Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40369 | 1 Microsoft | 8 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 5 more | 2026-06-01 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40367 | 1 Microsoft | 13 365 Apps, Office, Office 2019 and 10 more | 2026-06-01 | 8.4 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||