Export limit exceeded: 355993 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (355993 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55664 | 1 Gpac | 1 Mp4box | 2026-06-02 | 5.5 Medium |
| A heap buffer overflow in the m2tsdmx_send_packet function (filters/dmx_m2ts.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2026-37579 | 1 Smsgate | 1 Sms-core | 2026-06-02 | 7.3 High |
| An issue in SMSGate sms-core<=2.1.13.6 allows a remote attacker to execute arbitrary code via the Cmpp7FDeliverRequestMessageCodec.java component | ||||
| CVE-2026-28953 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28947 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28905 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-06-02 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28883 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 7.5 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28946 | 1 Apple | 1 Macos | 2026-06-02 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28907 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 8.1 High |
| The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | ||||
| CVE-2026-43658 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28942 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28955 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28903 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28901 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28847 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28902 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28958 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-06-02 | 5.5 Medium |
| This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data. | ||||
| CVE-2026-43660 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 7.5 High |
| A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | ||||
| CVE-2026-28904 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-06-02 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-9092 | 1 Casdoor | 1 Casdoor | 2026-06-01 | 9.1 Critical |
| Casdoor versions 2.362.0 and earlier contain a vulnerability involving unverified email binding that may enable account takeover. The getExistUserByBindingRule function matches users by email without checking the email_verified claim from upstream providers; the idp.UserInfo struct does not even include a EmailVerified field. An attacker can supply an unverified email claim from an upstream provider to take over accounts that use the same email address. | ||||
| CVE-2026-45626 | 1 Getarcaneapp | 1 Arcane | 2026-06-01 | 6.3 Medium |
| Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/{id}/volumes/{volumeName}/browse accepts a path query parameter that is passed to a shell command (sh -c "find … | while …") inside an Arcane helper container. The path sanitiser blocks ../ traversal but does not strip Bourne-shell metacharacters such as $() or backticks, and strconv.Quote only escapes Go string metacharacters, not shell substitution sequences. Any authenticated user with access to a browseable volume can execute arbitrary commands inside the helper container; command output is reflected back in the 500 error body. | ||||