Export limit exceeded: 350466 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350466 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-44010 | 2026-05-12 | N/A | ||
| Craft CMS is a content management system (CMS). From 4.0.0 to before 4.17.12 and 5.9.18, the GraphQL Address element resolver (src/gql/resolvers/elements/Address.php) performs no schema scope filtering on top-level queries. A GraphQL API token scoped to a single low-privilege user group can read every address in the system, including addresses belonging to users in groups the token has no authorization to access. This exposes PII, including full names, addresses, organizations, tax IDs, etc. This vulnerability is fixed in 4.17.12 and 5.9.18. | ||||
| CVE-2026-6355 | 1 Augmentt | 1 Augmentt | 2026-05-12 | 6.5 Medium |
| A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration. | ||||
| CVE-2026-33611 | 1 Powerdns | 1 Authoritative | 2026-05-12 | 6.5 Medium |
| An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend. | ||||
| CVE-2026-6959 | 2026-05-12 | 6 Medium | ||
| HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to arbitrary file read and write on the client host as the Nomad process user through a symlink attack. This vulnerability (CVE-2026-6959) is fixed in Nomad 2.0.1, 1.11.5 and 1.10.11. | ||||
| CVE-2026-44277 | 1 Fortinet | 1 Fortiauthenticator | 2026-05-12 | 9.1 Critical |
| A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via <insert attack vector here> | ||||
| CVE-2026-44278 | 1 Fortinet | 1 Forticlientwindows | 2026-05-12 | 2.1 Low |
| A use of hard-coded cryptographic key vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.2, FortiClientWindows 7.2 all versions may allow attacker to information disclosure via <insert attack vector here> | ||||
| CVE-2026-44279 | 1 Fortinet | 1 Fortitokenandroid | 2026-05-12 | 5 Medium |
| A improper export of android application components vulnerability in Fortinet FortiTokenAndroid 6.2 all versions, FortiTokenAndroid 6.1 all versions, FortiTokenAndroid 5.2 all versions may allow attacker to improper access control via <insert attack vector here> | ||||
| CVE-2026-40414 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 12 more | 2026-05-12 | 7.4 High |
| Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over an adjacent network. | ||||
| CVE-2026-34332 | 1 Microsoft | 2 Windows Server 2025, Windows Server 2025 (server Core Installation) | 2026-05-12 | 8 High |
| Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-40362 | 1 Microsoft | 8 365 Apps, Excel 2016, Office 2019 and 5 more | 2026-05-12 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-31192 | 1 Raindrop | 2 Bookmark Manager Web App, Raindrop | 2026-05-12 | 6.5 Medium |
| Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request. | ||||
| CVE-2026-42899 | 1 Microsoft | 1 .net | 2026-05-12 | 7.5 High |
| Loop with unreachable exit condition ('infinite loop') in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-7910 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-05-12 | 4.7 Medium |
| Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-6356 | 1 Augmentt | 1 Augmentt | 2026-05-12 | 9.6 Critical |
| A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information. | ||||
| CVE-2026-35548 | 1 Guardsix | 3 Logpoint, Odbc, Odbc Enrichment Plugins | 2026-05-12 | 8.5 High |
| An issue was discovered in guardsix (formerly Logpoint) ODBC Enrichment Plugins before 5.2.1 (5.2.1 is used in guardsix 7.9.0.0). A logic flaw allowed stored database credentials to be reused after modification of the target Host, IP address, or Port. When editing an existing Enrichment Source, previously stored credentials were retained even if the connection endpoint was changed. An authenticated Operator user could redirect the database connection to unintended internal systems, resulting in SSRF and potential misuse of valid stored credentials. | ||||
| CVE-2026-44225 | 2026-05-12 | 9.3 Critical | ||
| Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged web application, giving it access to the host filesystem. A validateFsPath() function is supposed to sandbox this access, but its blocklist is incomplete. Any web app packaged with Pulpy can read and write arbitrary files in the user's home directory — including ~/.ssh/id_rsa, ~/.aws/credentials, and ~/Library/Keychains/. This vulnerability is fixed in 0.1.1. | ||||
| CVE-2026-43173 | 1 Linux | 1 Linux Kernel | 2026-05-12 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: net: ethernet: xscale: Check for PTP support properly In ixp4xx_get_ts_info() ixp46x_ptp_find() is called unconditionally despite this feature only existing on ixp46x, leading to the following splat from tcpdump: root@OpenWrt:~# tcpdump -vv -X -i eth0 (...) Unable to handle kernel NULL pointer dereference at virtual address 00000238 when read (...) Call trace: ptp_clock_index from ixp46x_ptp_find+0x1c/0x38 ixp46x_ptp_find from ixp4xx_get_ts_info+0x4c/0x64 ixp4xx_get_ts_info from __ethtool_get_ts_info+0x90/0x108 __ethtool_get_ts_info from __dev_ethtool+0xa00/0x2648 __dev_ethtool from dev_ethtool+0x160/0x234 dev_ethtool from dev_ioctl+0x2cc/0x460 dev_ioctl from sock_ioctl+0x1ec/0x524 sock_ioctl from sys_ioctl+0x51c/0xa94 sys_ioctl from ret_fast_syscall+0x0/0x44 (...) Segmentation fault Check for ixp46x in ixp46x_ptp_find() before trying to set up PTP to avoid this. To avoid altering the returned error code from ixp4xx_hwtstamp_set() which before this patch was -EOPNOTSUPP, we return -EOPNOTSUPP from ixp4xx_hwtstamp_set() if ixp46x_ptp_find() fails no matter the error code. The helper function ixp46x_ptp_find() helper returns -ENODEV. | ||||
| CVE-2026-43174 | 1 Linux | 1 Linux Kernel | 2026-05-12 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right away, let the refcounting do the work instead of releasing the zcrx ctx directly. | ||||
| CVE-2026-43175 | 1 Linux | 1 Linux Kernel | 2026-05-12 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clk_hw, make sure there are 8 slots for those newly registered clk_hw pointers, else there is going to be out of bounds write when pointers 4..7 are set into struct rs9_driver_data .clk_dif[4..7] field. Since there are other structure members past this struct clk_hw pointer array, writing to .clk_dif[4..7] fields corrupts both the struct rs9_driver_data content and data around it, sometimes without crashing the kernel. However, the kernel does surely crash when the driver is unbound or during suspend. Fix this, increase the struct clk_hw pointer array size to the maximum output count of 9FGV0841, which is the biggest chip that is supported by this driver. | ||||
| CVE-2026-43176 | 1 Linux | 1 Linux Kernel | 2026-05-12 | 8.8 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate sequence number of TX release report") does validation on existing chips, which somehow a release report of SKB becomes malformed. As no clear cause found, add rules ahead for RTL8922DE to avoid crash if it happens. | ||||