Export limit exceeded: 349970 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349970 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-28902 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-28974 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service. | ||||
| CVE-2026-39871 | 1 Apple | 1 Macos | 2026-05-11 | N/A |
| A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data. | ||||
| CVE-2026-28972 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2026-43658 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28906 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-05-11 | N/A |
| This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An attacker may be able to track users through their IP address. | ||||
| CVE-2026-20696 | 1 Apple | 1 Macos | 2026-05-11 | N/A |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2026-28930 | 1 Apple | 1 Macos | 2026-05-11 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data. | ||||
| CVE-2026-43654 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory. | ||||
| CVE-2026-43655 | 1 Apple | 4 Ios And Ipados, Macos, Tvos and 1 more | 2026-05-11 | N/A |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2026-28897 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A local user may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2026-43652 | 1 Apple | 1 Macos | 2026-05-11 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data. | ||||
| CVE-2026-28941 | 1 Apple | 2 Ios And Ipados, Macos | 2026-05-11 | N/A |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents. | ||||
| CVE-2026-42050 | 1 Imagemagick | 1 Imagemagick | 2026-05-11 | 5.5 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerability is fixed in 7.1.2-21 and 6.9.13-46. | ||||
| CVE-2026-28918 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination. | ||||
| CVE-2026-28942 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-05-11 | N/A |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-28923 | 1 Apple | 1 Macos | 2026-05-11 | N/A |
| A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox. | ||||
| CVE-2026-28940 | 1 Apple | 4 Ios And Ipados, Macos, Tvos and 1 more | 2026-05-11 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory. | ||||
| CVE-2026-43653 | 1 Apple | 3 Ios And Ipados, Macos, Tvos | 2026-05-11 | N/A |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service. | ||||
| CVE-2026-43874 | 1 Wwbn | 1 Avideo | 2026-05-11 | 7.2 High |
| WWBN AVideo is an open source video platform. In versions up to and including 29.0, the server-side mitigation for the YPTSocket autoEvalCodeOnHTML eval sink (from CVE-2026-40911) only strips the payload when it sits under $json['msg'], but the relay function msgToResourceId() selects the outbound message from $msg['json'] before $msg['msg']. An unauthenticated attacker can obtain a WebSocket token from plugin/YPTSocket/getWebSocket.json.php, connect to the WebSocket server, and send a message with autoEvalCodeOnHTML nested under a top-level json field — the strip branch is skipped, the relay delivers the payload verbatim to any logged-in user identified by to_users_id, and the client script runs it through eval(). Commit 9f3006f9a89a34daa67a83c6ad35f450cb91fcce contains an updated fix. | ||||