Export limit exceeded: 359892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359892 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359892 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24087 | 1 Qualcomm | 431 Ar8031, Ar8031 Firmware, Ar8035 and 428 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot OEM commands. | ||||
| CVE-2026-24088 | 1 Qualcomm | 493 Ar9380, Ar9380 Firmware, Csr8811 and 490 more | 2026-06-02 | 8.2 High |
| Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader. | ||||
| CVE-2026-24089 | 1 Qualcomm | 439 Ar8031, Ar8031 Firmware, Ar8035 and 436 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot commands with invalid input. | ||||
| CVE-2026-24090 | 1 Qualcomm | 435 Ar8031, Ar8031 Firmware, Ar8035 and 432 more | 2026-06-02 | 7.1 High |
| Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow. | ||||
| CVE-2026-24091 | 1 Qualcomm | 547 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Apq8098 and 544 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot commands with improperly formatted input. | ||||
| CVE-2026-24092 | 1 Qualcomm | 437 Ar8031, Ar8031 Firmware, Ar8035 and 434 more | 2026-06-02 | 7.2 High |
| Memory Corruption when processing fastboot commands to set display mode. | ||||
| CVE-2026-7524 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-06-02 | 9.8 Critical |
| IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction. | ||||
| CVE-2026-25258 | 1 Qualcomm | 43 Cologne, Cologne Firmware, Fastconnect 6900 and 40 more | 2026-06-02 | 7.8 High |
| Memory corruption while processing IOCTL calls for escape operations. | ||||
| CVE-2026-25259 | 1 Qualcomm | 85 Cologne, Cologne Firmware, Fastconnect 6700 and 82 more | 2026-06-02 | 7.8 High |
| Memory corruption while processing multiple IOCTL command for escape operations. | ||||
| CVE-2026-25260 | 1 Qualcomm | 71 Cologne, Cologne Firmware, Fastconnect 6700 and 68 more | 2026-06-02 | 7.8 High |
| Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. | ||||
| CVE-2026-7528 | 2 Ibm, Langflow | 2 Langflow Oss, Langflow | 2026-06-02 | 7.1 High |
| IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service due to uncontrolled resource consumption. | ||||
| CVE-2026-10263 | 1 Sourcecodester | 1 Computer Repair Shop Management System | 2026-06-02 | 7.3 High |
| A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manage_product.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-10558 | 1 Sourcecodester | 1 Pizzafy Ecommerce System | 2026-06-02 | 6.3 Medium |
| A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2024-7143 | 2 Pulpproject, Redhat | 5 Pulp, Ansible Automation Platform, Ansible Automation Platform Inside and 2 more | 2026-06-02 | 8.3 High |
| A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing. | ||||
| CVE-2026-5065 | 1 Ibm | 1 Controller | 2026-06-02 | 8.8 High |
| IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | ||||
| CVE-2026-10568 | 1 Itsourcecode | 1 Fees Management System | 2026-06-02 | 6.3 Medium |
| A vulnerability was detected in itsourcecode Fees Management System 1.0. Affected is an unknown function of the file /manage_payment.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-10257 | 1 Itsourcecode | 1 Content Management System | 2026-06-02 | 6.3 Medium |
| A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/update_ss_img.php. The manipulation of the argument topic_id results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-10251 | 1 Itsourcecode | 1 Online House Rental System | 2026-06-02 | 7.3 High |
| A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2025-70363 | 1 Ibexa | 1 Ez Platform | 2026-06-02 | 7.5 High |
| Incorrect access control in the REST API of Ibexa & Ciril GROUP eZ Platform / Ciril Platform 2.x allows unauthenticated attackers to access sensitive data via enumerating object IDs. | ||||
| CVE-2026-10246 | 1 Sourcecodester | 1 Pharmacy Sales And Inventory System | 2026-06-02 | 3.5 Low |
| A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create_medicine_presentation of the file /ShowForm/create_medicine_presentation/main. The manipulation of the argument medicine_presentation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||