Export limit exceeded: 366667 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 366667 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366667 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50442 | 1 Microsoft | 19 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 16 more | 2026-07-15 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-61862 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 2.9 Low |
| ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed (read past the profile boundary). This behavior occurs when debug output is enabled. | ||||
| CVE-2026-61868 | 1 Imagemagick | 1 Imagemagick | 2026-07-15 | 3.7 Low |
| ImageMagick before 7.1.2-26 and 6.9.x before 6.9.13-51 contains a memory leak in the YUV decoder that occurs when opening of the blob fails. Repeated triggering can lead to resource exhaustion (denial of service). | ||||
| CVE-2026-58549 | 1 Huawei | 1 Harmonyos | 2026-07-15 | 4 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-58552 | 1 Huawei | 1 Harmonyos | 2026-07-15 | 5.1 Medium |
| Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2026-50429 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-15 | 8.2 High |
| Out-of-bounds read in Windows Kernel allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-50405 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 7.8 High |
| Insufficient granularity of access control in Windows Filtering Platform (WFP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-49987 | 2026-07-15 | N/A | ||
| Repomix is a tool that packs repositories into AI-friendly files. Prior to 1.14.1, src/core/git/gitCommand.ts execGitShallowClone passes the --remote-branch value directly to git fetch and git checkout without validation or --end-of-options, allowing --upload-pack or other Git option injection that bypasses validateGitUrl() dangerous parameter checks and can execute commands through local or SSH-style transports. This issue is fixed in version 1.14.1. | ||||
| CVE-2026-50334 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Notification allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-48261 | 2026-07-15 | 5.4 Medium | ||
| Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a crafted webpage. Scope is changed. | ||||
| CVE-2026-48253 | 2026-07-15 | 5.4 Medium | ||
| Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a crafted webpage. Scope is changed. | ||||
| CVE-2026-50455 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 5.5 Medium |
| Use of uninitialized resource in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50435 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-07-15 | 7.8 High |
| Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-55898 | 1 Microsoft | 9 365 Apps, Excel 2016, Office 2019 and 6 more | 2026-07-15 | 6.1 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-50415 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 5.3 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Media allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-50409 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-15 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Overlay Filter allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50383 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2026-07-15 | 6.1 Medium |
| Buffer over-read in Windows Print Spooler Components allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-50421 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2026-07-15 | 7.8 High |
| Access of resource using incompatible type ('type confusion') in Windows Connected User Experiences and Telemetry allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50427 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2026-07-15 | 7.8 High |
| Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-50376 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-07-15 | 6.5 Medium |
| Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network. | ||||