Export limit exceeded: 366907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366907 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58305 1 Samsung Open Source 1 Escargot 2026-07-16 6.1 Medium
Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a.
CVE-2026-58307 1 Samsung Open Source 1 Escargot 2026-07-16 6.1 Medium
Out-of-bounds read, Reachable assertion vulnerability in Samsung Open Source Escargot allows Overread Buffers, Input Data Manipulation. This issue affects Escargot: before 2dee22f5c7b8bf31cb7252d7731fae8c07f2842c.
CVE-2026-13754 2 Tickera, Wordpress 2 Tickera – Sell Tickets & Manage Events, Wordpress 2026-07-16 6.5 Medium
The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 3.6.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVE-2026-21043 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-16 N/A
Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege.
CVE-2026-21044 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-16 N/A
Improper authorization in KnoxGuardManager prior to SMR Jul-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
CVE-2026-21048 1 Samsung Mobile 1 Samsung Mobile Devices 2026-07-16 N/A
Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory.
CVE-2023-49899 1 X-rite 1 Ma-t6 2026-07-16 9.8 Critical
An unauthenticated remote attacker can execute any command on the affected device due to not correctly verifying the origin of a communication channel.
CVE-2026-15086 1 Drupal 1 Raw Formatter [meta Tag Formatter] 2026-07-16 5.9 Medium
vulnerability in Drupal Raw Formatter [Meta Tag Formatter] allows . This issue affects Raw Formatter [Meta Tag Formatter] versions: *.*.
CVE-2024-8751 1 Sick 1 Msc800 Firmware 2026-07-16 7.5 High
A vulnerability allows a remote unauthenticated attacker to modify the prod uct’s IP address over the Sopas ET interface. This can lead to a Denial of Service attack.
CVE-2026-39042 1 Mikrotik 1 Routeros 2026-07-16 7.5 High
An issue in MikroTIk (SIA Mikrotikls, Latvia) RouterOS 7.21.x before v.7.21.4 and 7.22.x before v.7.22.2 allows a remote attacker to cause a denial of service via the unflatten() function in libumsg.so.
CVE-2026-51821 2026-07-16 9.8 Critical
SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint
CVE-2026-11964 2026-07-16 9.1 Critical
The User Registration & Membership WordPress plugin before 5.2.2 does not verify the authenticity of incoming payment-provider webhook notifications before acting on them, allowing unauthenticated attackers to forge a payment-approved event and activate a paid membership subscription without completing a real payment.
CVE-2026-12273 2026-07-16 4.3 Medium
The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments containing arbitrary HTML and links on any content across the site, bypassing the comment moderation queue.
CVE-2026-12396 2026-07-16 5.4 Medium
The WP Job Portal WordPress plugin before 2.5.5 does not perform capability or ownership checks before allowing job moderation actions, allowing authenticated users with a subscriber-level (self-registerable) account to approve, feature, or reject arbitrary jobs, including those owned by other users.
CVE-2026-15022 2 Themeum, Wordpress 2 Tutor Lms – Elearning And Online Course Solution, Wordpress 2026-07-16 6.5 Medium
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via Stored Quiz Answer Array in all versions up to, and including, 4.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with custom-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The payload is stored at quiz-attempt time via the wp_ajax_tutor_quiz_abandon handler, but the injected SQL executes only when a privileged user or Tutor REST API key holder requests the /wp-json/tutor/v1/quiz-attempt-details/{id} endpoint, making this a second-order (stored) injection chain.
CVE-2026-53364 1 Linux 1 Linux Kernel 2026-07-16 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leak in hci_le_big_terminate() hci_le_big_terminate() allocates iso_list_data via kzalloc_obj but returns 0 without freeing it when neither pa_sync_term nor big_sync_term flags are set after evaluating the PA and BIG sync connection state. This early-return path was introduced when hci_le_big_terminate() was refactored to take struct hci_conn instead of raw u8 parameters, adding PA/BIG flag evaluation logic. The existing kfree() on hci_cmd_sync_queue failure does not cover this path.
CVE-2026-15324 2026-07-16 4.4 Medium
The SysBasics Customize My Account for WooCommerce – Live My Account Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'row_type' parameter in all versions up to, and including, 4.4.14 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manager-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2026-57025 1 Juniper Networks 2 Junos Os, Junos Os Evolved 2026-07-16 5.5 Medium
A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privilged attacker to cause a Denial-of-Service (DoS). On EX Series, QFX Series and MX Series a low-privileged attacker issuing a specific 'show l2-learning' or 'show ethernet-switching' command will cause an l2ald crash which will lead to a temporary service impact for all layer 2 services until the process has automatically restarted. This issue affects EX Series, QFX Series, MX Series: Junos OS: * all versions before 23.2R2-S7, * 23.4 versions before 23.4R2-S7, * 24.2 versions before 24.2R2, * 24.4 versions before 24.4R1-S2. Junos OS Evolved: * all versions before 23.2R2-S7-EVO, * 23.4 versions before 23.4R2-S8-EVO, * 24.2 versions before 24.2R2-EVO, * 24.4 versions before 24.4R1-S3-EVO.
CVE-2026-51807 2026-07-16 9.8 Critical
Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute arbitrary code via the j2k_precinct_subband::parse_packet_header() in source/core/coding/coding_units.cpp
CVE-2026-51808 2026-07-16 9.8 Critical
Buffer Overflow vulnerability in OpenHTJ2K v.0.18.4 and before allows an attacker to execute arbitrary code via the openhtj2k_decoder_impl::invoke, invoke_line_based, invoke_line_based_stream, and invoke_line_based_predecoded function in source/core/interface/decoder.cpp