Export limit exceeded: 363429 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363429 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14019 | 1 Google | 1 Chrome | 2026-07-05 | 6.5 Medium |
| Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14033 | 1 Google | 1 Chrome | 2026-07-05 | 6.5 Medium |
| Insufficient policy enforcement in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14061 | 1 Google | 1 Chrome | 2026-07-05 | 6.5 Medium |
| Inappropriate implementation in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14094 | 1 Google | 1 Chrome | 2026-07-05 | 7.8 High |
| Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low) | ||||
| CVE-2026-14097 | 1 Google | 1 Chrome | 2026-07-05 | 9.6 Critical |
| Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14153 | 1 Google | 1 Chrome | 2026-07-05 | 5.3 Medium |
| Inappropriate implementation in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-51947 | 1 Pivotal | 1 Crm | 2026-07-05 | 9.8 Critical |
| An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253. | ||||
| CVE-2026-14743 | 1 Code-projects | 1 Real State Services | 2026-07-05 | 7.3 High |
| A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used. | ||||
| CVE-2026-14742 | 1 Langchain-ai | 1 Langgraph | 2026-07-05 | 3.1 Low |
| A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Result Cache. This manipulation of the argument default_cache_key causes use of weak hash. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2026-14400 | 1 Google | 1 Chrome | 2026-07-05 | 8.3 High |
| Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-14403 | 1 Google | 1 Chrome | 2026-07-05 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14738 | 1 Exo-explore | 1 Exo | 2026-07-05 | 3.7 Low |
| A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function _image_cache_key of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance. | ||||
| CVE-2026-14737 | 1 Hanwang | 1 E-face General Management Platform | 2026-07-05 | 7.3 High |
| A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-14735 | 1 Code-projects | 1 Smart Parking System | 2026-07-05 | 7.3 High |
| A vulnerability has been found in code-projects Smart Parking System 1.0. The affected element is an unknown function of the file /parkings/parkings.php. Such manipulation of the argument street/city/status leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-14734 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-05 | 7.3 High |
| A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-14733 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-05 | 7.3 High |
| A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. This issue affects some unknown processing of the file /edit_coursea.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-11564 | 1 Curl | 1 Curl | 2026-07-05 | N/A |
| libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA material for a later transfer. | ||||
| CVE-2026-14732 | 1 Sourcecodester | 1 Class And Exam Timetabling System | 2026-07-05 | 7.3 High |
| A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /edit_exam.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-14731 | 1 Itsourcecode | 1 Hospital Management System | 2026-07-05 | 6.3 Medium |
| A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-14730 | 1 Itsourcecode | 1 Hospital Management System | 2026-07-05 | 6.3 Medium |
| A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of the argument patientname results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||