Export limit exceeded: 367295 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (6338 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30796 | 6 Apple, Linux, Microsoft and 3 more | 6 Macos, Linux Kernel, Windows and 3 more | 2026-07-19 | 7.5 High |
| Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Address book sync, Heartbeat sync loop modules) allows Sniffing Attacks. The client places the preset address-book password verbatim into the heartbeat sync JSON body (src/hbbs_http/sync.rs). Over an intact HTTPS session it is not exposed in transit, but it is a reusable shared secret rather than a zero-knowledge proof, so it is recovered by any party that becomes the API endpoint - under the re-homed/rogue API server (CVE-2026-30797) - and the leaked credential then authorizes the server-side address book. This vulnerability is associated with program files src/hbbs_http/sync.rs and program routines heartbeat sync body builder (emits preset-address-book-password). This issue affects RustDesk Client: through 1.4.8. | ||||
| CVE-2026-34690 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-07-14 | 7.8 High |
| After Effects is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-37434 | 7 Apple, Debian, Fedoraproject and 4 more | 24 Ipados, Iphone Os, Macos and 21 more | 2026-07-14 | 9.8 Critical |
| zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). | ||||
| CVE-2026-43720 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-43740 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory. | ||||
| CVE-2026-43732 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information. | ||||
| CVE-2026-43715 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2026-43721 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data. | ||||
| CVE-2026-43734 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43712 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43701 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 7.1 High |
| The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox. | ||||
| CVE-2026-43663 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43725 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 7.1 High |
| The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox. | ||||
| CVE-2026-43707 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43705 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 8.8 High |
| A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2026-43713 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data. | ||||
| CVE-2026-43726 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43699 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-43716 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-39872 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-07-10 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||