Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364491 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364491 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58198 | 1 Gunthercox | 1 Chatterbot | 2026-07-09 | 5.5 Medium |
| ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract() uses a predictable home-rooted output directory (~/ubuntu_data/ubuntu_dialogs) with a check-then-create pattern followed by tar.extractall(path=self.data_path), allowing a local attacker who pre-plants a symlink at the predictable path to cause archive contents to be written through the symlink to an attacker-chosen directory. This issue is fixed in version 1.2.14. | ||||
| CVE-2026-0287 | 1 Palo Alto Networks | 3 Cloud Ngfw, Pan-os, Prisma Access | 2026-07-09 | N/A |
| Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode. Panorama is not impacted by these vulnerabilities. | ||||
| CVE-2026-54780 | 1 Corewcf | 1 Corewcf | 2026-07-09 | 3.7 Low |
| CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, the CoreWCF WS-Security 1.0 receive pipeline validates ds:SignedInfo SignatureMethod against the configured SecurityAlgorithmSuite but does not validate each ds:Reference DigestMethod, allowing a sender to use a rejected digest algorithm such as SHA-1 while the message is still accepted. This issue is fixed in versions 1.8.1 and 1.9.1. | ||||
| CVE-2026-0275 | 1 Palo Alto Networks | 1 Prisma Browser | 2026-07-09 | N/A |
| A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS. | ||||
| CVE-2026-55590 | 2026-07-09 | N/A | ||
| CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 based applications. Prior to 2.11.1, 3.3.6, and 4.1.1, the getLoginRedirect() method contains a weakness to backslash bypasses that allows redirect targets with attacker-controlled hostnames through the redirect query string parameter. This issue is fixed in versions 2.11.1, 3.3.6, and 4.1.1. | ||||
| CVE-2026-0276 | 1 Palo Alto Networks | 1 Cortex Xdr Broker Vm | 2026-07-09 | N/A |
| A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user. | ||||
| CVE-2026-14396 | 1 Google | 1 Chrome | 2026-07-09 | 6.5 Medium |
| Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-14388 | 1 Google | 1 Chrome | 2026-07-09 | 6.5 Medium |
| Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14406 | 1 Google | 1 Chrome | 2026-07-09 | 5.9 Medium |
| Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2026-14395 | 1 Google | 1 Chrome | 2026-07-09 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14402 | 1 Google | 1 Chrome | 2026-07-09 | 6.5 Medium |
| Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-14398 | 1 Google | 1 Chrome | 2026-07-09 | 9.6 Critical |
| Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-14417 | 1 Google | 1 Chrome | 2026-07-09 | 9.6 Critical |
| Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-14393 | 1 Google | 1 Chrome | 2026-07-09 | 8.8 High |
| Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-52191 | 1 Utt | 1 Nv518g | 2026-07-09 | 7.5 High |
| Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_444C8C component | ||||
| CVE-2026-38972 | 1 Rizonesoft | 1 Notepad3 | 2026-07-09 | 7.8 High |
| Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L"MSFTEDIT.DLL") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened. | ||||
| CVE-2026-0277 | 1 Palo Alto Networks | 1 Prisma Access Agent | 2026-07-09 | N/A |
| An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected. | ||||
| CVE-2026-0278 | 1 Palo Alto Networks | 1 Prisma Access Agent | 2026-07-09 | N/A |
| Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention (DLP) component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected. | ||||
| CVE-2026-14336 | 1 Eclipse | 1 Eclipse Pia | 2026-07-09 | 8.2 High |
| PIA's OIDC issuer allowlist for Jenkins tokens uses a bare string-prefix check (issuer.startswith(' https://ci.eclipse.org ') in is_issuer_known, pia/models.py:139) instead of validating the issuer as a properly host-bounded URL. An attacker can craft an issuer such as https://ci.eclipse.org@evil.host (userinfo trick) or https://ci.eclipse.org.evil.host (suffix trick) that satisfies the prefix check while pointing the OIDC discovery and JWKS fetches at a server the attacker controls. An unauthenticated caller of POST /v1/upload/sbom can use this to force PIA to make outbound HTTP(S) requests to an arbitrary attacker-chosen host, and to have oidc.verify_token accept a JWT signed with the attacker's own key. | ||||
| CVE-2026-51606 | 1 Tenda | 1 Cp3 | 2026-07-09 | 7.5 High |
| An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response. This behavior affects the request-line URL field and header field values across multiple RTSP request types. | ||||