Export limit exceeded: 363576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363576 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363576 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14396 1 Google 1 Chrome 2026-07-06 6.5 Medium
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14386 1 Google 1 Chrome 2026-07-06 6.5 Medium
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14406 1 Google 1 Chrome 2026-07-06 5.9 Medium
Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2026-14400 1 Google 1 Chrome 2026-07-06 8.3 High
Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14395 1 Google 1 Chrome 2026-07-06 8.8 High
Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14413 1 Google 1 Chrome 2026-07-06 8.3 High
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14408 1 Google 1 Chrome 2026-07-06 6.5 Medium
Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-14398 1 Google 1 Chrome 2026-07-06 9.6 Critical
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-14390 1 Google 1 Chrome 2026-07-06 9.6 Critical
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-14403 1 Google 1 Chrome 2026-07-06 8.8 High
Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-58284 1 Microsoft 1 Edge Chromium 2026-07-06 8.3 High
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-58285 1 Microsoft 1 Edge Chromium 2026-07-06 8.3 High
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-58288 1 Microsoft 1 Edge Chromium 2026-07-06 8.3 High
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-58294 1 Microsoft 1 Edge Chromium 2026-07-06 7.5 High
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
CVE-2026-11578 2026-07-06 N/A
The Fluent Forms WordPress plugin before 6.2.5 does not properly restrict the deletion of form submission entries to the forms a restricted Manager is authorized to manage, allowing a Manager limited to specific forms to permanently delete submission entries belonging to other forms. This requires a non-default configuration in which an administrator has created at least one Manager restricted to specific forms.
CVE-2026-6901 2026-07-06 7.7 High
Untrusted Search Path vulnerability in B&R Industrial Automation GmbH APROL. This issue affects APROL: before R 4.4-01P5.
CVE-2026-4249 1 Wso2 4 Wso2 Api Control Plane, Wso2 Api Manager, Wso2 Traffic Manager and 1 more 2026-07-06 8.6 High
The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service condition. Successful exploitation of this vulnerability can disrupt the API Gateway, preventing legitimate API traffic from being processed and impacting complete service availability. The denial of service is persistent, requiring manual intervention to restore normal operations.
CVE-2026-54405 1 Ubiquiti 1 Unifi Network Application 2026-07-06 7.5 High
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi Network Application to execute a Denial of Service (DoS) attack on the application.
CVE-2026-54403 2026-07-06 8.6 High
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances.
CVE-2026-54409 2026-07-06 7.5 High
A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras.