Export limit exceeded: 351621 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351621 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-8969 | 2026-05-19 | N/A | ||
| Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8968 | 2026-05-19 | N/A | ||
| Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||
| CVE-2026-8967 | 2026-05-19 | N/A | ||
| Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8966 | 2026-05-19 | N/A | ||
| Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8965 | 2026-05-19 | N/A | ||
| Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8964 | 2026-05-19 | N/A | ||
| Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8963 | 2026-05-19 | N/A | ||
| Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-43492 | 1 Linux | 1 Linux Kernel | 2026-05-19 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() Yiming reports an integer underflow in mpi_read_raw_from_sgl() when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy more bytes than the "nbytes" parameter and the first "nbytes + 1" bytes of the scatterlist must be zero. Under these conditions, the while loop iterating over the scatterlist will count more zeroes than "nbytes", subtract the number of zeroes from "nbytes" and cause the underflow. When commit 2d4d1eea540b ("lib/mpi: Add mpi sgl helpers") originally introduced the bug, it couldn't be triggered because all callers of mpi_read_raw_from_sgl() passed a scatterlist whose length was equal to "nbytes". However since commit 63ba4d67594a ("KEYS: asymmetric: Use new crypto interface without scatterlists"), the underflow can now actually be triggered. When invoking a KEYCTL_PKEY_ENCRYPT system call with a larger "out_len" than "in_len" and filling the "in" buffer with zeroes, crypto_akcipher_sync_prep() will create an all-zero scatterlist used for both the "src" and "dst" member of struct akcipher_request and thereby fulfil the conditions to trigger the bug: sys_keyctl() keyctl_pkey_e_d_s() asymmetric_key_eds_op() software_key_eds_op() crypto_akcipher_sync_encrypt() crypto_akcipher_sync_prep() crypto_akcipher_encrypt() rsa_enc() mpi_read_raw_from_sgl() To the user this will be visible as a DoS as the kernel spins forever, causing soft lockup splats as a side effect. Fix it. | ||||
| CVE-2026-37978 | 1 Redhat | 1 Build Keycloak | 2026-05-19 | 4.9 Medium |
| A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID (userId) parameter. This vulnerability allows for cross-role personally identifiable information (PII) leakage, enabling unauthorized visibility into user identities and authorizations across the realm. Exploitation is possible remotely via network access to the Admin API. | ||||
| CVE-2026-37979 | 1 Redhat | 1 Build Keycloak | 2026-05-19 | 6.5 Medium |
| A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect (OIDC) token introspection endpoint allows a confidential client to bypass audience restrictions. An attacker-controlled client with valid credentials can retrieve sensitive token claims intended for other resource servers, compromising the confidentiality of lightweight access tokens. This issue can be exploited remotely by any confidential client in the realm with valid credentials. | ||||
| CVE-2026-37982 | 1 Redhat | 1 Build Keycloak | 2026-05-19 | 6.8 Medium |
| A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow. By intercepting an execute-actions email link, an attacker can register their own authenticator to a victim's account. This leads to unauthorized enrollment of a hardware-backed credential, enabling persistent account takeover. | ||||
| CVE-2026-7860 | 1 Vaadin | 1 Flow | 2026-05-19 | N/A |
| A possible information disclosure vulnerability exists in the Vaadin Maven plugin and Vaadin Gradle plugin that exposes the full set of environment variables in build logs whenever the frontend build process exits with a non-zero status. Because the build environment may contain credentials supplied as secrets, any failed frontend build can expose those secrets in clear text in CI logs and archived build artifacts. Users of affected versions should apply the following mitigation or upgrade. Releases that have fixed this issue include: Product version Vaadin 23.0.0 - 23.6.9 Vaadin 24.0.0 - 24.10.3 Vaadin 25.0.0 - 25.1.4 Mitigation Upgrade to 23.6.10 Upgrade to 24.10.4 or newer Upgrade to 25.1.5 or newer Please note that Vaadin versions 10-13 and 15-22 are no longer supported and you should update either to the latest 23, 24, or 25 version. ArtifactsMaven coordinatesVulnerable versionsFixed versioncom.vaadin:flow-plugin-base23.0.0 - 23.6.10≥23.6.11com.vaadin:flow-plugin-base24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-plugin-base25.0.0 - 25.1.4≥25.1.5com.vaadin:flow-maven-plugin23.0.0 - 23.6.10≥23.6.11com.vaadin:flow-maven-plugin24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-maven-plugin25.0.0 - 25.1.4≥25.1.5com.vaadin:flow-gradle-plugin24.0.0 - 24.10.3≥24.10.4com.vaadin:flow-gradle-plugin25.0.0 - 25.1.4≥25.1.5 | ||||
| CVE-2026-29220 | 1 Apache | 1 Ofbiz | 2026-05-19 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue. | ||||
| CVE-2026-8962 | 2026-05-19 | N/A | ||
| Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||
| CVE-2026-8696 | 1 Radare | 1 Radare2 | 2026-05-19 | 7.5 High |
| radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbitrary code by sending malformed thread information responses. Attackers can trigger the vulnerability by causing qsThreadInfo to fail after qfThreadInfo successfully allocates RDebugPid structures, resulting in double-free memory corruption when the error path attempts to clean up the list. | ||||
| CVE-2026-8961 | 2026-05-19 | N/A | ||
| Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||
| CVE-2026-8960 | 2026-05-19 | N/A | ||
| Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151. | ||||
| CVE-2026-8959 | 2026-05-19 | N/A | ||
| Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||
| CVE-2026-8958 | 2026-05-19 | N/A | ||
| Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||
| CVE-2026-8957 | 2026-05-19 | N/A | ||
| Privilege escalation in the Enterprise Policies component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11. | ||||