Export limit exceeded: 351647 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351647 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23817 | 1 Amd | 128 Athlon 3000g Firmware, Athlon Gold 3150ge Firmware, Athlon Gold Pro 3150g Firmware and 125 more | 2026-05-15 | N/A |
| Insufficient checking of memory buffer in AMD Secure Processor (ASP) Secure OS may allow an attacker with a malicious trusted application to read/write to the ASP Secure OS kernel virtual address space, potentially resulting in privilege escalation. | ||||
| CVE-2025-48513 | 2026-05-15 | N/A | ||
| Use of uninitialized resource within the AMD Platform Management Framework (PMF) could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability. | ||||
| CVE-2025-0028 | 2026-05-15 | N/A | ||
| An unchecked return value within the AMD Platform Management Framework (PMF) could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2026-0438 | 2026-05-15 | N/A | ||
| A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability. | ||||
| CVE-2026-8510 | 1 Google | 1 Chrome | 2026-05-15 | 7.5 High |
| Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-8519 | 1 Google | 1 Chrome | 2026-05-15 | 8.8 High |
| Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-8571 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-8569 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium) | ||||
| CVE-2026-8525 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-8573 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium) | ||||
| CVE-2026-8574 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-8513 | 1 Google | 1 Chrome | 2026-05-15 | 8.3 High |
| Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-8522 | 1 Google | 1 Chrome | 2026-05-15 | 8.8 High |
| Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2026-8549 | 1 Google | 1 Chrome | 2026-05-15 | 8.8 High |
| Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-8587 | 1 Google | 1 Chrome | 2026-05-15 | 8.8 High |
| Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2026-0249 | 1 Palo Alto Networks | 1 Globalprotect App | 2026-05-15 | N/A |
| Multiple improper certificate validation vulnerabilities in the Palo Alto Networks GlobalProtect™ app enables an attacker to intercept encrypted communications and potentially compromise the endpoint. This can enable a local non-administrative operating system user or an attacker on the same subnet to redirect traffic to an unauthorized server and facilitate the installation of malicious software. The GlobalProtect app on Linux, Windows, iOS and GlobalProtect UWP app are not affected. | ||||
| CVE-2026-44005 | 2 Patriksimek, Vm2 Project | 2 Vm2, Vm2 | 2026-05-15 | 10 Critical |
| vm2 is an open source vm/sandbox for Node.js. From 3.9.6 to 3.10.5, vm2's bridge exposes mutable proxies for real host-realm intrinsic prototypes and then forwards sandbox writes into the underlying host objects with otherReflectSet() and otherReflectDefineProperty(), which lets attacker-controlled JavaScript running in a default VM or inherited NodeVM mutate shared host Object.prototype, Array.prototype, and Function.prototype from inside the sandbox This vulnerability is fixed in 3.11.0. | ||||
| CVE-2026-44009 | 2 Patriksimek, Vm2 Project | 2 Vm2, Vm2 | 2026-05-15 | 9.8 Critical |
| vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, This vulnerability is fixed in 3.11.2. | ||||
| CVE-2026-8565 | 1 Google | 1 Chrome | 2026-05-15 | 4.7 Medium |
| Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2026-8583 | 1 Google | 1 Chrome | 2026-05-15 | 5.3 Medium |
| Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | ||||