Export limit exceeded: 357117 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357117 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-21708 | 1 Veeam | 2 Backup And Recovery, Veeam Backup \& Replication | 2026-06-05 | 9.9 Critical |
| A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user. | ||||
| CVE-2026-10896 | 2 Apple, Google | 2 Iphone Os, Chrome | 2026-06-05 | 8.8 High |
| Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||||
| CVE-2025-13462 | 1 Python | 2 Cpython, Python | 2026-06-05 | 9.8 Critical |
| The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations. | ||||
| CVE-2025-13913 | 1 Inductiveautomation | 1 Ignition | 2026-06-05 | 6.3 Medium |
| A privileged Ignition user, intentionally or otherwise, imports an external file with a specially crafted payload, which executes embedded malicious code. | ||||
| CVE-2026-25835 | 3 Arm, Mbed-tls, Trustedfirmware | 5 Mbed Tls, Mbedtls, Tf-psa-crypto and 2 more | 2026-06-05 | 7.7 High |
| Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator (PRNG). | ||||
| CVE-2026-34871 | 3 Arm, Mbed-tls, Trustedfirmware | 4 Mbed Tls, Mbedtls, Tf-psa-crypto and 1 more | 2026-06-05 | 6.7 Medium |
| An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG). | ||||
| CVE-2026-34875 | 2 Mbed-tls, Trustedfirmware | 4 Mbedtls, Tf-psa-crypto, Mbed Tls and 1 more | 2026-06-05 | 9.8 Critical |
| An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys. | ||||
| CVE-2026-3611 | 1 Honeywell | 12 Iq3, Iq412, Iq412 Firmware and 9 more | 2026-06-05 | 10 Critical |
| The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentication in its factory-default configuration. With no user module configured, security is disabled by design and the system operates under a System Guest (level 100) context, granting read/write privileges to any party able to reach the HTTP interface. Authentication controls are only enforced after a web user is created via U.htm, which dynamically enables the user module. Because this function is accessible prior to authentication, a remote user can create a new account with administrative read/write permissions enabling the user module and imposing authentication under attacker-controlled credentials. This action can effectively lock legitimate operators out of local and web-based configuration and administration. | ||||
| CVE-2025-49600 | 2 Mbed, Trustedfirmware | 2 Mbedtls, Mbed Tls | 2026-06-05 | 4.9 Medium |
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_verify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS (Leighton-Micali Signature) forgery in a fault scenario. Specifically, unchecked return values in mbedtls_lms_verify allow an attacker (who can induce a hardware hash accelerator fault) to bypass LMS signature verification by reusing stale stack data, resulting in acceptance of an invalid signature. In mbedtls_lms_verify, the return values of the internal Merkle tree functions create_merkle_leaf_value and create_merkle_internal_value are not checked. These functions return an integer that indicates whether the call succeeded or not. If a failure occurs, the output buffer (Tc_candidate_root_node) may remain uninitialized, and the result of the signature verification is unpredictable. When the software implementation of SHA-256 is used, these functions will not fail. However, with hardware-accelerated hashing, an attacker could use fault injection against the accelerator to bypass verification. | ||||
| CVE-2022-46392 | 3 Arm, Fedoraproject, Trustedfirmware | 3 Mbed Tls, Fedora, Mbed Tls | 2026-06-05 | 5.3 Medium |
| An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. | ||||
| CVE-2021-45450 | 2 Fedoraproject, Trustedfirmware | 2 Fedora, Mbed Tls | 2026-06-05 | 7.5 High |
| In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. | ||||
| CVE-2021-44732 | 3 Arm, Debian, Trustedfirmware | 3 Mbed Tls, Debian Linux, Mbed Tls | 2026-06-05 | 9.8 Critical |
| Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. | ||||
| CVE-2024-45157 | 1 Trustedfirmware | 1 Mbed Tls | 2026-06-05 | 5.1 Medium |
| An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled. | ||||
| CVE-2018-19608 | 2 Arm, Trustedfirmware | 2 Mbed Tls, Mbed Tls | 2026-06-05 | N/A |
| Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. | ||||
| CVE-2025-49601 | 2 Mbed, Trustedfirmware | 2 Mbedtls, Mbed Tls | 2026-06-05 | 4.8 Medium |
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input. | ||||
| CVE-2017-14032 | 2 Arm, Trustedfirmware | 2 Mbed Tls, Mbed Tls | 2026-06-05 | N/A |
| ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. | ||||
| CVE-2026-25833 | 2 Mbed-tls, Trustedfirmware | 2 Mbedtls, Mbed Tls | 2026-06-05 | 7.5 High |
| Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509_inet_pton_ipv6() function | ||||
| CVE-2026-25834 | 2 Mbed-tls, Trustedfirmware | 2 Mbedtls, Mbed Tls | 2026-06-05 | 6.5 Medium |
| Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade. | ||||
| CVE-2026-34873 | 2 Mbed-tls, Trustedfirmware | 2 Mbedtls, Mbed Tls | 2026-06-05 | 9.1 Critical |
| An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. | ||||
| CVE-2021-36647 | 2 Arm, Trustedfirmware | 2 Mbed Tls, Mbed Tls | 2026-06-05 | 4.7 Medium |
| Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA. | ||||