Export limit exceeded: 361813 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361813 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361813 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361813 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9566 | 1 Redhat | 9 Enterprise Linux, Hummingbird, Openshift and 6 more | 2026-06-29 | 8.1 High |
| There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | ||||
| CVE-2025-9900 | 1 Redhat | 10 Ai Inference Server, Discovery, Enterprise Linux and 7 more | 2026-06-29 | 8.8 High |
| A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. | ||||
| CVE-2026-54889 | 1 Leandrocp | 1 Mdex | 2026-06-29 | N/A |
| Improper Neutralization of Input During Web Page Generation (XSS) vulnerability in leandrocp mdex allows cross-site scripting via unsanitized URL schemes in Quill Delta output. 'Elixir.MDEx':to_delta/2 converts Markdown into a Quill Delta. 'Elixir.MDEx.DeltaConverter':default_convert_node/3 in lib/mdex/delta_converter.ex copies the URL of a link, wikilink, or image node directly from the parsed Markdown into the Delta "link" or "image" attribute without applying a scheme allowlist or any normalization. An attacker who controls the Markdown text can supply a javascript: URL (for example [click](javascript:alert(document.cookie))) that survives verbatim into the Delta attribute. When the Delta is rendered to HTML by a downstream renderer (such as quill-delta-to-html or the Quill client), the attribute becomes an <a href> or <img src>, and the javascript: scheme executes in the browser of anyone who views the rendered content. The link and wikilink cases are the strongest vectors because javascript: in an href executes on click; the image case is lower impact because javascript: in <img src> generally does not execute in modern browsers. This issue affects mdex: from 0.8.3 before 0.13.2. | ||||
| CVE-2026-55957 | 2026-06-29 | N/A | ||
| Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Users are recommended to upgrade to version 11.0.5, 10.1.37 or 9.0.101, which fixes the issue. | ||||
| CVE-2025-8067 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-06-29 | 8.5 High |
| A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users. | ||||
| CVE-2025-7425 | 1 Redhat | 17 Cert Manager, Discovery, Enterprise Linux and 14 more | 2026-06-29 | 7.8 High |
| A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. | ||||
| CVE-2025-7424 | 2 Redhat, Xmlsoft | 5 Enterprise Linux, Hummingbird, Openshift and 2 more | 2026-06-29 | 7.5 High |
| A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior. | ||||
| CVE-2026-57333 | 2 Spencer Haws, Wordpress | 2 Link Whisper Free, Wordpress | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. | ||||
| CVE-2026-57334 | 2 Wedevs, Wordpress | 2 Wp User Frontend, Wordpress | 2026-06-29 | 6.5 Medium |
| Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions. | ||||
| CVE-2026-57336 | 2 Astoundify, Wordpress | 2 Jobify, Wordpress | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. | ||||
| CVE-2026-57338 | 2 Reputeinfosystems, Wordpress | 2 Arforms, Wordpress | 2026-06-29 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. | ||||
| CVE-2026-13437 | 1 Devolutions | 1 Powershell Universal | 2026-06-29 | 6.5 Medium |
| Insertion of sensitive information into sent data in the AI Agent job API in Devolutions PowerShell Universal 2026.2.0 allows an authenticated user with AI Agent read access to obtain reusable, potentially higher-privileged authentication tokens via App Tokens serialized in plaintext in job API responses. | ||||
| CVE-2026-41052 | 1 Suse | 1 Rancher | 2026-06-29 | N/A |
| Improper privilege handling could be used by users with Project Owner role to escalate privileges, in Rancher versions 2.14 before 2.14.2, 2.13 before 2.13.6, and 2.12 before 2.12.10. | ||||
| CVE-2025-66287 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-06-29 | 8.8 High |
| A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. | ||||
| CVE-2025-3891 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2026-06-29 | 7.5 High |
| A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability. | ||||
| CVE-2025-32913 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2026-06-29 | 7.5 High |
| A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function. | ||||
| CVE-2025-32911 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2026-06-29 | 9 Critical |
| A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. | ||||
| CVE-2025-32908 | 1 Redhat | 1 Enterprise Linux | 2026-06-29 | 7.5 High |
| A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS). | ||||
| CVE-2025-32906 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2026-06-29 | 7.5 High |
| A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. | ||||
| CVE-2025-26601 | 3 Redhat, Tigervnc, X.org | 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more | 2026-06-29 | 7.8 High |
| A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers. | ||||