Export limit exceeded: 360699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 360699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (360699 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-8683 | 1 Mattermost | 2 Mattermost, Mattermost Desktop | 2026-06-16 | 6.5 Medium |
| Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App which allows a malicious server owner to crash the application via including a script to call window.open on a very large URL. Mattermost Advisory ID: MMSA-2026-00652 | ||||
| CVE-2026-53899 | 1 Mozilla | 1 Firefox For Ios | 2026-06-16 | 6.5 Medium |
| Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0. | ||||
| CVE-2026-41082 | 1 Ocaml | 1 Ocaml | 2026-06-16 | 7.3 High |
| In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. | ||||
| CVE-2026-27053 | 2026-06-16 | 9.8 Critical | ||
| Unauthenticated PHP Object Injection in Broadcast Live Video < 7.1.3 versions. | ||||
| CVE-2026-34892 | 2 Rank Math Seo, Wordpress | 2 Rank Math Seo, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in Rank Math SEO <= 1.0.271 versions. | ||||
| CVE-2026-39435 | 2 Bgermann, Wordpress | 2 Cformsii, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in CformsII <= 15.1.3 versions. | ||||
| CVE-2026-39463 | 2 Managewp, Wordpress | 2 Managewp Worker, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in ManageWP Worker <= 4.9.31 versions. | ||||
| CVE-2026-39474 | 2 Metaphorcreations, Wordpress | 2 Post Duplicator, Wordpress | 2026-06-16 | 8.8 High |
| Contributor PHP Object Injection in Post Duplicator <= 3.0.10 versions. | ||||
| CVE-2026-39518 | 2026-06-16 | 7.1 High | ||
| Subscriber Insecure Direct Object References (IDOR) in EventPrime <= 4.3.0.0 versions. | ||||
| CVE-2026-39532 | 2026-06-16 | 8.8 High | ||
| Contributor PHP Object Injection in Events Calendar for GeoDirectory <= 2.3.25 versions. | ||||
| CVE-2026-39584 | 2 Webful Creations, Wordpress | 2 Repairbuddy, Wordpress | 2026-06-16 | 6.5 Medium |
| Subscriber Broken Access Control in RepairBuddy <= 4.1132 versions. | ||||
| CVE-2026-40770 | 2 Relywp, Wordpress | 2 Coupon Affiliates, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Coupon Affiliates <= 7.5.3 versions. | ||||
| CVE-2026-42663 | 2 Wordpress, Wp.insider | 2 Wordpress, Simple Membership | 2026-06-16 | 6.5 Medium |
| Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions. | ||||
| CVE-2026-48867 | 2 Expresstech, Wordpress | 2 Quiz And Survey Master, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions. | ||||
| CVE-2026-52712 | 2 Tnomi, Wordpress | 2 Attendance Manager, Wordpress | 2026-06-16 | 7.6 High |
| Subscriber SQL Injection in Attendance Manager <= 0.6.2 versions. | ||||
| CVE-2026-54198 | 2 Davidlingren, Wordpress | 2 Media Library Assistant, Wordpress | 2026-06-16 | 7.1 High |
| Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant <= 3.35 versions. | ||||
| CVE-2026-47684 | 1 Sync-in | 1 Server | 2026-06-16 | 7.7 High |
| Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.3.0, the private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses (e.g. ::ffff:127.0.0.1), allowing SSRF protection to be bypassed on dual-stack systems. Version 2.3.0 fixes the issue. | ||||
| CVE-2026-46033 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequence number data at the end of the authenticated data. While crypto_authenc_esn_setauthsize() already rejects explicit non-zero authsizes in the range 1..3, crypto_authenc_esn_create() still copied auth->digestsize into inst->alg.maxauthsize without validating it. The AEAD core then initialized the tfm's default authsize from that value. As a result, selecting an ahash with digest size 1..3, such as cbcmac(cipher_null), exposed authencesn instances whose default authsize was invalid even though setauthsize() would have rejected the same value. AF_ALG could then trigger the ESN tail handling with a too-short tag and hit an out-of-bounds access. Reject authencesn instances whose ahash digest size is in the invalid non-zero range 1..3 so that no tfm can inherit an unsupported default authsize. | ||||
| CVE-2026-46034 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdx_irqs array in vfio_cdx_set_msi_trigger(). Without this check, userspace can trigger a NULL pointer dereference by calling VFIO_DEVICE_SET_IRQS with VFIO_IRQ_SET_DATA_BOOL or VFIO_IRQ_SET_DATA_NONE flags before ever setting up interrupts via VFIO_IRQ_SET_DATA_EVENTFD. The vfio_cdx_msi_enable() function allocates the cdx_irqs array and sets config_msi to 1 only when called through the EVENTFD path. The trigger loop (for DATA_BOOL/DATA_NONE) assumed this had already been done, but there was no enforcement of this call ordering. This matches the protection used in the PCI VFIO driver where vfio_pci_set_msi_trigger() checks irq_is() before the trigger loop. | ||||
| CVE-2026-46035 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP On UP kernels (!CONFIG_SMP), spin_trylock() is a no-op that unconditionally succeeds even when the lock is already held. As a result, alloc_frozen_pages_nolock() called from NMI context can re-enter rmqueue() and acquire the zone lock that the interrupted context is already holding, corrupting the freelists. With CONFIG_DEBUG_SPINLOCK on UP, the following BUG is triggered with the slub_kunit test module: BUG: spinlock trylock failure on UP on CPU#0, kunit_try_catch/243 [...] Call Trace: <NMI> dump_stack_lvl+0x3f/0x60 do_raw_spin_trylock+0x41/0x50 _raw_spin_trylock+0x24/0x50 rmqueue.isra.0+0x2a9/0xa70 get_page_from_freelist+0xeb/0x450 alloc_frozen_pages_nolock_noprof+0x111/0x1e0 allocate_slab+0x42a/0x500 ___slab_alloc+0xa7/0x4c0 kmalloc_nolock_noprof+0x164/0x310 [...] </NMI> Fix this by returning NULL early when invoked from NMI on a UP kernel. | ||||