Export limit exceeded: 340591 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 340591 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (340591 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4720 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-25 | 9.8 Critical |
| Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-20637 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-03-25 | 6.2 Medium |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination. | ||||
| CVE-2026-4724 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-25 | 9.1 Critical |
| Undefined behavior in the Audio/Video component. This vulnerability affects Firefox < 149 and Thunderbird < 149. | ||||
| CVE-2026-4726 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-25 | 7.5 High |
| Denial-of-service in the XML component. This vulnerability affects Firefox < 149 and Thunderbird < 149. | ||||
| CVE-2026-4728 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-25 | 6.5 Medium |
| Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affects Firefox < 149 and Thunderbird < 149. | ||||
| CVE-2026-4729 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-03-25 | 9.8 Critical |
| Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 149 and Thunderbird < 149. | ||||
| CVE-2026-33310 | 1 Intake | 1 Intake | 2026-03-25 | 8.8 High |
| Intake is a package for finding, investigating, loading and disseminating data. Prior to version 2.0.9, the shell() syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contains a parameter default such as shell(<command>), the command may be executed when the catalog source is accessed. This means that if a user loads a malicious catalog YAML, embedded commands could execute on the host system. Version 2.0.9 mitigates the issue by making getshell False by default everywhere. | ||||
| CVE-2026-30655 | 1 Esiclivre | 1 Esiclivre | 2026-03-25 | 6.5 Medium |
| SQL injection in Solicitante::resetaSenha() in esiclivre/esiclivre v0.2.2 and earlier allows unauthenticated remote attackers to gain unauthorized access to sensitive information via the cpfcnpj parameter in /reset/index.php | ||||
| CVE-2026-30661 | 2 Icms, Idreamsoft | 2 Icms, Icms | 2026-03-25 | 6.1 Medium |
| iCMS v8.0.0 contains a Cross-Site Scripting (XSS) vulnerability in the User Management component, specifically within the index.html file. This allows remote attackers to execute arbitrary web script or HTML via the regip or loginip parameters. | ||||
| CVE-2026-29839 | 1 Dedecms | 1 Dedecms | 2026-03-25 | 8.8 High |
| DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php. | ||||
| CVE-2026-4685 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 7.5 High |
| Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4686 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 7.5 High |
| Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4687 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 9.6 Critical |
| Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4688 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 9.6 Critical |
| Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4689 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-25 | 10 Critical |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4690 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 9.6 Critical |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4691 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 9.8 Critical |
| Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4692 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-25 | 9.6 Critical |
| Sandbox escape in the Responsive Design Mode component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4693 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-25 | 7.5 High |
| Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||
| CVE-2026-4694 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-03-25 | 7.5 High |
| Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9. | ||||