Export limit exceeded: 350591 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350591 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34645 | 1 Adobe | 1 Adobe Commerce | 2026-05-13 | 7.5 High |
| Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction. | ||||
| CVE-2026-42338 | 1 Beaugunderson | 1 Ip-address | 2026-05-13 | N/A |
| ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group() and Address6.link() do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage (emitted by the Address6 constructor for invalid input) can contain unescaped attacker-controlled content in one branch. An application that (1) passes untrusted input to Address6 and (2) renders the output of these methods, or the thrown error's parseMessage, as HTML (e.g. via innerHTML) is vulnerable to cross-site scripting. This vulnerability is fixed in 10.1.1. | ||||
| CVE-2026-8369 | 2026-05-13 | N/A | ||
| Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options. | ||||
| CVE-2026-45740 | 2026-05-13 | 5.3 Medium | ||
| protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.8 and 8.2.0, protobufjs could recurse without a depth limit while expanding nested JSON descriptors through Root.fromJSON() and Namespace.addJSON(). A crafted JSON descriptor with deeply nested namespace definitions could cause the JavaScript call stack to be exhausted during descriptor loading. This vulnerability is fixed in 7.5.8 and 8.2.0. | ||||
| CVE-2025-11159 | 1 Hitachi | 1 Vantara Pentaho Data Integration And Analytics | 2026-05-13 | 9.1 Critical |
| Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data source administrator. | ||||
| CVE-2026-8159 | 2 Multiparty, Pillarjs | 2 Multiparty, Multiparty | 2026-05-13 | 7.5 High |
| multiparty@4.2.3 and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a long header value can cause regex matching to take seconds, blocking the event loop. Impact: any service accepting multipart uploads via multiparty is affected. Workarounds: limiting upload sizes at the proxy or gateway layer reduces but does not eliminate the attack surface, since a small header of around 8 KB is sufficient to trigger the vulnerable backtracking. Upgrade to multiparty@4.3.0 or higher. | ||||
| CVE-2026-44294 | 2026-05-13 | 5.3 Medium | ||
| protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript property accessors from schema-controlled field and oneof names. Certain control characters in field names were not escaped before being embedded into generated function bodies. A crafted schema or JSON descriptor could therefore cause generated encode, decode, verify, or conversion functions to fail during compilation. This vulnerability is fixed in 7.5.6 and 8.0.2. | ||||
| CVE-2026-2725 | 1 Gerrit | 1 Gerrit | 2026-05-13 | N/A |
| Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" tag of an unapproved change. | ||||
| CVE-2026-8161 | 2 Multiparty, Pillarjs | 2 Multiparty, Multiparty | 2026-05-13 | 7.5 High |
| multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a field name that collides with an inherited Object.prototype property such as __proto__, constructor, or toString, the parser invokes .push() on the inherited prototype value rather than an array, throwing a TypeError that propagates as an uncaught exception and crashes the process. Impact: any service accepting multipart uploads via multiparty is affected. Workarounds: none. Upgrade to multiparty@4.3.0 or higher. | ||||
| CVE-2026-8162 | 2 Multiparty, Pillarjs | 2 Multiparty, Multiparty | 2026-05-13 | 7.5 High |
| multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. The resulting URIError propagates as an uncaught exception and crashes the process. Impact: any service accepting multipart uploads via multiparty is affected. Workarounds: none. Upgrade to multiparty@4.3.0 or higher. | ||||
| CVE-2026-44293 | 2026-05-13 | N/A | ||
| protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated JavaScript for toObject conversion could include an unsafe expression derived from a schema-controlled bytes field default value. A crafted descriptor with a non-string default value for a bytes field could cause attacker-controlled code to be emitted into the generated conversion function. This vulnerability is fixed in 7.5.6 and 8.0.2. | ||||
| CVE-2026-21024 | 1 Samsung Mobile | 1 Samsung System Support Service | 2026-05-13 | N/A |
| Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions. | ||||
| CVE-2026-28988 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-05-13 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5, watchOS 26.5. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2026-44292 | 2026-05-13 | 5.3 Medium | ||
| protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the __proto__ key. If an application constructed a message from an attacker-controlled plain object, an own enumerable __proto__ property could alter the prototype of that individual message instance. This vulnerability is fixed in 7.5.6 and 8.0.2. | ||||
| CVE-2026-39869 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-05-13 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing an audio stream in a maliciously crafted media file may terminate the process. | ||||
| CVE-2026-21020 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-05-13 | N/A |
| Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions. | ||||
| CVE-2026-44291 | 2026-05-13 | 8.1 High | ||
| protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup tables could resolve attacker-controlled inherited properties as valid protobuf type information. This could cause attacker-controlled strings to be emitted into generated JavaScript code. This vulnerability is fixed in 7.5.6 and 8.0.2. | ||||
| CVE-2026-8430 | 1 Spip | 1 Spip | 2026-05-13 | 8.1 High |
| SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute arbitrary code in the context of the web server. Attackers can exploit this vulnerability through specific nginx configuration scenarios to achieve code execution, and this issue is not mitigated by the SPIP security screen. | ||||
| CVE-2026-21019 | 1 Samsung Mobile | 1 Samsung Mobile Devices | 2026-05-13 | N/A |
| Improper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege. | ||||
| CVE-2026-33814 | 2 Go Standard Library, Golang | 3 Net/http, Go, Http2 | 2026-05-13 | 7.5 High |
| When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0. | ||||