Export limit exceeded: 10161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21469 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21469 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5913 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-14 | 8.1 High |
| Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-1101 | 1 Gitlab | 1 Gitlab | 2026-04-14 | 6.5 Medium |
| GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to cause denial of service to the GitLab instance due to improper input validation in GraphQL queries. | ||||
| CVE-2026-29146 | 1 Apache | 1 Tomcat | 2026-04-14 | 7.5 High |
| Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109. Users are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue. | ||||
| CVE-2026-26109 | 1 Microsoft | 13 365 Apps, Excel, Excel 2016 and 10 more | 2026-04-14 | 8.4 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26108 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-04-14 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-23665 | 1 Microsoft | 2 Azure Linux Virtual Machines Azure Diagnostics, Linux Diagnostic Extension | 2026-04-14 | 7.8 High |
| Heap-based buffer overflow in Azure Linux Virtual Machines allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-40198 | 1 Stigtsp | 1 Net::cidr::lite | 2026-04-14 | 7.5 High |
| Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. _pack_ipv6() does not check that uncompressed IPv6 addresses (without ::) have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce packed values of wrong length (3, 7, or 15 bytes instead of 17). The packed values are used internally for mask and comparison operations. find() and bin_find() use Perl string comparison (lt/gt) on these values, and comparing strings of different lengths gives wrong results. This can cause find() to incorrectly report an address as inside or outside a range. Example: my $cidr = Net::CIDR::Lite->new("::/8"); $cidr->find("1:2:3"); # invalid input, incorrectly returns true This is the same class of input validation issue as CVE-2021-47154 (IPv4 leading zeros) previously fixed in this module. See also CVE-2026-40199, a related issue in the same function affecting IPv4 mapped IPv6 addresses. | ||||
| CVE-2026-26127 | 4 Apple, Linux, Microsoft and 1 more | 8 Macos, Linux Kernel, .net and 5 more | 2026-04-14 | 7.5 High |
| Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-26115 | 1 Microsoft | 15 Microsoft Sql Server 2016 Service Pack 3 (gdr), Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft Sql Server 2017 (cu 31) and 12 more | 2026-04-14 | 8.8 High |
| Improper validation of specified type of input in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-26111 | 1 Microsoft | 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more | 2026-04-14 | 8 High |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-25188 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-14 | 8.8 High |
| Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. | ||||
| CVE-2026-25181 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-14 | 7.5 High |
| Out-of-bounds read in Windows GDI+ allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-25180 | 1 Microsoft | 32 Office, Office For Android, Windows 10 1607 and 29 more | 2026-04-14 | 5.5 Medium |
| Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-25179 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-14 | 7 High |
| Improper validation of specified type of input in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-25175 | 1 Microsoft | 22 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 19 more | 2026-04-14 | 7.8 High |
| Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-25174 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-14 | 7.8 High |
| Out-of-bounds read in Windows Extensible File Allocation allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-25173 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-04-14 | 8 High |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-25172 | 1 Microsoft | 23 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 20 more | 2026-04-14 | 8 High |
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-24288 | 1 Microsoft | 4 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 1 more | 2026-04-14 | 6.8 Medium |
| Heap-based buffer overflow in Windows Mobile Broadband allows an unauthorized attacker to execute code with a physical attack. | ||||
| CVE-2026-24283 | 1 Microsoft | 11 Windows 11 24h2, Windows 11 24h2, Windows 11 25h2 and 8 more | 2026-04-14 | 8.8 High |
| Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. | ||||