Export limit exceeded: 85009 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85009 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13502 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-06-29 | 7.5 High |
| A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server. | ||||
| CVE-2025-11021 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-06-29 | 7.5 High |
| A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. | ||||
| CVE-2025-1244 | 1 Redhat | 7 Enterprise Linux, Openshift Builds, Rhel Aus and 4 more | 2026-06-29 | 8.8 High |
| A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. | ||||
| CVE-2025-0624 | 1 Redhat | 7 Enterprise Linux, Openshift, Rhel Aus and 4 more | 2026-06-29 | 7.6 High |
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | ||||
| CVE-2024-9675 | 2 Buildah Project, Redhat | 21 Buildah, Enterprise Linux, Enterprise Linux Eus and 18 more | 2026-06-29 | 7.8 High |
| A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | ||||
| CVE-2023-32256 | 1 Redhat | 1 Enterprise Linux | 2026-06-29 | 7.5 High |
| A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue. | ||||
| CVE-2026-34594 | 2026-06-29 | 8.8 High | ||
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, an authenticated command injection vulnerability in the Destination Network Management functionality allows users with destination management permissions to execute arbitrary commands as root on managed servers. The "network" parameter is passed directly to shell commands without proper sanitization, enabling full remote code execution on the host system. This vulnerability is fixed in 4.0.0-beta.471. | ||||
| CVE-2026-34597 | 2026-06-29 | 8.8 High | ||
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.470, a critical Authenticated Host Remote Code Execution (RCE) vulnerability was discovered in Coolify. The flaw resides in the handling of user-defined build parameters for the Nixpacks build pack. Specifically, the install_command provided by a user is directly concatenated into a shell command string that is executed on the deployment host during the building phase. An attacker can leverage this to escape the intended build context and execute arbitrary commands with host-level privileges. This vulnerability is fixed in 4.0.0-beta.470. | ||||
| CVE-2026-41896 | 2026-06-29 | 7.5 High | ||
| Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the HMAC key is the application's manual_webhook_secret_github field, which is used by Coolify's webhook endpoints to validate incoming requests, is nullable with no default — meaning newly created applications have a null webhook secret. PHP's hash_hmac() function silently coerces a null key to an empty string ''. So when the secret is null, the server computes hash_hmac('sha256', $payload, '') — a deterministic value that any attacker can calculate independently. By sending X-Hub-Signature-256: sha256=<hash_hmac('sha256', payload, '')>, an unauthenticated attacker can forge a valid signature and trigger deployments. This vulnerability is fixed in 4.0.0-beta.474. | ||||
| CVE-2026-38639 | 1 Redox-os | 1 Relibc | 2026-06-29 | 7.5 High |
| An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input. | ||||
| CVE-2026-10823 | 2 Wordpress, Ymc Filter | 2 Wordpress, Ymc Filter | 2026-06-29 | 7.5 High |
| The YMC Filter WordPress plugin before 3.11.3 does not properly authorize access to one of its REST API endpoints and does not validate a user-supplied query parameter, allowing unauthenticated attackers to retrieve the titles and content of private, draft, and other non-public posts. | ||||
| CVE-2026-10835 | 2 Salesmanago, Wordpress | 2 Salesmanago, Wordpress | 2026-06-29 | 7.7 High |
| The SALESmanago & Leadoo WordPress plugin before 3.11.3 does not properly sanitise and escape a parameter passed to one of its AJAX actions before using it in a SQL statement, and fails to enforce authorisation on that action, allowing authenticated users with minimal permissions, such as subscribers, to perform SQL injection attacks. | ||||
| CVE-2026-49486 | 1 Apache | 1 Airflow Ftp Provider | 2026-06-29 | 7.5 High |
| The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was transmitted in cleartext. Any deployment using `FTPSHook` or `FTPSFileTransmitOperator` to move files over FTPS exposed file contents and credentials-in-transit to a network attacker able to observe the data connection. Upgrade apache-airflow-providers-ftp to `3.15.1` or later, which issues `PROT P` to encrypt the data channel. | ||||
| CVE-2026-11625 | 1 Davido | 1 Bytes::random::secure | 2026-06-29 | 7.5 High |
| Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess applications are predictable across processes. | ||||
| CVE-2026-11702 | 1 Davido | 1 Bytes::random::secure::tiny | 2026-06-29 | 7.5 High |
| Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared across processes and identical random streams will be produced. Secrets generated in multiprocess applications are predictable across processes. | ||||
| CVE-2026-57912 | 1 Johnson & Johnson | 1 Campus Recruiting | 2026-06-29 | 7.5 High |
| Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers. | ||||
| CVE-2026-57913 | 1 Johnson & Johnson | 1 Audit Tracking Management System | 2026-06-29 | 7.5 High |
| Johnson & Johnson Audit Tracking Management System (ATMS) before 2026-04-21 allows viewing of meeting minutes and transcripts. | ||||
| CVE-2026-57920 | 1 Peplink | 1 Incontrol | 2026-06-29 | 7.7 High |
| Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints. | ||||
| CVE-2026-57527 | 1 Zaproxy | 1 Zap-extensions | 2026-06-29 | 8.8 High |
| Zed Attack Proxy (ZAP) ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attackers who control a proxied web server to achieve arbitrary code execution by embedding a malicious serialized Java object in the javax.faces.ViewState HTTP response parameter. The JSFViewState.decode() method base64-decodes the ViewState value and passes it directly to ObjectInputStream.readObject() without a deserialization filter, allowlist, or type restriction, causing the malicious object to be deserialized within the ZAP JVM when the Desktop UI renders the ViewState panel. | ||||
| CVE-2025-68063 | 2 Stylemixthemes, Wordpress | 2 Splash - Sport Club Wordpress Theme For Basketball, Football, Hockey, Wordpress | 2026-06-29 | 7.5 High |
| Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions. | ||||