Search

Search Results (366468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-58554 2026-07-15 6.6 Medium
Permission control vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2026-58557 2026-07-15 4.8 Medium
Design defect vulnerability in Expedition mode. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-15809 1 Redhat 2 Confidential Compute Attestation, Openshift 2026-07-15 7.8 High
A flaw was found in CRI-O. The fix for a previous vulnerability (CVE-2022-4318) was incorrect, allowing it to be bypassed. An attacker capable of setting environment variables on a container can inject a newline character into the HOME environment variable. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.
CVE-2026-15779 1 Redhat 1 Enterprise Linux 2026-07-15 6.1 Medium
A flaw was found in samba's pam_winbind. When mkhomedir is enabled, pam_winbind chowns the target account's home directory without validating the path is not a critical system directory such as /. On affected systems, accounts with / as their home directory (a common default for system accounts) can have this triggered not only by root, but by a non-root user holding a narrow sudo delegation to run commands as that account, causing ownership of / to change and resulting in severe denial of service (SSH, sudo, and package-manager failures). The change does not grant write access to / (which ships with restrictive 0555 permissions on RHEL), so the impact is availability loss rather than further privilege escalation.
CVE-2026-58556 2026-07-15 5.1 Medium
Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-58558 2026-07-15 7.8 High
Permission control vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2026-3014 2026-07-15 9.1 Critical
Milestone has released a new version of XProtect® (and several cumulative patch updates) which fix security vulnerability in Management Server API.  The vulnerability causes users with edit permissions to the Management Server to be able to execute arbitrary code in context of the Management Server Service.
CVE-2026-58559 2026-07-15 6.5 Medium
DoS vulnerability in the vibration service. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-40646 2 Energycrm, Viday 2 Energy Crm, Viday 2026-07-15 5.4 Medium
Exposure of sensitive information in Viday. This vulnerability could allow an attacker to obtain sensitive information about customers by intercepting HTTP requests and searching for the JWT containing sensitive user information in the JWT payload.
CVE-2026-47422 1 Frappe 1 Frappe 2026-07-15 N/A
Frappe is a full-stack web application framework. Prior to 15.107.5 and 16.18.2, an endpoint in reportview lacked appropriate permission checks and that has since been fixed. This vulnerability is fixed in 15.107.5 and 16.18.2.
CVE-2026-10769 1 Drupal 1 Commerce Core 2026-07-15 5.4 Medium
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Commerce Core allows Stored XSS. This issue affects Commerce Core versions: from 3.3.0 to 3.3.6.
CVE-2026-15089 1 Drupal 1 Commerce Guest Registration 2026-07-15 9.1 Critical
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.
CVE-2026-15709 1 Redhat 1 Enterprise Linux 2026-07-15 7.5 High
A flaw was found in libsoup's WebSocket implementation when using the permessage-deflate extension. The extension's decompression loop (inflate()) processes data in chunks without enforcing an upper boundary limit on the output buffer size. While libsoup limits the incoming compressed frame size via max_incoming_payload_size, it fails to track or limit memory allocation during decompression. A separate check for decompressed size (max_total_message_size) exists but executes only after inflation is complete, and it is entirely disabled by default for client connections. A remote, unauthenticated attacker can exploit this by sending a small, highly compressed payload (a decompression bomb), causing unbounded memory allocation that triggers an Out-of-Memory (OOM) crash and a Denial of Service (DoS).
CVE-2026-47996 2026-07-15 7.6 High
Adobe Commerce is affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read access. Exploitation of this issue does not require user interaction. Scope is changed.
CVE-2026-48815 2026-07-15 7.5 High
sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 4.1.1, the documented certificateOIDs option in sigstore.verify() is accepted by the public API but discarded before verification, so required certificate extension OIDs are never checked and applications relying on certificateOIDs to restrict which certificates may sign artifacts can accept unauthorized certificates. This issue is fixed in version 4.1.1.
CVE-2026-48801 2026-07-15 N/A
linkify-it is a links recognition library with full Unicode support. Prior to 5.0.1, LinkifyIt.prototype.match, the package's primary public API, has O(N²) algorithmic complexity for inputs containing many fuzzy links or emails because the JavaScript-level scan loop re-slices input and re-runs unanchored regex searches on progressively shorter tails. Any service that synchronously renders untrusted Markdown with linkify:true on a request hot path can inherit a worker-process denial of service triggerable by a tens-of-KB request body. This issue is fixed in version 5.0.1.
CVE-2026-48125 2026-07-15 5.3 Medium
UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParser(headers).withClientHints(), an attacker can cause excessive CPU time due to catastrophic backtracking in the device regex because Client Hints values are copied without the UA_MAX_LENGTH limit used for User-Agent values. This issue is fixed in version 2.0.10.
CVE-2026-48758 2026-07-15 5.4 Medium
sigstore-js provides JavaScript libraries for interacting with Sigstore services. Prior to 3.2.1, the preAuthEncoding function in @sigstore/core uses Node.js ascii encoding when converting the PAE string to bytes, allowing payloadType to be mutated after signing without invalidating the signature and breaking the type-binding guarantee that DSSE is designed to provide. This issue is fixed in version 3.2.1.
CVE-2026-46644 2026-07-15 N/A
Symfony Polyfill backports PHP features and provides compatibility layers for extensions and functions. From 1.17.1 until 1.38.1, symfony/polyfill-intl-idn accepts xn-- labels whose Punycode payload is empty or decodes to ASCII-only code points because Idn::process() does not enforce the UTS #46 revision 33 requirement that decoded ACE labels contain at least one non-ASCII code point. Originally unequal domain names can be regarded as equal, which can lead to blacklist bypassing, inconsistent URL parsing, and server-side request forgery in applications using the polyfill to canonicalise or compare hostnames. This issue is fixed in version 1.38.1.
CVE-2026-46459 2026-07-15 N/A
ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor database. This issue has been fixed in version 2.4.18.029