Search

Search Results (366303 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-51601 1 Tenda 1 Cp3 2026-07-15 7.5 High
Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handshake can send a PLAY request with an excessively long clock= value to cause the RTSP service to crash.
CVE-2026-51598 1 Mercury 1 Mipc252w 2026-07-15 6.5 Medium
An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n) allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line.
CVE-2026-55002 1 Microsoft 15 Microsoft Sql Server 2016 Service Pack 3 (gdr), Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft Sql Server 2017 (cu 31) and 12 more 2026-07-15 7.8 High
External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally.
CVE-2026-42936 2026-07-15 N/A
The installer of HYPER SBI 2 insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer.
CVE-2026-51604 1 Tenda 1 Cp3 2026-07-15 7.5 High
A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request.
CVE-2026-11571 2026-07-15 7.5 High
The Everest Forms WordPress plugin before 3.5.0 does not reliably delete temporary CSV files generated during email-notification processing and leaves them publicly accessible in the uploads directory, allowing unauthenticated attackers to retrieve other users' form submission records via predictable, enumerable filenames.
CVE-2026-12505 1 Redhat 4 Cifs-utils, Enterprise Linux, Openshift and 1 more 2026-07-15 7.8 High
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted request_key payload to trick the root-owned helper into entering a custom environment (namespace) containing a malicious NSS module. This forces the system to load the attacker's controlled NSS Module and configuration, allowing them to execute arbitrary commands as the root user, elevating their privileges and fully compromising the system.
CVE-2026-58304 1 Samsung Open Source 1 Escargot 2026-07-15 6.1 Medium
Out-of-bounds read, Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a.
CVE-2026-54798 1 Siemens 2 Cpci85 Central Processing\/communication, Sicore Base System 2026-07-15 6.5 Medium
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt the system by crashing the web process causing denial of service conditions.
CVE-2026-54801 1 Siemens 2 Cpci85 Central Processing\/communication, Sicore Base System 2026-07-15 7.2 High
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.20), SICORE Base system (All versions < V26.20.0). The affected application contains insufficient validation of authentication credentials when processing administrative account modifications through the web API. This could allow an authenticated attacker to bypass security controls and gain unauthorized elevated privileges.
CVE-2026-54118 1 Microsoft 15 Microsoft Sql Server 2016 Service Pack 3 (gdr), Microsoft Sql Server 2016 Service Pack 3 Azure Connect Feature Pack, Microsoft Sql Server 2017 (cu 31) and 12 more 2026-07-15 8.8 High
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-54131 1 Microsoft 8 365 Apps, Office 2019, Office 2021 and 5 more 2026-07-15 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-50658 1 Microsoft 1 Defender For Endpoint 2026-07-15 7 High
Time-of-check time-of-use (toctou) race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-13461 1 Payrange 1 Payrange 2026-07-15 9.6 Critical
When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device.
CVE-2026-50663 1 Microsoft 2 Age Of Empires Ii, Age Of Empires Ii 2026-07-15 8.8 High
Relative path traversal in Age of Empires II: Definitive Edition Game allows an unauthorized attacker to execute code over a network.
CVE-2026-15427 2026-07-15 N/A
An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and sanitization of parameters, allowing crafted input to be executed as system-level commands. Exploitation requires specific conditions such as TR-069 being enabled and ability to influence ACS-delivered commands, compromise or control an ACS server. Successful exploitation may allow arbitrary command execution with root privileges, resulting in complete compromise of the device.
CVE-2026-50499 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-15 7.8 High
Heap-based buffer overflow in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
CVE-2026-44761 2026-07-15 9.1 Critical
SAP Commerce Cloud could retain a sample OAuth2 client with publicly documented sample credentials originating from sample configuration provided in SAP Help Portal documentation. If left unchanged, an unauthenticated attacker could use these well-known credentials to obtain a valid access token and invoke certain APIs to read and modify data. Successful exploitation results in high impact on confidentiality and integrity, with no impact on availability.
CVE-2026-50677 1 Microsoft 3 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 2026-07-15 7.8 High
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.
CVE-2026-50688 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-15 7.8 High
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.