Search
19,628 CVEs · High severity
CVEs (19,628, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 326–350 of 19,628 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-10895 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2026-10894 | HIGH | Patched | 8.3 | 2026-06-04 | Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-10893 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security s… |
| CVE-2026-10891 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium s… |
| CVE-2026-10890 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network… |
| CVE-2026-10889 | HIGH | Patched | 8.3 | 2026-06-04 | Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox esca… |
| CVE-2026-10888 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network tr… |
| CVE-2026-10887 | HIGH | Patched | 8.1 | 2026-06-04 | Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium sec… |
| CVE-2026-10885 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium secur… |
| CVE-2026-10884 | HIGH | Patched | 8.3 | 2026-06-04 | Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox esc… |
| CVE-2026-10883 | HIGH | Patched | 8.8 | 2026-06-04 | Type Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security… |
| CVE-2026-10882 | HIGH | Patched | 8.8 | 2026-06-04 | Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: … |
| CVE-2026-10873 | HIGH | 7.2 | 2026-06-04 | A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstats_path of the file /bin/rstats of the component Web UI. Executing a manipulation ca… | |
| CVE-2026-10872 | HIGH | 7.2 | 2026-06-04 | A vulnerability was found in Shibby Tomato 1.28.0000. This issue affects the function start_vpnserver of the file /sbin/rc of the component Web UI. Performing a manipulatio… | |
| CVE-2025-8873 | HIGH | 7.5 | 2026-06-04 | On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane m… | |
| CVE-2026-10871 | HIGH | 7.2 | 2026-06-04 | A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start_6rd_tunnel of the file /sbin/rc of the component Web UI. Such manip… | |
| CVE-2026-10870 | HIGH | 7.2 | 2026-06-04 | A flaw has been found in Shibby Tomato 1.28.0000. This affects the function start_dhcpc of the file /sbin/rc of the component Web UI. This manipulation causes os command in… | |
| CVE-2026-41518 | HIGH | 7.6 | 2026-06-04 | Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authentic… | |
| CVE-2026-41249 | HIGH | 8.2 | 2026-06-04 | CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_requ… | |
| CVE-2026-41236 | HIGH | 8.8 | 2026-06-04 | Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP … | |
| CVE-2026-41234 | HIGH | 7.6 | 2026-06-04 | Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline characters in TXT record content… | |
| CVE-2026-50292 | HIGH | Patched | 7.4 | 2026-06-04 | In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution |
| CVE-2026-25551 | HIGH | 7.8 | 2026-06-04 | Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The Data… | |
| CVE-2026-10796 | HIGH | Patched | 7.5 | 2026-06-04 | nvm (Node Version Manager) through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as `nvm install` r… |
| CVE-2025-69755 | HIGH | 8.2 | 2026-06-04 | An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the … |