Search
127,623 CVEs · High severity
EOL hidden · Show all products
CVEs (127,623, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 127,623 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-46270 | HIGH | 8.4 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in power_supply_changed() Using the `devm_` variant for requ… | |
| CVE-2026-46265 | HIGH | 7.5 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ_MEM_RECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the fo… | |
| CVE-2026-46264 | HIGH | 8.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup… | |
| CVE-2026-46263 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng_id can be negative and that stream_enc_… | |
| CVE-2026-46260 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node(). syzbot reported out-of-bound read in fib6_add_rt2… | |
| CVE-2026-46259 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]… | |
| CVE-2026-46253 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistent_ram_save_old() persistent_ram_save_old() can be called m… | |
| CVE-2026-46251 | HIGH | 8.4 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block_group_tree dirty_list corruption When the incompat flag EXTENT_TREE_V2 is set, we unc… | |
| CVE-2026-46250 | HIGH | 7.3 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, __current_thread_info … | |
| CVE-2026-40290 | HIGH | Patched | 7.8 | 2026-06-03 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting i… |
| CVE-2026-36611 | HIGH | 7.3 | 2026-06-03 | Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900,… | |
| CVE-2026-36609 | HIGH | 7.3 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined w… | |
| CVE-2026-36608 | HIGH | 8.8 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its ow… | |
| CVE-2026-36607 | HIGH | 8.8 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code=10), which lacks the … | |
| CVE-2026-36606 | HIGH | 7.1 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtain… | |
| CVE-2026-36603 | HIGH | 8.1 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExter… | |
| CVE-2026-20230 | HIGH | 8.6 | 2026-06-03 | A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an una… | |
| CVE-2026-37462 | HIGH | 7.5 | 2026-06-03 | An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP… | |
| CVE-2026-36574 | HIGH | 7.8 | 2026-06-03 | A DLL hijacking vulnerability in Wassimulator (GitHub) CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL. | |
| CVE-2026-37460 | HIGH | 7.5 | 2026-06-03 | Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via… | |
| CVE-2022-49042 | HIGH | Patched | 7.8 | 2026-06-03 | An inclusion of functionality from untrusted control sphere vulnerability in MinGW DLL component in Synology Hyper Backup Explorer before 3.0.1-0156 allows local users to e… |
| CVE-2022-49036 | HIGH | Patched | 7.8 | 2026-06-03 | An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.… |
| CVE-2026-35085 | HIGH | Patched | 8.8 | 2026-06-03 | A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. |
| CVE-2026-35084 | HIGH | Patched | 8.8 | 2026-06-03 | A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. |
| CVE-2026-35083 | HIGH | Patched | 8.8 | 2026-06-03 | A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. |