Search
127,949 CVEs · High severity
CVEs (127,949, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 127,949 (capped at 500)
| CVE ID | Severity ↑ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-44682 | HIGH | 7.3 | 2026-06-03 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |
| CVE-2026-50033 | HIGH | 7.3 | 2026-06-03 | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |
| CVE-2026-42061 | HIGH | 7.3 | 2026-06-03 | Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.… | |
| CVE-2026-8874 | HIGH | 7.1 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via the Fetch API. Other endpo… | |
| CVE-2026-8876 | HIGH | 7.3 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention… | |
| CVE-2026-8878 | HIGH | 7.5 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information co… | |
| CVE-2026-8879 | HIGH | 7.5 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts() at runtime. This scri… | |
| CVE-2026-8881 | HIGH | 7.5 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a si… | |
| CVE-2026-8888 | HIGH | 7.5 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() witho… | |
| CVE-2026-8889 | HIGH | 7.5 | 2026-06-03 | Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes). | |
| CVE-2026-46273 | HIGH | 8.6 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support… | |
| CVE-2026-46265 | HIGH | 7.5 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQ_MEM_RECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the fo… | |
| CVE-2026-46270 | HIGH | 8.4 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: power: supply: rt9455: Fix use-after-free in power_supply_changed() Using the `devm_` variant for requ… | |
| CVE-2026-46271 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware … | |
| CVE-2026-46260 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node(). syzbot reported out-of-bound read in fib6_add_rt2… | |
| CVE-2026-46263 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng_id can be negative and that stream_enc_… | |
| CVE-2026-46264 | HIGH | 8.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup… | |
| CVE-2026-46253 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistent_ram_save_old() persistent_ram_save_old() can be called m… | |
| CVE-2026-46259 | HIGH | 7.8 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]… | |
| CVE-2026-46250 | HIGH | 7.3 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as global register variable On MIPS, __current_thread_info … | |
| CVE-2026-46251 | HIGH | 8.4 | 2026-06-03 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix block_group_tree dirty_list corruption When the incompat flag EXTENT_TREE_V2 is set, we unc… | |
| CVE-2026-40290 | HIGH | Patched | 7.8 | 2026-06-03 | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting i… |
| CVE-2026-36609 | HIGH | 7.3 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined w… | |
| CVE-2026-36611 | HIGH | 7.3 | 2026-06-03 | Mercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900,… | |
| CVE-2026-36603 | HIGH | 8.1 | 2026-06-03 | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExter… |