Search
127,912 CVEs · High severity
CVEs (127,912, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 127,912 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-7914 | HIGH | Patched | 8.3 | 2026-05-06 | Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform… |
| CVE-2026-7913 | HIGH | Patched | 7.8 | 2026-05-06 | Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file… |
| CVE-2026-7911 | HIGH | Patched | 8.3 | 2026-05-06 | Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo… |
| CVE-2026-7907 | HIGH | Patched | 8.8 | 2026-05-06 | Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium securi… |
| CVE-2026-7906 | HIGH | Patched | 8.8 | 2026-05-06 | Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium securi… |
| CVE-2026-7905 | HIGH | Patched | 8.3 | 2026-05-06 | Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to… |
| CVE-2026-7903 | HIGH | Patched | 8.8 | 2026-05-06 | Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (… |
| CVE-2026-7902 | HIGH | Patched | 8.8 | 2026-05-06 | Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chr… |
| CVE-2026-7901 | HIGH | Patched | 8.8 | 2026-05-06 | Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromi… |
| CVE-2026-7900 | HIGH | Patched | 8.3 | 2026-05-06 | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es… |
| CVE-2026-7899 | HIGH | Patched | 8.8 | 2026-05-06 | Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |
| CVE-2026-7898 | HIGH | Patched | 8.8 | 2026-05-06 | Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium s… |
| CVE-2026-7897 | HIGH | Patched | 7.5 | 2026-05-06 | Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrar… |
| CVE-2026-7896 | HIGH | Patched | 8.8 | 2026-05-06 | Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium securi… |
| CVE-2026-7875 | HIGH | Patched | 8.8 | 2026-05-06 | NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or… |
| CVE-2026-7862 | HIGH | Patched | 8.6 | 2026-05-28 | The Eupago Gateway For Woocommerce WordPress plugin before 4.7.2 does not properly restrict access to its refund request handler, allowing unauthenticated attackers to init… |
| CVE-2026-7857 | HIGH | 7.2 | 2026-05-05 | A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The m… | |
| CVE-2026-7856 | HIGH | 7.2 | 2026-05-05 | A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipula… | |
| CVE-2026-7855 | HIGH | 8.8 | 2026-05-05 | A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Perf… | |
| CVE-2026-7851 | HIGH | 7.2 | 2026-05-05 | A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-base… | |
| CVE-2026-7841 | HIGH | 8.8 | 2026-05-06 | A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitra… | |
| CVE-2026-7833 | HIGH | 7.2 | 2026-05-05 | A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of the component ApplyRestore… | |
| CVE-2026-7832 | HIGH | 7.0 | 2026-05-05 | A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in … | |
| CVE-2026-7821 | HIGH | Patched | 7.4 | 2026-05-07 | Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to enroll a device belonging to a r… |
| CVE-2026-7819 | HIGH | Patched | 8.1 | 2026-05-11 | Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic li… |