Search
127,623 CVEs · High severity
EOL hidden · Show all products
CVEs (127,623, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 101–125 of 127,623 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↓ | Description |
|---|---|---|---|---|---|
| CVE-2026-50231 | HIGH | 7.2 | 2026-06-05 | Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in the log viewer that allows attackers to inject malicious scripts by explo… | |
| CVE-2026-50264 | HIGH | 7.8 | 2026-06-05 | An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attach… | |
| CVE-2026-50261 | HIGH | 7.8 | 2026-06-05 | A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when des… | |
| CVE-2026-50260 | HIGH | 7.8 | 2026-06-05 | A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a … | |
| CVE-2026-50259 | HIGH | Patched | 7.8 | 2026-06-05 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type in… |
| CVE-2026-50258 | HIGH | Patched | 7.8 | 2026-06-05 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckK… |
| CVE-2026-50257 | HIGH | Patched | 7.8 | 2026-06-05 | A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free funct… |
| CVE-2026-50256 | HIGH | Patched | 7.8 | 2026-06-05 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can ca… |
| CVE-2026-21031 | HIGH | 7.8 | 2026-06-05 | Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vuln… | |
| CVE-2026-21030 | HIGH | 7.8 | 2026-06-05 | Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions. | |
| CVE-2026-21029 | HIGH | 7.8 | 2026-06-05 | Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. | |
| CVE-2026-11332 | HIGH | 7.8 | 2026-06-05 | A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neut… | |
| CVE-2026-50593 | HIGH | Patched | 7.3 | 2026-06-05 | Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed … |
| CVE-2026-41567 | HIGH | Patched | 7.2 | 2026-06-05 | Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container vi… |
| CVE-2026-11307 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium secu… |
| CVE-2026-11306 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium secu… |
| CVE-2026-11305 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium secu… |
| CVE-2026-11304 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security… |
| CVE-2026-11303 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium secu… |
| CVE-2026-11301 | HIGH | Patched | 8.8 | 2026-06-05 | Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicio… |
| CVE-2026-11297 | HIGH | Patched | 7.7 | 2026-06-05 | Insufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to bypass navigation restrictions via … |
| CVE-2026-11296 | HIGH | 7.5 | 2026-06-05 | Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege… | |
| CVE-2026-11295 | HIGH | Patched | 8.8 | 2026-06-05 | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page… |
| CVE-2026-11279 | HIGH | 8.8 | 2026-06-05 | Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromi… | |
| CVE-2026-11272 | HIGH | 8.8 | 2026-06-05 | Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specif… |