Search Results (86798 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24242 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to information disclosure.
CVE-2026-24246 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-24248 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generation. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-24251 1 Nvidia 1 Megatron-bridge 2026-07-14 7.8 High
NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically managed code resources. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.
CVE-2026-50685 1 Microsoft 8 Windows 10 1607, Windows 10 1809, Windows Server 2012 and 5 more 2026-07-14 7.5 High
Double free in Windows DHCP Server allows an authorized attacker to execute code over a network.
CVE-2026-50679 1 Microsoft 4 Windows 11 24h2, Windows 11 25h2, Windows 11 26h1 and 1 more 2026-07-14 7.8 High
Heap-based buffer overflow in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.
CVE-2026-58277 1 Microsoft 2 Sharepoint Server 2016, Sharepoint Server 2019 2026-07-14 8.8 High
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
CVE-2026-50670 1 Microsoft 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more 2026-07-14 8.8 High
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-57968 1 Microsoft 1 Windows Subsystem For Linux 2026-07-14 7.8 High
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
CVE-2026-56196 1 Microsoft 1 Windows Admin Center 2026-07-14 8.8 High
Relative path traversal in Windows Admin Center allows an authorized attacker to execute code over a network.
CVE-2026-50359 1 Microsoft 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more 2026-07-14 7 High
Use after free in Microsoft XML Core Services allows an authorized attacker to elevate privileges locally.
CVE-2026-55120 1 Microsoft 8 365 Apps, Office 2019, Office 2021 and 5 more 2026-07-14 7.8 High
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2026-34965 2 Agentejo, Cockpit-hq 2 Cockpit, Cockpit 2026-07-14 8.8 High
Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly to server-side PHP files and executed via include() to achieve arbitrary command execution on the underlying server.
CVE-2026-32854 3 Libvnc Project, Libvncserver, Libvncserver Project 3 Libvncserver, Libvncserver, Libvncserver 2026-07-14 7.5 High
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput() in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit missing validation of strchr() return values in the CONNECT and GET proxy handling paths to trigger null pointer dereferences and crash the server when httpd and proxy features are enabled.
CVE-2026-32853 3 Libvnc Project, Libvncserver, Libvncserver Project 3 Libvncserver, Libvncserver, Libvncserver 2026-07-14 8.1 High
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking in the HandleUltraZipBPP() function by manipulating subrectangle header counts to read beyond the allocated heap buffer.
CVE-2026-29514 1 Netbox 1 Netbox 2026-07-14 8.8 High
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python callables in the environment_params field. Attackers can bypass Jinja2 SandboxedEnvironment protections by setting the finalize parameter to any importable Python callable such as subprocess.getoutput, which is invoked on every rendered expression outside the sandbox's call interception mechanism, achieving remote code execution as the NetBox service user.
CVE-2026-29009 2 Denx, U-boot 2 U-boot, U-boot 2026-07-14 8.2 High
U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in nfs_readlink_reply() (net/nfs-common.c) when CONFIG_CMD_NFS is enabled, allowing a malicious or compromised NFS server to overflow the 2048-byte nfs_path_buff buffer by returning multiple relative symlink targets that are appended without cumulative length validation. Attackers can send two or more READLINK responses containing relative symlink targets of approximately 1100 bytes each to corrupt adjacent BSS variables including nfs_server_ip, nfs_server_mount_port, nfs_server_port, nfs_our_port, nfs_state, and rpc_id, potentially achieving memory corruption and control over the NFS client state machine.
CVE-2026-29008 2 Denx, U-boot 2 U-boot, U-boot 2026-07-14 7.5 High
U-Boot through 2026.04-rc3 contains an integer underflow vulnerability in the tcp_rx_state_machine() function (net/tcp.c) that allows a network-adjacent attacker to crash the bootloader by sending a malformed TCP SYN+ACK packet with a manipulated data offset field causing payload_len to become negative. When the TCP_SYN_SENT handler calls tcp_rx_user_data() without invoking tcp_seg_in_wnd() validation, the negative payload_len is implicitly converted to a large unsigned integer (e.g., 0xFFFFFFD8) and passed to memcpy() in store_block(), causing an immediate crash that prevents device boot and may enable memory corruption when CONFIG_LMB is disabled.
CVE-2026-28516 1 Opendcim 1 Opendcim 2026-07-14 8.8 High
openDCIM version 23.04, through commit 4467e9c4, contains a SQL injection vulnerability in Config::UpdateParameter. The install.php and container-install.php handlers pass user-supplied input directly into SQL statements using string interpolation without prepared statements or proper input sanitation. An authenticated user can execute arbitrary SQL statements against the underlying database.
CVE-2026-28515 1 Opendcim 1 Opendcim 2026-07-14 8.8 High
openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this functionality regardless of assigned privileges. In deployments where REMOTE_USER is set without authentication enforcement, the endpoint may be accessible without credentials. This allows unauthorized modification of application configuration.