Export limit exceeded: 11830 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11830 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43524 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-05-13 | 8.8 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.2. An app may be able to break out of its sandbox. | ||||
| CVE-2026-20887 | 1 Intel | 1 Vision Software | 2026-05-13 | N/A |
| Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2026-44547 | 1 Churchcrm | 1 Churchcrm | 2026-05-13 | 9.6 Critical |
| ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and then silently stripped from src/api/routes/public/public-user.php by an unrelated PR before any 7.2.x tag was cut. Every shipped 7.2.x release therefore remains exploitable by the PoC published with the original advisory. This vulnerability is fixed in 7.3.1. | ||||
| CVE-2026-44352 | 1 Reconurge | 1 Flowsint | 2026-05-13 | N/A |
| Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Broken Access Control allows reading of sketch logs from any user. This vulnerability is fixed in 1.2.3. | ||||
| CVE-2026-21024 | 1 Samsung Mobile | 1 Samsung System Support Service | 2026-05-13 | N/A |
| Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions. | ||||
| CVE-2026-28988 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-05-13 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5, watchOS 26.5. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2026-42300 | 1 L3montree-dev | 1 Devguard | 2026-05-13 | N/A |
| DevGuard provides vulnerability management for the full software supply chain. Prior to 1.2.2, the SessionMiddleware accepts a client-supplied X-Admin-Token HTTP request header and uses its raw string value as the authenticated userID when no Kratos session cookie is present. An unauthenticated attacker who knows or can guess a target user's Kratos identity UUID can issue requests as that user. Where the target user is an organisation admin or owner, this gives the attacker full control over that organisation's DevGuard resources. This vulnerability is fixed in 1.2.2. | ||||
| CVE-2026-42177 | 1 Siemens | 1 Linux-entra-sso | 2026-05-13 | 5.3 Medium |
| linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSO_URL + "/*", i.e. "https://login.microsoftonline.com/*". Chrome's urlFilter without a | or || anchor is substring-matched against the full request URL. The same applied rule action is modifyHeaders that attaches the Entra ID Primary Refresh Token cookie. The Firefox adapter in platform/firefox/js/platform-firefox.js:53 performs a belt-and-braces startsWith(Platform.SSO_URL) check before injecting the header; the Chrome adapter does not. When the extension holds broad host permissions through the optional_host_permissions: ["https://*/*"] declared in platform/chrome/manifest.json:34, a main-frame navigation to a URL whose path embeds https://login.microsoftonline.com/ causes Chrome to attach the PRT cookie to the request to the attacker-controlled host. This vulnerability is fixed in 1.8.1. | ||||
| CVE-2026-28922 | 1 Apple | 1 Macos | 2026-05-13 | 6.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information. | ||||
| CVE-2026-28957 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-05-13 | 3.3 Low |
| An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to capture a user's screen. | ||||
| CVE-2026-28978 | 1 Apple | 1 Macos | 2026-05-13 | 8.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox. | ||||
| CVE-2026-44341 | 1 Karnop | 1 Gojobs | 2026-05-13 | 5.3 Medium |
| GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. The endpoint lacks proper authentication and authorization checks, resulting in unauthorized access to job data. | ||||
| CVE-2026-28993 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-05-13 | 5.5 Medium |
| This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access user-sensitive data. | ||||
| CVE-2026-28910 | 1 Apple | 1 Macos | 2026-05-13 | 3.3 Low |
| This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files. | ||||
| CVE-2026-32684 | 1 Hikvision | 1 Hik-connect App | 2026-05-13 | 2.9 Low |
| The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information. | ||||
| CVE-2025-9988 | 2 Broadstreetads, Wordpress | 2 Broadstreet, Wordpress | 2026-05-13 | 4.3 Medium |
| The Broadstreet plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the create_advertiser AJAX action in all versions up to, and including, 1.53.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create advertisers. | ||||
| CVE-2026-41102 | 1 Microsoft | 2 Powerpoint, Powerpoint For Android | 2026-05-13 | 7.1 High |
| Improper access control in Microsoft Office PowerPoint allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2026-40381 | 1 Microsoft | 1 Azure Connected Machine Agent | 2026-05-13 | 7.8 High |
| Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-31785 | 1 Linux | 1 Linux Kernel | 2026-05-13 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/xe/xe_pagefault: Disallow writes to read-only VMAs The page fault handler should reject write/atomic access to read only VMAs. Add code to handle this in xe_pagefault_service after the VMA lookup. v2: - Apply max line length (Matthew) (cherry picked from commit 714ee6754ac5fa3dc078856a196a6b124cd797a0) | ||||
| CVE-2026-42303 | 1 Ethyca | 1 Fides | 2026-05-12 | N/A |
| Fides is an open-source privacy engineering platform. From 2.75.0 to before 2.83.2, Fides deployments that enable both subject identity verification and duplicate privacy request detection are affected by a vulnerability in which an administrator can approve a privacy request whose identity was never verified. For erasure policies, this can result in unauthorized deletion of a data subject's records across every integration configured in the affected deployment. This vulnerability is fixed in 2.83.2. | ||||