Export limit exceeded: 347773 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347773 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-7580 | 2026-05-01 | 5.3 Medium | ||
| A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Process_mrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The manipulation of the argument -ee results in code injection. Attacking locally is a requirement. Upgrading to version 13.54 is recommended to address this issue. The patch is identified as 5a8b6b6ead12b39e3f32f978a4efd0233facbb01. It is suggested to upgrade the affected component. The fix in the source code mentions: "[J]ust to be safe, probably never happen". | ||||
| CVE-2026-6526 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | ||||
| CVE-2026-6527 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6529 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6530 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6522 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| RPKI-Router protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6523 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| GNW protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6524 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5299 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5401 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5402 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 8.8 High |
| TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | ||||
| CVE-2026-5406 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5407 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-22165 | 2026-05-01 | 8.1 High | ||
| A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the device. | ||||
| CVE-2026-5656 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 7 High |
| Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| CVE-2026-5405 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 7.8 High |
| RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| CVE-2026-5404 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 4.7 Medium |
| K12 RF5 file parser crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-22166 | 2026-05-01 | 8.1 High | ||
| A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the system. | ||||
| CVE-2026-5403 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 7.8 High |
| SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | ||||
| CVE-2026-22167 | 2026-05-01 | 7.8 High | ||
| Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour. This attack can lead the GPU to perform write operations on restricted internal GPU buffers that can lead to a second order affect of corrupted arbitrary physical memory. | ||||