Export limit exceeded: 359386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359386 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55647 | 1 Gpac | 2 Gpac, Mp4box | 2026-06-19 | 5.5 Medium |
| An Out-of-Memory in the mp4_mux_cenc_insert_pssh function (filters/mux_isom.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-55648 | 1 Gpac | 2 Gpac, Mp4box | 2026-06-19 | 5.5 Medium |
| A heap buffer overflow in the gf_opus_parse_packet_header function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-55652 | 1 Gpac | 1 Mp4box | 2026-06-19 | 5.5 Medium |
| A heap buffer overflow in the gf_isom_vp_config_new function (isomedia/avc_ext.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-55660 | 1 Gpac | 1 Mp4box | 2026-06-19 | 5.5 Medium |
| A stack overflow in the gf_opus_read_length function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-55663 | 1 Gpac | 1 Mp4box | 2026-06-19 | 5.5 Medium |
| A segmentation violation in the Track_SetStreamDescriptor function (isomedia/track.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-56814 | 1 Opencpn | 1 Opencpn | 2026-06-19 | 7.8 High |
| A code injection vulnerability in the wxExecute() function of OpenCPN v5.12.0 allows attackers to execute arbitrary code via embedding shell metacharacters. | ||||
| CVE-2026-30121 | 1 Remotion-dev | 1 Remotion | 2026-06-19 | 9.1 Critical |
| remotion-dev remotion v4.0.409 was discovered to contain an arbitrary file write vulnerability. | ||||
| CVE-2026-38061 | 1 Tenda | 1 5g03 | 2026-06-19 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_volume via the volume parameter. | ||||
| CVE-2026-38062 | 1 Tenda | 1 5g03 | 2026-06-19 | 9.8 Critical |
| Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_rat_mode via the ratMode parameter. | ||||
| CVE-2026-36521 | 1 Publiccms | 1 Publiccms | 2026-06-19 | 6.1 Medium |
| PublicCMS V5.202506.d has a Cross Site Scripting (XSS) vulnerability in the site configuration management module. | ||||
| CVE-2026-38812 | 1 Ruoyi | 1 Ruoyi | 2026-06-19 | 9.8 Critical |
| RuoYi v4.8.2 is vulnerable to SQL Injection via the /tool/gen/createTable endpoint. The issue affects the code generation module and may allow an authenticated attacker with administrative privileges to access sensitive database information. | ||||
| CVE-2026-39118 | 1 Iru | 1 Kandji Agent | 2026-06-19 | 8.4 High |
| An issue in Iru, Inc Kandji Agent before v.4.7.5(5374) allows a local attacker to escalate privileges via a client validation gap to invoke restricted agent functionality. | ||||
| CVE-2026-39196 | 1 Datadoghq | 1 Vector | 2026-06-19 | 9.8 Critical |
| Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements. | ||||
| CVE-2026-39197 | 1 Datadoghq | 1 Vector | 2026-06-19 | 6.5 Medium |
| An issue in the /util/http/prelude.rs endpoint of Datadog, Inc Vector v0.54.0 allows attackers to cause a Denial of Service (DoS) via a crafted request or payload. | ||||
| CVE-2026-50871 | 1 Kanishka-linux | 1 Reminiscence | 2026-06-19 | 9.8 Critical |
| An OS command injection vulnerability in the media archiving and export pipeline component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input. | ||||
| CVE-2026-50874 | 1 Kanishka-linux | 1 Reminiscence | 2026-06-19 | 8.1 High |
| An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input. | ||||
| CVE-2026-50877 | 1 Zhoros | 1 Superbin | 2026-06-19 | 7.5 High |
| An issue in Zhoros SuperBin v1.0.0 allows attackers to execute a directory traversal via supplying files with names containing traversal characters. | ||||
| CVE-2026-50878 | 1 Feuerhamster | 1 Mailform | 2026-06-19 | 7.5 High |
| An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2026-50881 | 1 Impworks | 1 Bonsai | 2026-06-19 | 8.1 High |
| Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator and execute unauthorized account, password, and configuration changes. | ||||
| CVE-2026-50890 | 1 Grocy | 1 Grocy | 2026-06-19 | 9.8 Critical |
| Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement. | ||||