Export limit exceeded: 363261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363261 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363261 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-56085 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-03 | 3.3 Low |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of uninitialized resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2026-46730 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-03 | 4.2 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution. | ||||
| CVE-2026-46468 | 1 Dell | 1 Powerprotect Data Domain | 2026-07-03 | 4.4 Medium |
| Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure. | ||||
| CVE-2026-14610 | 1 Assimp | 1 Assimp | 2026-07-03 | 5.3 Medium |
| A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. Patch name: eb84eec580d3f4ba2f0fd87409b7d0744620f11e. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2026-12481 | 2026-07-03 | N/A | ||
| A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserialization()` function fails to enforce the safe-mode guard when `safe_mode` is set to `None`, which is the default value when `from_config()` is called outside of a `SafeModeScope` context. This logic error conflates `None` (unset/default-deny) with `False` (explicitly disabled), bypassing the guard and allowing attacker-controlled `marshal` bytecode to be deserialized. Affected call sites include `keras.layers.deserialize(config)`, `keras.models.clone_model(model)`, and any direct invocation of `Lambda.from_config(config)` without an enclosing `SafeModeScope(True)`. This vulnerability can be exploited to achieve arbitrary OS-level code execution in the context of the server or user process. | ||||
| CVE-2026-58291 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 6.1 Medium |
| Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-45489 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2026-58597 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 4.3 Medium |
| Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58524 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 5.4 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58300 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 6.2 Medium |
| Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2026-58298 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.2 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-58297 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.1 High |
| Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58296 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.1 High |
| Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-58295 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.3 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-58294 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.5 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58293 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.1 High |
| External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58292 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.5 High |
| Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58290 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 7.5 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58289 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 9 Critical |
| Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-58288 | 1 Microsoft | 1 Edge Chromium | 2026-07-03 | 8.3 High |
| Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | ||||