Export limit exceeded: 359321 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359321 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359321 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-50876 | 2026-06-18 | 5.4 Medium | ||
| A cross-site scripting (XSS) vulnerability in Deck9 Input v2.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | ||||
| CVE-2026-50878 | 2026-06-18 | 7.5 High | ||
| An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2026-50879 | 2026-06-18 | 7.5 High | ||
| An issue in the uploadPostHandler component of Andrei Marcu linx-server v2.3.8 allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2026-50882 | 2026-06-18 | 7.5 High | ||
| An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2026-50883 | 2026-06-18 | 9.6 Critical | ||
| An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload. | ||||
| CVE-2026-50885 | 1 Sismics | 1 Teedy | 2026-06-18 | 7.5 High |
| Incorrect access control in the share-based read endpoints of Sismics Docs (Teedy) v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request. | ||||
| CVE-2026-50886 | 2026-06-18 | 9.1 Critical | ||
| Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request. | ||||
| CVE-2026-50887 | 2026-06-18 | 9.1 Critical | ||
| A Server-Side Request Forgery (SSRF) in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl. | ||||
| CVE-2026-6040 | 1 The Document Foundation | 1 Libreoffice | 2026-06-18 | 7.3 High |
| A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked against the length of the format-code string, so a malformed number format could be processed against memory outside that string. In fixed versions the position is bounds-checked before use. | ||||
| CVE-2026-8357 | 1 The Document Foundation | 1 Libreoffice | 2026-06-18 | 7.8 High |
| LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element past its end. In fixed versions the array is sized to hold the largest possible nesting. | ||||
| CVE-2026-50263 | 2 Redhat, X.org | 3 Enterprise Linux, X Server, Xwayland | 2026-06-18 | 5.5 Medium |
| A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. | ||||
| CVE-2026-50262 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 5.5 Medium |
| An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default. | ||||
| CVE-2026-50261 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 7.8 High |
| A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50260 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 7.8 High |
| A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50259 | 3 Redhat, X.org, Xorg | 5 Enterprise Linux, X Server, Xorg-server and 2 more | 2026-06-18 | 7.8 High |
| A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50258 | 2 Redhat, X.org | 3 Enterprise Linux, X Server, Xwayland | 2026-06-18 | 7.8 High |
| A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift levels and trigger stack overflows. This is caused by an incomplete fix of CVE-2025-26597. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50257 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 7.8 High |
| A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection destroys the fence, causing the use-after-free. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50256 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 7.8 High |
| A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias target name length is 1024 bytes. A font alias name between 257 and 1023 bytes causes the X server to copy that name into the undersized stack buffer without further checks. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-50264 | 2 Redhat, X.org | 4 Enterprise Linux, X Server, Xorg-server and 1 more | 2026-06-18 | 7.8 High |
| An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for privilege escalation if the X server runs as root. | ||||
| CVE-2026-9259 | 2026-06-18 | 6.5 Medium | ||
| Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||