31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 151–200 of 8,161 in High · page 4 of 164
| ID | Title | Summary |
|---|---|---|
| CVE-2026-8178 | CVE-2026-8178 CVSS 8.1 | An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when proc… |
| CVE-2026-8138 | CVE-2026-8138 CVSS 8.8 | A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation… |
| CVE-2026-8137 | CVE-2026-8137 CVSS 8.8 | A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458E40 of the file /boafrm/formDdns. The m… |
| CVE-2026-8111 | CVE-2026-8111 CVSS 8.8 | SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution. |
| CVE-2026-8093 | CVE-2026-8093 CVSS 8.1 | Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou… |
| CVE-2026-8092 | CVE-2026-8092 CVSS 8.1 | Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we pr… |
| CVE-2026-8053 | CVE-2026-8053 CVSS 8.8 | An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memo… |
| CVE-2026-8046 | CVE-2026-8046 CVSS 8.1 | The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerabil… |
| CVE-2026-8018 | CVE-2026-8018 CVSS 8.1 | Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malic… |
| CVE-2026-8016 | CVE-2026-8016 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-8002 | CVE-2026-8002 CVSS 8.8 | Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … |
| CVE-2026-8001 | CVE-2026-8001 CVSS 8.3 | Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process t… |
| CVE-2026-8000 | CVE-2026-8000 CVSS 8.8 | Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary co… |
| CVE-2026-7995 | CVE-2026-7995 CVSS 8.8 | Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … |
| CVE-2026-7992 | CVE-2026-7992 CVSS 8.8 | Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to e… |
| CVE-2026-7991 | CVE-2026-7991 CVSS 8.8 | Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code insid… |
| CVE-2026-7988 | CVE-2026-7988 CVSS 8.8 | Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7987 | CVE-2026-7987 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7985 | CVE-2026-7985 CVSS 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… |
| CVE-2026-7984 | CVE-2026-7984 CVSS 8.8 | Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary c… |
| CVE-2026-7981 | CVE-2026-7981 CVSS 8.1 | Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory … |
| CVE-2026-7980 | CVE-2026-7980 CVSS 8.8 | Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page… |
| CVE-2026-7978 | CVE-2026-7978 CVSS 8.1 | Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via… |
| CVE-2026-7975 | CVE-2026-7975 CVSS 8.3 | Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … |
| CVE-2026-7974 | CVE-2026-7974 CVSS 8.8 | Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (… |
| CVE-2026-7973 | CVE-2026-7973 CVSS 8.8 | Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTM… |
| CVE-2026-7970 | CVE-2026-7970 CVSS 8.3 | Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a… |
| CVE-2026-7967 | CVE-2026-7967 CVSS 8.3 | Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pro… |
| CVE-2026-7963 | CVE-2026-7963 CVSS 8.3 | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to pot… |
| CVE-2026-7957 | CVE-2026-7957 CVSS 8.8 | Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute … |
| CVE-2026-7956 | CVE-2026-7956 CVSS 8.3 | Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform … |
| CVE-2026-7951 | CVE-2026-7951 CVSS 8.8 | Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML p… |
| CVE-2026-7940 | CVE-2026-7940 CVSS 8.8 | Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary cod… |
| CVE-2026-7938 | CVE-2026-7938 CVSS 8.8 | Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |
| CVE-2026-7930 | CVE-2026-7930 | Rejected reason: Is not a vulnerability, is a feature bug. |
| CVE-2026-7928 | CVE-2026-7928 CVSS 8.8 | Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … |
| CVE-2026-7927 | CVE-2026-7927 CVSS 8.8 | Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.… |
| CVE-2026-7926 | CVE-2026-7926 CVSS 8.8 | Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT… |
| CVE-2026-7923 | CVE-2026-7923 CVSS 8.3 | Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a… |
| CVE-2026-7922 | CVE-2026-7922 CVSS 8.3 | Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML pa… |
| CVE-2026-7921 | CVE-2026-7921 CVSS 8.8 | Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium secu… |
| CVE-2026-7920 | CVE-2026-7920 CVSS 8.3 | Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-7919 | CVE-2026-7919 CVSS 8.3 | Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-7918 | CVE-2026-7918 CVSS 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… |
| CVE-2026-7917 | CVE-2026-7917 CVSS 8.3 | Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potential… |
| CVE-2026-7916 | CVE-2026-7916 CVSS 8.3 | Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to po… |
| CVE-2026-7914 | CVE-2026-7914 CVSS 8.3 | Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potent… |
| CVE-2026-7911 | CVE-2026-7911 CVSS 8.3 | Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially per… |
| CVE-2026-7907 | CVE-2026-7907 CVSS 8.8 | Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |
| CVE-2026-7906 | CVE-2026-7906 CVSS 8.8 | Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |