Total
363821 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-13909 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 9.6 CRITICAL |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-35025 | 1 Proftpd | 1 Proftpd | 2026-07-02 | N/A | 8.1 HIGH |
| ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in dir_canonical_path() to cause dir_check() to perform lexical path comparisons that match no configured Directory block, enabling rename operations on files in DenyAll-protected directories and subsequent retrieval of those files. Mitigation: Sessions configured with DefaultRoot (chroot) are not affected, as chroot changes the directory to which /proc/self/root resolves. | |||||
| CVE-2026-13940 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 6.5 MEDIUM |
| Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium) | |||||
| CVE-2026-13943 | 1 Google | 2 Android, Chrome | 2026-07-02 | N/A | 6.5 MEDIUM |
| Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-13947 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 5.3 MEDIUM |
| Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-13949 | 1 Google | 2 Android, Chrome | 2026-07-02 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-13950 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 5.3 MEDIUM |
| Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-10642 | 1 Zephyrproject | 1 Zephyr | 2026-07-02 | N/A | 6.5 MEDIUM |
| The Zephyr PL011 UART driver (drivers/serial/uart_pl011.c) contains an unbounded software loop in pl011_irq_tx_enable() that repeatedly invokes the interrupt-driven application callback while the TX interrupt mask bit (PL011_IMSC_TXIM) is set, to work around the controller's level-transition TX-interrupt behavior. When CTS hardware flow control is enabled (devicetree hw-flow-control or runtime UART_CFG_FLOW_CTRL_RTS_CTS) and the wired serial peer de-asserts CTS, the controller stops draining the TX FIFO; pl011_fifo_fill() then returns 0 on every call while the application still has pending data and therefore never disables the TX interrupt. The loop condition never clears, so the thread that called uart_irq_tx_enable() (e.g. h4_send() in the Bluetooth HCI H4 driver) spins indefinitely, hanging the executing context and stalling the transport — a denial of service (CWE-835). An attacker controlling the device attached to the UART's CTS line can trigger the hang by withholding CTS during transmission. Impact is availability only; there is no memory-safety, confidentiality, or integrity consequence. The vulnerable loop was introduced in commit b783bc8448ef (Feb 2025) and shipped in releases v4.1.0 through v4.4.0. The fix breaks out of the loop when CTS is blocking and arms the CTS modem-status interrupt to resume transmission when CTS re-asserts. | |||||
| CVE-2026-57920 | 1 Peplink | 1 Intcontrol 2 | 2026-07-02 | N/A | 7.7 HIGH |
| Peplink InControl 2 through 2.14.2 before 2026-06-03 allows use of a semicolon to bypass access-control rules for certain /rest/o/{orgId} endpoints. | |||||
| CVE-2026-14104 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 9.8 CRITICAL |
| Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14087 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-07-02 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-12411 | 1 Canonical | 1 Lxd | 2026-07-02 | N/A | 8.4 HIGH |
| Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device PATCH request over /dev/lxd when security.devlxd.management.volumes is enabled. | |||||
| CVE-2026-14106 | 1 Google | 2 Android, Chrome | 2026-07-02 | N/A | 9.6 CRITICAL |
| Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14116 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 4.3 MEDIUM |
| Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14090 | 1 Google | 2 Chrome, Chrome Os | 2026-07-02 | N/A | 8.1 HIGH |
| Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14089 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 4.3 MEDIUM |
| Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14102 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 8.8 HIGH |
| Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14127 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-14105 | 1 Google | 1 Chrome | 2026-07-02 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) | |||||
| CVE-2026-47214 | 1 Docling | 1 Docling | 2026-07-02 | N/A | 7.1 HIGH |
| Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.94.0, the HTML backend has unsafe URI and path handling. This vulnerability is fixed in 2.94.0. | |||||
