Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21880
Total
1559
Critical
6647
High
6994
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-52908 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible If IB_MR_REREG_ACCESS changes from RO to RW … | Jun 19, 2026 |
| CVE-2026-49358 | LOW | 3.0 | PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, `AbstractGenerator::$temporaryFiles` is a public array, and … | Jun 19, 2026 |
| CVE-2026-21768 | MEDIUM | 6.3 | The compose-rich-editor library (v1.0.0-rc14) used in HCL Verse for Android's rich text email composition fails to properly validate all HTML input thereby allowing malicious content … | Jun 19, 2026 |
| CVE-2025-71326 | HIGH | 7.8 | AVAST Antivirus 25.11 contains an unquoted service path vulnerability in the SecureLine service that allows local non-privileged users to execute code with elevated SYSTEM privileges. … | Jun 19, 2026 |
| CVE-2023-54353 | HIGH | 7.8 | Chromacam 4.0.3.0 contains an unquoted service path vulnerability in the PsyFrameGrabberService that allows local attackers to execute arbitrary code by placing malicious executables in unquoted … | Jun 19, 2026 |
| CVE-2022-50971 | HIGH | 7.8 | Malwarebytes 4.5 contains an unquoted service path vulnerability in the MBAMService executable that allows local attackers to escalate privileges by injecting malicious code into the … | Jun 19, 2026 |
| CVE-2021-47985 | HIGH | 7.8 | Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a … | Jun 19, 2026 |
| CVE-2020-37254 | HIGH | 7.8 | Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious … | Jun 19, 2026 |
| CVE-2020-37253 | HIGH | 7.8 | Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables … | Jun 19, 2026 |
| CVE-2020-37252 | HIGH | 7.8 | Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can … | Jun 19, 2026 |
| CVE-2020-37251 | HIGH | 7.8 | RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious … | Jun 19, 2026 |
| CVE-2020-37250 | HIGH | 7.8 | TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. … | Jun 19, 2026 |
| CVE-2019-25747 | HIGH | 7.8 | Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in … | Jun 19, 2026 |
| CVE-2016-20095 | HIGH | 7.8 | Matrix42 Remote Control Host 3.20.0031 contains an unquoted service path vulnerability in the FastViewerRemoteService and FastViewerRemoteProxy services that allows local users to execute arbitrary code … | Jun 19, 2026 |
| CVE-2016-20094 | HIGH | 7.8 | AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers … | Jun 19, 2026 |
| CVE-2016-20093 | HIGH | 7.8 | Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users … | Jun 19, 2026 |
| CVE-2016-20092 | HIGH | 7.8 | NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can … | Jun 19, 2026 |
| CVE-2016-20091 | HIGH | 7.8 | Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. … | Jun 19, 2026 |
| CVE-2016-20090 | HIGH | 7.8 | Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM … | Jun 19, 2026 |
| CVE-2016-20089 | HIGH | 7.8 | Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation … | Jun 19, 2026 |
| CVE-2016-20088 | HIGH | 7.8 | Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a … | Jun 19, 2026 |
| CVE-2016-20087 | HIGH | 7.8 | Fortitude HTTP 1.0.4.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated privileges by exploiting the service binary … | Jun 19, 2026 |
| CVE-2016-20086 | HIGH | 7.8 | Vembu StoreGrid 4.0 contains an unquoted service path vulnerability in the RemoteBackup and RemoteBackup_webServer services that allows local attackers to escalate privileges. Attackers can place … | Jun 19, 2026 |
| CVE-2016-20085 | HIGH | 7.8 | Realtek High Definition Audio Driver 6.0.1.6730 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by placing a malicious executable in … | Jun 19, 2026 |
| CVE-2026-9143 | LOW | 3.7 | There is an incorrect conversion between numeric types vulnerability in NI grpc-device due to missing range checks in CodeGen. This may silently discard high bits … | Jun 19, 2026 |