Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22832
Total
1629
Critical
7118
High
7284
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2025-55657 | HIGH | 7.5 | A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 09, 2026 |
| CVE-2025-55651 | MEDIUM | 5.5 | A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 09, 2026 |
| CVE-2025-52293 | HIGH | 7.5 | A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC … | Jun 09, 2026 |
| CVE-2025-52292 | HIGH | 7.5 | A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … | Jun 09, 2026 |
| CVE-2023-43688 | HIGH | 7.5 | An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). There is a Heap buffer overflow in various buffer encryption utilities. | Jun 09, 2026 |
| CVE-2023-43686 | MEDIUM | 6.2 | An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). A large number of Firefox preference files can cause the parser … | Jun 09, 2026 |
| CVE-2023-29146 | HIGH | 8.2 | The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds … | Jun 09, 2026 |
| CVE-2026-50636 | HIGH | 8.8 | The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid IN ('...') SQL … | Jun 09, 2026 |
| CVE-2026-50635 | HIGH | 8.8 | LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in … | Jun 09, 2026 |
| CVE-2026-50512 | HIGH | 7.8 | Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-50511 | HIGH | 7.8 | Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | Jun 09, 2026 |
| CVE-2026-48293 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-44275 | MEDIUM | 6.3 | Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access … | Jun 09, 2026 |
| CVE-2026-41116 | MEDIUM | 6.3 | Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local … | Jun 09, 2026 |
| CVE-2026-34708 | HIGH | 7.8 | InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-34707 | HIGH | 7.8 | InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-34706 | HIGH | 7.8 | InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the … | Jun 09, 2026 |
| CVE-2026-34705 | MEDIUM | 5.5 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could … | Jun 09, 2026 |
| CVE-2026-34704 | MEDIUM | 5.5 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could … | Jun 09, 2026 |
| CVE-2026-34703 | MEDIUM | 5.5 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could … | Jun 09, 2026 |
| CVE-2026-34702 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … | Jun 09, 2026 |
| CVE-2026-34701 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … | Jun 09, 2026 |
| CVE-2026-34700 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … | Jun 09, 2026 |
| CVE-2026-34699 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … | Jun 09, 2026 |
| CVE-2026-34698 | HIGH | 7.8 | InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … | Jun 09, 2026 |