Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22832
Total
1629
Critical
7118
High
7284
Medium
CVE ID Severity Score Description Published
CVE-2025-55657 HIGH 7.5 A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … Jun 09, 2026
CVE-2025-55651 MEDIUM 5.5 A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … Jun 09, 2026
CVE-2025-52293 HIGH 7.5 A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC … Jun 09, 2026
CVE-2025-52292 HIGH 7.5 A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a … Jun 09, 2026
CVE-2023-43688 HIGH 7.5 An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). There is a Heap buffer overflow in various buffer encryption utilities. Jun 09, 2026
CVE-2023-43686 MEDIUM 6.2 An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). A large number of Firefox preference files can cause the parser … Jun 09, 2026
CVE-2023-29146 HIGH 8.2 The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds … Jun 09, 2026
CVE-2026-50636 HIGH 8.8 The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid IN ('...') SQL … Jun 09, 2026
CVE-2026-50635 HIGH 8.8 LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in … Jun 09, 2026
CVE-2026-50512 HIGH 7.8 Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-50511 HIGH 7.8 Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. Jun 09, 2026
CVE-2026-48293 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … Jun 09, 2026
CVE-2026-44275 MEDIUM 6.3 Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access … Jun 09, 2026
CVE-2026-41116 MEDIUM 6.3 Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local … Jun 09, 2026
CVE-2026-34708 HIGH 7.8 InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of … Jun 09, 2026
CVE-2026-34707 HIGH 7.8 InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of … Jun 09, 2026
CVE-2026-34706 HIGH 7.8 InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the … Jun 09, 2026
CVE-2026-34705 MEDIUM 5.5 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could … Jun 09, 2026
CVE-2026-34704 MEDIUM 5.5 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could … Jun 09, 2026
CVE-2026-34703 MEDIUM 5.5 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could … Jun 09, 2026
CVE-2026-34702 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34701 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34700 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of … Jun 09, 2026
CVE-2026-34699 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026
CVE-2026-34698 HIGH 7.8 InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context … Jun 09, 2026