CVE search

363,371 results
CVE-2026-54897LOWOj : Use-After-Free in Oj::Doc Iterators via Reentrant CloseEPSS 0.1%CVE-2026-54896LOWOj: Heap Buffer Overflow in Oj.dump Exception Serialization via Large IndentEPSS 0.1%CVE-2026-54592HIGHOj: Stack Buffer Overflow in Oj::Doc#each_child via Deeply Nested InputEPSS 0.3%CVE-2026-54502MEDIUMOj: Stack Buffer Overflow in Oj.dump via Large IndentEPSS 0.3%CVE-2026-54500MEDIUMOj: intern.c form_attr has an uninitialized stack readEPSS 0.2%CVE-2026-54899MEDIUMOj: Use-After-Free in Oj::Parser Symbol Key Cache ToggleEPSS 0.4%CVE-2026-55223MEDIUMc3p0 exposes a deserialization "sink" via JDBC DataSource bean propertiesEPSS 0.3%CVE-2026-50110CRITICALUse of Hard-coded Credentials in StoneFly Storage ConcentratorEPSS 0.1%CVE-2026-56413CRITICALOS Command Injection in StoneFly Storage ConcentratorEPSS 3.1%CVE-2026-56415CRITICALOS Command Injection in StoneFly Storage ConcentratorEPSS 3.1%CVE-2026-14156MEDIUMInsufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised thEPSS 0.2%CVE-2026-14155MEDIUMInsufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin dEPSS 0.2%CVE-2026-14154MEDIUMInappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicEPSS 0.1%CVE-2026-14153MEDIUMInappropriate implementation in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in speEPSS 0.2%CVE-2026-14152CRITICALOut of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer proEPSS 0.2%CVE-2026-14151HIGHInappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer procesEPSS 0.2%CVE-2026-14150MEDIUMInsufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised tEPSS 0.2%CVE-2026-14149HIGHUse after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HEPSS 0.3%CVE-2026-14148MEDIUMType Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from proEPSS 0.2%CVE-2026-14147MEDIUMInappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UEPSS 0.1%