Total CVEs

143,835

Critical Severity

4,094

High Severity

14,788

Last 7 Days

1,455
Quick preset (or use dates below)
Clear Filters
Showing 2,181 - 2,200 of 143,835 CVEs
CVE-2026-57271 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57270 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57269 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57268 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57267 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57266 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57265 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-57264 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-13132 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-13131 HIGH - 8.3

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD
CVE-2026-13125 HIGH - 8.8

GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud) is an addon that can be installed with various GeoVision software (GV-VMS, GV-Cloud, ...). It creates a websocket server that expands the capabilities of the various web-interfaces p...

Vendor: GeoVision Inc.
Product: GeoWebPlayer
Published: Jul 02, 2026
Source: NVD

Craft CMS is a content management system (CMS). In versions 5.9.0 and above prior to 5.10.0, control panel users with the ability to edit entries can execute unsandboxed Twig code via the HTTP Referrer header, potentially leading to authenticated RCE. The issue happens when a user is saving entries....

Vendor: craftcms
Product: cms
Published: Jul 02, 2026
Source: NVD

Craft CMS is a content management system (CMS). In versions starting from 4.0.0-RC1 and prior to 4.18.0, and 5.0.0-RC1 and above, prior to 5.10.0, the dataUrl() Twig function is included in Craft’s Twig sandbox allowlist, allowing any control panel user granted the utility:system-messages permission...

Vendor: craftcms
Product: cms
Published: Jul 02, 2026
Source: NVD

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen ...

Vendor: craftcms
Product: cms
Published: Jul 01, 2026
Source: NVD
CVE-2026-14440 MEDIUM - 6.8

Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameter...

Vendor: Cloudflare
Product: Universal SSL
Published: Jul 01, 2026
Source: NVD

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to mov...

Vendor: Altium
Product: Altium Enterprise Server, Altium 365
Published: Jul 01, 2026
Source: NVD
CVE-2026-14432 HIGH - 8.8

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Vendor: google
Product: chrome
Published: Jul 01, 2026
Source: NVD
CVE-2026-14431 HIGH - 8.8

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vendor: google
Product: chrome
Published: Jul 01, 2026
Source: NVD
CVE-2026-14430 HIGH - 8.8

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vendor: google
Product: chrome
Published: Jul 01, 2026
Source: NVD
CVE-2026-14429 HIGH - 8.3

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Vendor: google
Product: chrome
Published: Jul 01, 2026
Source: NVD