Export limit exceeded: 334826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74496 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25456 | 1 Web-ofisi | 1 Emlak | 2026-02-25 | 8.2 High |
| Web Ofisi Emlak v2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'ara' GET parameter. Attackers can send requests to with time-based SQL injection payloads to extract sensitive database information or cause denial of service. | ||||
| CVE-2026-26359 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-02-25 | 8.8 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to the ability to overwrite arbitrary files. | ||||
| CVE-2026-26358 | 1 Dell | 2 Powermax Os, Unisphere For Powermax | 2026-02-25 | 8.8 High |
| Dell Unisphere for PowerMax, version(s) 10.2, contain(s) a Missing Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2019-25457 | 1 Web-ofisi | 1 Firma | 2026-02-25 | 8.2 High |
| Web Ofisi Firma v13 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'oz' array parameter. Attackers can send GET requests to category pages with malicious 'oz[]' values using time-based blind SQL injection payloads to extract sensitive database information. | ||||
| CVE-2022-30206 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2026-02-25 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2023-47041 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-25 | 7.8 High |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-47042 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-25 | 7.8 High |
| Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21312 | 1 Adobe | 1 Audition | 2026-02-25 | 7.8 High |
| Audition versions 25.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21518 | 1 Microsoft | 1 Visual Studio Code | 2026-02-25 | 8.8 High |
| Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. | ||||
| CVE-2026-21259 | 1 Microsoft | 9 365 Apps, Excel, Excel 2016 and 6 more | 2026-02-25 | 7.8 High |
| Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2026-21248 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-02-25 | 7.3 High |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||
| CVE-2026-21247 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-02-25 | 7.3 High |
| Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||
| CVE-2026-21246 | 1 Microsoft | 28 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 25 more | 2026-02-25 | 7.8 High |
| Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21242 | 1 Microsoft | 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more | 2026-02-25 | 7 High |
| Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21235 | 1 Microsoft | 21 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 18 more | 2026-02-25 | 7.3 High |
| Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21234 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-02-25 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21236 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-02-25 | 7.8 High |
| Heap-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21523 | 1 Microsoft | 1 Visual Studio Code | 2026-02-25 | 8 High |
| Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-21229 | 1 Microsoft | 1 Power Bi Report Server | 2026-02-25 | 8 High |
| Improper input validation in Power BI allows an authorized attacker to execute code over a network. | ||||
| CVE-2026-21537 | 1 Microsoft | 1 Defender For Endpoint | 2026-02-25 | 8.8 High |
| Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network. | ||||