Export limit exceeded: 74906 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74906 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60710 | 1 Microsoft | 6 Windows, Windows 11, Windows 11 24h2 and 3 more | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-8486 | 1 Lenovo | 2 Pc Manager, Pcmanager | 2026-02-26 | 7.8 High |
| A potential vulnerability was reported in PC Manager that could allow a local authenticated user to execute code with elevated privileges. | ||||
| CVE-2025-12195 | 1 Watchguard | 35 Firebox, Firebox M270, Firebox M290 and 32 more | 2026-02-26 | 7.2 High |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. | ||||
| CVE-2025-60727 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2026-02-26 | 7.8 High |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-10581 | 1 Lenovo | 2 Pc Manager, Pcmanager | 2026-02-26 | 7.8 High |
| A potential DLL hijacking vulnerability was discovered in the Lenovo PC Manager during an internal security assessment that could allow a local authenticated user to execute code with elevated privileges. | ||||
| CVE-2025-12196 | 1 Watchguard | 35 Firebox, Firebox M270, Firebox M290 and 32 more | 2026-02-26 | 7.2 High |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2. | ||||
| CVE-2025-62199 | 1 Microsoft | 11 365, 365 Apps, Excel and 8 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-61935 | 1 F5 | 3 Big-ip, Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2026-02-26 | 7.5 High |
| When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-62210 | 1 Microsoft | 2 365, Dynamics 365 | 2026-02-26 | 8.7 High |
| Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2025-58071 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2026-02-26 | 7.5 High |
| When IPsec is configured on the BIG-IP system, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-1547 | 1 Watchguard | 29 Firebox M270, Firebox M290, Firebox M370 and 26 more | 2026-02-26 | 7.2 High |
| A stack-based buffer overflow vulnerability [CWE-121] in WatchGuard Fireware OS's certificate request command could allow an authenticated privileged user to execute arbitrary code via specially crafted CLI commands.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through 12.11.2. | ||||
| CVE-2025-62216 | 1 Microsoft | 5 365, 365 Apps, Office 2021 and 2 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-66644 | 1 Arraynetworks | 15 Ag1000, Ag1000t, Ag1000v5 and 12 more | 2026-02-26 | 7.2 High |
| Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025. | ||||
| CVE-2025-60719 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1607 and 24 more | 2026-02-26 | 7 High |
| Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-57780 | 1 F5 | 3 F5os, F5os-a, F5os-c | 2026-02-26 | 7.8 High |
| A vulnerability exists in F5OS-A and F5OS-C system that may allow an authenticated attacker with local access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-58098 | 1 Apache | 1 Http Server | 2026-02-26 | 8.3 High |
| Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue. | ||||
| CVE-2025-61990 | 1 F5 | 25 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 22 more | 2026-02-26 | 7.5 High |
| When using a multi-bladed platform with more than one blade, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-9183 | 1 Gitlab | 1 Gitlab | 2026-02-26 | 7.7 High |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific conditions. | ||||
| CVE-2025-62217 | 1 Microsoft | 26 Windows, Windows 10, Windows 10 1607 and 23 more | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-22420 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In multiple locations, there is a possible way to leak audio files across user profiles due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||