Export limit exceeded: 34581 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34581 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25005 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 6.5 Medium |
| Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network. | ||||
| CVE-2025-53781 | 1 Microsoft | 34 Dcadsv5 Series Azure Vm, Dcasv5 Series Azure Vm, Dcedsv5 Series Azure Vm and 31 more | 2026-02-13 | 7.7 High |
| Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-33051 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 7.5 High |
| Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-20674 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-02-13 | 4.6 Medium |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-20673 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-02-13 | 5.3 Medium |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews. | ||||
| CVE-2026-20662 | 1 Apple | 1 Macos | 2026-02-13 | 4.6 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-20660 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-02-13 | 5.5 Medium |
| A path handling issue was addressed with improved logic. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote user may be able to write arbitrary files. | ||||
| CVE-2026-20649 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-02-13 | 5.5 Medium |
| A logging issue was addressed with improved data redaction. This issue is fixed in watchOS 26.3, iOS 26.3 and iPadOS 26.3, tvOS 26.3, macOS Tahoe 26.3. A user may be able to view sensitive user information. | ||||
| CVE-2025-12784 | 1 Hp | 135 7kw48a, 7kw48a Firmware, 7kw49a and 132 more | 2026-02-13 | 4.9 Medium |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | ||||
| CVE-2025-12785 | 1 Hp | 137 7kw48a, 7kw48a Firmware, 7kw49a and 134 more | 2026-02-13 | 7.5 High |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | ||||
| CVE-2025-22042 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-02-13 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: add bounds check for create lease context Add missing bounds check for create lease context. | ||||
| CVE-2025-38501 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-02-13 | 7.5 High |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: limit repeated connections from clients with the same IP Repeated connections from clients with the same IP address may exhaust the max connections and prevent other normal client connections. This patch limit repeated connections from clients with the same IP. | ||||
| CVE-2025-37775 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-02-13 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix the warning from __kernel_write_iter [ 2110.972290] ------------[ cut here ]------------ [ 2110.972301] WARNING: CPU: 3 PID: 735 at fs/read_write.c:599 __kernel_write_iter+0x21b/0x280 This patch doesn't allow writing to directory. | ||||
| CVE-2025-38575 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-02-13 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aead_request_free to match aead_request_alloc Use aead_request_free() instead of kfree() to properly free memory allocated by aead_request_alloc(). This ensures sensitive crypto data is zeroed before being freed. | ||||
| CVE-2026-20663 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-02-12 | 3.3 Low |
| The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to enumerate a user's installed apps. | ||||
| CVE-2020-0919 | 1 Microsoft | 1 Windows App | 2026-02-12 | 7.8 High |
| An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'. | ||||
| CVE-2025-54373 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-02-12 | 6.5 Medium |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability where sensitive data is unintentionally revealed to unauthorized parties. Contents of Clinical Notes and Care Plan, where an encounter has Sensitivity=high, can be viewed and changed by users who do not have Sensitivities=high privilege. Version 7.0.4 fixes the issue. | ||||
| CVE-2025-67645 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-02-12 | 8.8 High |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters (pubpid / pid) to reference another user’s record; the server accepts the modified IDs and applies the changes to that other user’s profile. This allows one user to alter another user’s profile data (name, contact info, etc.), and could enable account takeover. Version 7.0.4 fixes the issue. | ||||
| CVE-2026-20669 | 1 Apple | 1 Macos | 2026-02-12 | 5.5 Medium |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||
| CVE-2026-20666 | 1 Apple | 1 Macos | 2026-02-12 | 5.5 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||