Export limit exceeded: 74717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-49703 | 1 Microsoft | 13 365 Apps, Office, Office 2019 and 10 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-43281 | 1 Apple | 2 Macos, Macos Sequoia | 2026-02-26 | 7.8 High |
| The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges. | ||||
| CVE-2026-1334 | 2 3ds, Dassault Systemes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-02-26 | 7.8 High |
| An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1335 | 2 3ds, Dassault Systèmes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-02-26 | 7.8 High |
| An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1333 | 2 3ds, Dassault Systemes | 2 Solidworks Edrawings, Solidworks Edrawings | 2026-02-26 | 7.8 High |
| A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-26721 | 2 Key Systems, Keystorage | 2 Global Facilities Management Software, Global Facilities Management Software | 2026-02-26 | 7.1 High |
| An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to obtain sensitive information via the sid query parameter. | ||||
| CVE-2026-26723 | 2 Key Systems, Keystorage | 2 Global Facilities Management Software, Global Facilities Management Software | 2026-02-26 | 8.2 High |
| Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter. | ||||
| CVE-2025-1789 | 1 Genetec | 2 Genetec Update Service, Update Service | 2026-02-26 | 7.8 High |
| Local privilege escalation in Genetec Update Service. An authenticated, low-privileged, Windows user could exploit this vulnerability to gain elevated privileges on the affected system. | ||||
| CVE-2025-49714 | 1 Microsoft | 2 Python, Visual Studio Code | 2026-02-26 | 7.8 High |
| Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-49727 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7 High |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-43026 | 1 Hp | 1 Support Assistant | 2026-02-26 | 7.8 High |
| A potential security vulnerability has been identified in the HP Support Assistant for versions prior to 9.44.18.0. The vulnerability could potentially allow a local attacker to escalate privileges via an arbitrary file write. | ||||
| CVE-2025-49729 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-49733 | 1 Microsoft | 19 Windows, Windows 10, Windows 10 1809 and 16 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-22481 | 1 Qnap | 2 Qts, Quts Hero | 2026-02-26 | 8.8 High |
| A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later | ||||
| CVE-2025-49737 | 1 Microsoft | 2 Teams, Teams For Mac | 2026-02-26 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Teams allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49738 | 1 Microsoft | 1 Pc Manager | 2026-02-26 | 7.8 High |
| Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-42982 | 2026-02-26 | 8.8 High | ||
| SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application. | ||||
| CVE-2025-49739 | 1 Microsoft | 5 Visual Studio, Visual Studio 2015, Visual Studio 2017 and 2 more | 2026-02-26 | 8.8 High |
| Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-49744 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-26 | 7 High |
| Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47988 | 1 Microsoft | 2 Azure Monitor, Azure Monitor Agent | 2026-02-26 | 7.5 High |
| Improper control of generation of code ('code injection') in Azure Monitor Agent allows an unauthorized attacker to execute code over an adjacent network. | ||||