Export limit exceeded: 74797 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74797 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-25018 | 1 Elastic | 1 Kibana | 2026-02-26 | 8.7 High |
| Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS) | ||||
| CVE-2025-36245 | 1 Ibm | 1 Infosphere Information Server | 2026-02-26 | 8.8 High |
| IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input. | ||||
| CVE-2025-23309 | 1 Nvidia | 1 Display Driver | 2026-02-26 | 8.2 High |
| NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering. | ||||
| CVE-2025-30264 | 1 Qnap | 2 Qts, Quts Hero | 2026-02-26 | 8.8 High |
| A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later | ||||
| CVE-2025-23280 | 2 Linux, Nvidia | 2 Linux, Display Driver | 2026-02-26 | 7 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-23282 | 2 Linux, Nvidia | 3 Linux, Display Driver, Driver | 2026-02-26 | 7 High |
| NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-9377 | 1 Tp-link | 6 Archer C7, Archer C7 Firmware, Tl-wr841n and 3 more | 2026-02-26 | 7.2 High |
| The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es). | ||||
| CVE-2025-61884 | 1 Oracle | 1 Configurator | 2026-02-26 | 7.5 High |
| Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | ||||
| CVE-2025-6033 | 1 Ni | 1 Circuit Design Suite | 2026-02-26 | 7.8 High |
| There is a memory corruption vulnerability due to an out of bounds write in XML_Serialize() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions. | ||||
| CVE-2025-6034 | 1 Ni | 1 Circuit Design Suite | 2026-02-26 | 7.8 High |
| There is a memory corruption vulnerability due to an out of bounds read in DefaultFontOptions() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions. | ||||
| CVE-2025-11695 | 1 Mongodb | 2 Rust-driver, Rust Driver | 2026-02-26 | 8 High |
| When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5 | ||||
| CVE-2025-11622 | 1 Ivanti | 1 Endpoint Manager | 2026-02-26 | 7.8 High |
| Insecure deserialization in Ivanti Endpoint Manager before version 2024 SU4 allows a local authenticated attacker to escalate their privileges. | ||||
| CVE-2025-9713 | 1 Ivanti | 1 Endpoint Manager | 2026-02-26 | 8.8 High |
| Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required. | ||||
| CVE-2025-20712 | 2 Mediatek, Openwrt | 12 Mt6799, Mt6990, Mt6990 Firmware and 9 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422323; Issue ID: MSV-3810. | ||||
| CVE-2025-20711 | 2 Mediatek, Openwrt | 6 Mt6890, Mt7916, Mt7981 and 3 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422399; Issue ID: MSV-3748. | ||||
| CVE-2025-20710 | 2 Mediatek, Openwrt | 7 Mt6890, Mt7915, Mt7916 and 4 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418785; Issue ID: MSV-3515. | ||||
| CVE-2025-20709 | 2 Mediatek, Openwrt | 12 Mt6890, Mt6890 Firmware, Mt7915 and 9 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415809; Issue ID: MSV-3405. | ||||
| CVE-2025-20718 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-02-26 | 7.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581. | ||||
| CVE-2025-20719 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418955; Issue ID: MSV-3570. | ||||
| CVE-2025-20720 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2026-02-26 | 8.8 High |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418954; Issue ID: MSV-3569. | ||||