Export limit exceeded: 75014 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75014 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54273 | 1 Adobe | 1 Substance 3d Viewer | 2026-02-26 | 7.8 High |
| Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-7429 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-02-26 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report. | ||||
| CVE-2025-54274 | 1 Adobe | 1 Substance 3d Viewer | 2026-02-26 | 7.8 High |
| Substance3D - Viewer versions 0.25.2 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-7430 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-02-26 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report. | ||||
| CVE-2025-54276 | 1 Adobe | 1 Substance 3d Modeler | 2026-02-26 | 7.8 High |
| Substance3D - Modeler versions 1.22.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-7632 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-02-26 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Public Folders report. | ||||
| CVE-2025-54281 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-7633 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2026-02-26 | 7.3 High |
| Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report. | ||||
| CVE-2025-54282 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.9, 2022.7 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54284 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-9223 | 1 Zohocorp | 2 Applications Manager, Manageengine Applications Manager | 2026-02-26 | 8.8 High |
| Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature. | ||||
| CVE-2025-54283 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-13027 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-02-26 | 8.1 High |
| Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 145 and Thunderbird < 145. | ||||
| CVE-2025-12942 | 1 Netgear | 4 R6260, R6260 Firmware, R6850 and 1 more | 2026-02-26 | 7.5 High |
| Improper Input Validation vulnerability in NETGEAR R6260 and NETGEAR R6850 allows unauthenticated attackers connected to LAN with ability to perform MiTM attacks and control over DNS Server to perform command execution.This issue affects R6260: through 1.1.0.86; R6850: through 1.1.0.86. | ||||
| CVE-2025-61801 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2026-02-26 | 7.8 High |
| Dimension versions 4.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-12943 | 1 Netgear | 4 Rax30, Rax30 Firmware, Raxe300 and 1 more | 2026-02-26 | 7.5 High |
| Improper certificate validation in firmware update logic in NETGEAR RAX30 (Nighthawk AX5 5-Stream AX2400 WiFi 6 Router) and RAXE300 (Nighthawk AXE7800 Tri-Band WiFi 6E Router) allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the device. Devices with automatic updates enabled may already have this patch applied. If not, please check the firmware version and update to the latest. Fixed in: RAX30 firmware 1.0.14.108 or later. RAXE300 firmware 1.0.9.82 or later | ||||
| CVE-2025-61800 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2026-02-26 | 7.8 High |
| Dimension versions 4.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-12944 | 1 Netgear | 3 Dgn2200, Dgn2200 Firmware, Dgn2200v4 | 2026-02-26 | 8.8 High |
| Improper input validation in NETGEAR DGN2200v4 (N300 Wireless ADSL2+ Modem Router) allows attackers with direct network access to the device to potentially execute code on the device. Please check the firmware version and update to the latest. Fixed in: DGN2200v4 firmware 1.0.0.132 or later | ||||
| CVE-2025-61798 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2026-02-26 | 7.8 High |
| Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-23361 | 1 Nvidia | 1 Nemo | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||