Export limit exceeded: 330897 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (330897 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30644 | 1 Juniper | 19 Ex2300, Ex3400, Ex4100 and 16 more | 2026-02-26 | 7.5 High |
| A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series allows an attacker to send a specific DHCP packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Under a rare timing scenario outside the attacker's control, memory corruption may be observed when DHCP Option 82 is enabled, leading to an FPC crash and affecting packet forwarding. Due to the nature of the heap-based overflow, exploitation of this vulnerability could also lead to remote code execution within the FPC, resulting in complete control of the vulnerable component. This issue affects Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series: * All versions before 21.4R3-S9, * from 22.2 before 22.2R3-S5, * from 22.4 before 22.4R3-S5, * from 23.2 before 23.2R2-S3, * from 23.4 before 23.4R2-S3, * from 24.2 before 24.2R2. | ||||
| CVE-2025-29962 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-27690 | 1 Dell | 1 Powerscale Onefs | 2026-02-26 | 9.8 Critical |
| Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.1.0, contains a use of default password vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the takeover of a high privileged user account. | ||||
| CVE-2025-29963 | 1 Microsoft | 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-26330 | 1 Dell | 1 Powerscale Onefs | 2026-02-26 | 7 High |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability to access the cluster with previous privileges of a disabled user account. | ||||
| CVE-2025-30385 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-23391 | 1 Suse | 1 Rancher | 2026-02-26 | 9.1 Critical |
| A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4. | ||||
| CVE-2025-30388 | 1 Microsoft | 28 Office, Office Long Term Servicing Channel, Office Macos 2021 and 25 more | 2026-02-26 | 7.8 High |
| Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-23389 | 1 Suse | 1 Rancher | 2026-02-26 | 8.4 High |
| A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login. This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. | ||||
| CVE-2025-30397 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.5 High |
| Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-32702 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2026-02-26 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2024-13861 | 2 Debian, Sophos | 2 Debian Linux, Taegis Endpoint Agent | 2026-02-26 | 7.8 High |
| A code injection vulnerability in the Debian package component of Taegis Endpoint Agent (Linux) versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected. | ||||
| CVE-2025-32704 | 1 Microsoft | 8 365 Apps, Excel, Excel 2016 and 5 more | 2026-02-26 | 8.4 High |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2023-41076 | 1 Apple | 1 Macos | 2026-02-26 | 7.3 High |
| An app may be able to elevate privileges. This issue is fixed in macOS 14. This issue was addressed by removing the vulnerable code. | ||||
| CVE-2025-32705 | 1 Microsoft | 4 365 Apps, Office 2021, Office 2024 and 1 more | 2026-02-26 | 7.8 High |
| Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||||
| CVE-2023-42875 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-02-26 | 7.3 High |
| Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. The issue was addressed with improved memory handling. | ||||
| CVE-2025-32707 | 1 Microsoft | 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more | 2026-02-26 | 7.8 High |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2023-42970 | 2 Apple, Redhat | 12 Ipados, Iphone Os, Macos and 9 more | 2026-02-26 | 8.8 High |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17, Safari 17. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2024-36321 | 2026-02-26 | 7.3 High | ||
| Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-0035 | 2026-02-26 | 7.3 High | ||
| Unquoted search path within AMD Cloud Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution. | ||||