Export limit exceeded: 324770 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (324770 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27078 | 2026-02-26 | 6.5 Medium | ||
| A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise. | ||||
| CVE-2025-31259 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges. | ||||
| CVE-2025-27079 | 2026-02-26 | 6 Medium | ||
| A vulnerability in the file creation process on the command line interface of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to perform remote code execution (RCE). Successful exploitation could allow an attacker to execute arbitrary operating system commands on the underlying operating system leading to potential system compromise. | ||||
| CVE-2025-31244 | 1 Apple | 1 Macos | 2026-02-26 | 8.8 High |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox. | ||||
| CVE-2025-27082 | 1 Arubanetworks | 1 Arubaos | 2026-02-26 | 7.2 High |
| Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system. | ||||
| CVE-2025-31224 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2025-30442 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain elevated privileges. | ||||
| CVE-2024-48887 | 1 Fortinet | 1 Fortiswitch | 2026-02-26 | 9.3 Critical |
| A unverified password change vulnerability in Fortinet FortiSwitch GUI may allow a remote unauthenticated attacker to change admin passwords via a specially crafted request | ||||
| CVE-2025-31246 | 1 Apple | 1 Macos | 2026-02-26 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory. | ||||
| CVE-2025-27183 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-02-26 | 7.8 High |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-42999 | 1 Sap | 1 Netweaver | 2026-02-26 | 9.1 Critical |
| SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system. | ||||
| CVE-2025-27182 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-02-26 | 7.8 High |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-4632 | 1 Samsung | 1 Magicinfo 9 Server | 2026-02-26 | 9.8 Critical |
| Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. | ||||
| CVE-2025-27194 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-26 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-32756 | 1 Fortinet | 6 Forticamera, Forticamera Firmware, Fortimail and 3 more | 2026-02-26 | 9.6 Critical |
| A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie. | ||||
| CVE-2025-4427 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-02-26 | 5.3 Medium |
| An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. | ||||
| CVE-2025-27195 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-26 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-4428 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-02-26 | 7.2 High |
| Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. | ||||
| CVE-2025-27193 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2026-02-26 | 7.8 High |
| Bridge versions 14.1.5, 15.0.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-21960 | 2026-02-26 | 7.3 High | ||
| Incorrect default permissions in the AMD Optimizing CPU Libraries (AOCL) installation directory could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | ||||