Search Results (364861 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-24524 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-24518 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-24492 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-24321 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-24300 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-22845 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20110 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20107 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20098 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20089 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20078 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20066 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20038 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20007 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-68458 2 Webpack, Webpack.js 2 Webpack, Webpack 2026-02-13 3.7 Low
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outside allowedUris by using crafted URLs that include userinfo (username:password@host). If allowedUris enforcement relies on a raw string prefix check (e.g., uri.startsWith(allowed)), a URL that looks allow-listed can pass validation while the actual network request is sent to a different authority/host after URL parsing. This is a policy/allow-list bypass that enables build-time SSRF behavior (outbound requests from the build machine to internal-only endpoints, depending on network access) and untrusted content inclusion (the fetched response is treated as module source and bundled). This issue has been patched in version 5.104.1.
CVE-2025-49742 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVE-2025-49741 1 Microsoft 1 Edge Chromium 2026-02-13 7.4 High
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49740 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-13 8.8 High
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47999 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-13 6.8 Medium
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49732 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.