Export limit exceeded: 363508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363508 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363508 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47148 | 1 F5 | 3 Big-ip, Big-ip Access Policy Manager, Big-ip Ssl Orchestrator | 2026-02-26 | 6.5 Medium |
| When the BIG-IP system is configured as both a Security Assertion Markup Language (SAML) service provider (SP) and Identity Provider (IdP), with single logout (SLO) enabled on an access policy, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-3500 | 2 Avast, Microsoft | 2 Antivirus, Windows | 2026-02-26 | 9 Critical |
| Integer Overflow or Wraparound vulnerability in Avast Antivirus (25.1.981.6) on Windows allows Privilege Escalation.This issue affects Antivirus: from 25.1.981.6 before 25.3. | ||||
| CVE-2025-30509 | 1 Intel | 2 Quickassist Technology, Quickassist Technology Firmware | 2026-02-26 | 3.8 Low |
| Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-58474 | 2 F5, Nginx | 5 Big-ip, Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager and 2 more | 2026-02-26 | 5.3 Medium |
| When BIG-IP Advanced WAF is configured on a virtual server with Server-Side Request Forgery (SSRF) protection or when an NGINX server is configured with App Protect Bot Defense, undisclosed requests can disrupt new client requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-21072 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-26 | 5.7 Medium |
| Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-59478 | 1 F5 | 2 Big-ip, Big-ip Advanced Firewall Manager | 2026-02-26 | 7.5 High |
| When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-58481 | 1 Samsung | 2 Mobile, Motionphoto | 2026-02-26 | 7.3 High |
| Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. | ||||
| CVE-2025-60016 | 1 F5 | 3 Big-ip, Big-ip Next Cloud-native Network Functions, Big-ip Next Service Proxy For Kubernetes | 2026-02-26 | 7.5 High |
| When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-58482 | 1 Samsung | 2 Mobile, Motionphoto | 2026-02-26 | 7.3 High |
| Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. | ||||
| CVE-2025-58153 | 1 F5 | 22 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 19 more | 2026-02-26 | 5.9 Medium |
| Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-45675 | 1 Ibm | 1 Informix Dynamic Server | 2026-02-26 | 8.4 High |
| IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password. | ||||
| CVE-2025-48008 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2026-02-26 | 7.5 High |
| When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-20763 | 2 Google, Mediatek | 28 Android, Mt6833, Mt6835 and 25 more | 2026-02-26 | 7.8 High |
| In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032. | ||||
| CVE-2025-55669 | 1 F5 | 2 Big-ip, Big-ip Application Security Manager | 2026-02-26 | 7.5 High |
| When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-20764 | 2 Google, Mediatek | 34 Android, Mt6739, Mt6761 and 31 more | 2026-02-26 | 7.8 High |
| In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029. | ||||
| CVE-2025-61832 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-46706 | 1 F5 | 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more | 2026-02-26 | 7.5 High |
| When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-20766 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2026-02-26 | 7.8 High |
| In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820. | ||||
| CVE-2025-61824 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47150 | 1 F5 | 3 F5os, F5os-a, F5os-c | 2026-02-26 | 6.5 Medium |
| When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||