Export limit exceeded: 367163 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367163 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-31328 | 1 Google | 1 Android | 2026-03-06 | 8.8 High |
| In broadcastIntentLockedTraced of BroadcastController.java, there is a possible way to launch arbitrary activities from the background on the paired companion phone due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-45243 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2026-03-06 | 5.5 Medium |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||||
| CVE-2023-45242 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2026-03-06 | 5.5 Medium |
| Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 35739, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||||
| CVE-2023-44210 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2026-03-06 | 5.5 Medium |
| Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29258, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||||
| CVE-2023-44209 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2026-03-06 | 7.8 High |
| Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 29051, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186. | ||||
| CVE-2023-52972 | 1 Huawei | 2 Yutufz-5651s1, Yutufz-5651s1 Senaryaudio | 2026-03-05 | 5.5 Medium |
| Huawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks . Successful exploitation this vulnerability could lead to termination of some system processes. | ||||
| CVE-2021-35485 | 1 Nokia | 1 Impact | 2026-03-05 | 8 High |
| The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an existing one. | ||||
| CVE-2021-35484 | 1 Nokia | 1 Impact | 2026-03-05 | 8.2 High |
| Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic (for the View Campaign page) via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive data from the database and obtain access to the database user, database name, and database version information. | ||||
| CVE-2025-15598 | 2 Dataease, Fit2cloud | 2 Sqlbot, Sqlbot | 2026-03-05 | 3.7 Low |
| A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is said to be difficult. The exploit has been made public and could be used. A comment in the source code warns users about using this feature. The vendor was contacted early about this disclosure. | ||||
| CVE-2021-35483 | 1 Nokia | 1 Impact | 2026-03-05 | 4.1 Medium |
| The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an existing one. If an authenticated user visits the web page where the file is published, the JavaScript code is executed. | ||||
| CVE-2025-66680 | 1 Wisecleaner | 1 Wise Force Deleter | 2026-03-05 | 7.1 High |
| An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request. | ||||
| CVE-2025-70821 | 2 Renren, Renrenio | 2 Renren-security, Renren-security | 2026-03-05 | 9.8 Critical |
| renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component | ||||
| CVE-2025-14480 | 1 Ibm | 1 Aspera Faspio Gateway | 2026-03-05 | 5.1 Medium |
| IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information | ||||
| CVE-2025-14456 | 1 Ibm | 1 Mq Appliance | 2026-03-05 | 5.9 Medium |
| IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1 | ||||
| CVE-2025-67847 | 1 Moodle | 1 Moodle | 2026-03-05 | 8.8 High |
| A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application. | ||||
| CVE-2025-47378 | 1 Qualcomm | 149 Cologne, Cologne Firmware, Fastconnect 6700 and 146 more | 2026-03-05 | 7.1 High |
| Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain. | ||||
| CVE-2025-47384 | 1 Qualcomm | 87 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Fastconnect 6200 and 84 more | 2026-03-05 | 6.5 Medium |
| Transient DOS when MAC configures config id greater than supported maximum value. | ||||
| CVE-2025-47385 | 1 Qualcomm | 189 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 186 more | 2026-03-05 | 7.8 High |
| Memory Corruption when accessing trusted execution environment without proper privilege check. | ||||
| CVE-2025-69195 | 1 Gnu | 2 Wget, Wget2 | 2026-03-05 | 7.6 High |
| A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted URL, which, upon user interaction with wget2, can lead to memory corruption. This can cause the application to crash and potentially allow for further malicious activities. | ||||
| CVE-2025-69194 | 1 Gnu | 2 Wget, Wget2 | 2026-03-05 | 8.8 High |
| A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink <file name> elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially allow further compromise of the user’s environment. | ||||