Export limit exceeded: 366369 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366369 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (366369 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-46685 1 Dell 1 Supportassist Os Recovery 2026-02-26 7.5 High
Dell SupportAssist OS Recovery, versions prior to 5.5.15.1, contain a Creation of Temporary File With Insecure Permissions vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2025-36384 1 Ibm 1 Db2 2026-02-26 8.4 High
IBM Db2 for Windows 12.1.0 - 12.1.3 could allow a local user with filesystem access to escalate their privileges due to the use of an unquoted search path element.
CVE-2025-36365 1 Ibm 1 Db2 2026-02-26 6.8 Medium
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 under specific configuration of cataloged remote storage aliases could allow an authenticated user to execute unauthorized commands due to an authorization bypass vulnerability using a user-controlled key.
CVE-2025-36184 1 Ibm 1 Db2 2026-02-26 7.2 High
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level.
CVE-2025-14914 1 Ibm 1 Websphere Application Server 2026-02-26 7.6 High
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
CVE-2025-47358 1 Qualcomm 43 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 40 more 2026-02-26 7.8 High
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
CVE-2025-47359 1 Qualcomm 75 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 72 more 2026-02-26 7.8 High
Memory Corruption when multiple threads simultaneously access a memory free API.
CVE-2025-47363 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 6.8 Medium
Memory corruption when calculating oversized partition sizes without proper checks.
CVE-2025-47364 1 Qualcomm 71 Qam8255p, Qam8255p Firmware, Qam8295p and 68 more 2026-02-26 6.8 Medium
Memory corruption while calculating offset from partition start point.
CVE-2025-47366 1 Qualcomm 319 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 316 more 2026-02-26 7.1 High
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
CVE-2025-47397 1 Qualcomm 295 Ar8031, Ar8031 Firmware, Csra6620 and 292 more 2026-02-26 7.8 High
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
CVE-2025-47398 1 Qualcomm 307 Ar8031, Ar8031 Firmware, Csra6620 and 304 more 2026-02-26 7.8 High
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
CVE-2025-47399 1 Qualcomm 29 Cologne, Cologne Firmware, Fastconnect 7800 and 26 more 2026-02-26 7.8 High
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
CVE-2025-58382 2 Broadcom, Brocade 2 Fabric Operating System, Fabric Os 2026-02-26 7.2 High
A vulnerability in the secure configuration of authentication and management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands as root using “supportsave”, “seccertmgmt”, “configupload” command.
CVE-2025-58383 2 Broadcom, Brocade 2 Fabric Operating System, Fabric Os 2026-02-26 7.2 High
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands.
CVE-2025-9711 2 Broadcom, Brocade 2 Fabric Operating System, Fabric Os 2026-02-26 7.8 High
A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow elevating the privileges of the local authenticated user to “root” using the export option of seccertmgmt and seccryptocfg commands.
CVE-2025-67848 1 Moodle 1 Moodle 2026-02-26 8.1 High
A flaw was found in Moodle. This authentication bypass vulnerability allows suspended users to authenticate through the Learning Tools Interoperability (LTI) Provider. The issue arises from the LTI authentication handlers failing to enforce the user's suspension status, enabling unauthorized access to the system. This can lead to information disclosure or other unauthorized actions by users who should be restricted.
CVE-2025-67849 1 Moodle 1 Moodle 2026-02-26 7.3 High
A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface could be manipulated.
CVE-2025-67850 1 Moodle 1 Moodle 2026-02-26 7.3 High
A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions, the malicious code would execute in their web browsers, potentially compromising their data or leading to unauthorized actions.
CVE-2024-4040 1 Crushftp 1 Crushftp 2026-02-26 9.8 Critical
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.