Export limit exceeded: 367171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (367171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21476 | 1 Qualcomm | 85 Qca6391, Qca6391 Firmware, Qca6698aq and 82 more | 2026-02-26 | 7.8 High |
| Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake. | ||||
| CVE-2025-26496 | 4 Linux, Microsoft, Salesforce and 1 more | 6 Linux, Windows, Tableau Desktop and 3 more | 2026-02-26 | 9.3 Critical |
| Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19. | ||||
| CVE-2025-43914 | 4 Canonical, Dell, Linux and 1 more | 5 Ubuntu, Data Domain Operating System, Powerprotect Data Domain and 2 more | 2026-02-26 | 7.5 High |
| Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-21481 | 1 Qualcomm | 499 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 496 more | 2026-02-26 | 7.8 High |
| Memory corruption while performing private key encryption in trusted application. | ||||
| CVE-2025-4609 | 2 Google, Microsoft | 2 Chrome, Windows | 2026-02-26 | 9.6 Critical |
| Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) | ||||
| CVE-2025-43890 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-21482 | 1 Qualcomm | 575 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 572 more | 2026-02-26 | 7.1 High |
| Cryptographic issue while performing RSA PKCS padding decoding. | ||||
| CVE-2025-36157 | 1 Ibm | 1 Jazz Foundation | 2026-02-26 | 9.8 Critical |
| IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions. | ||||
| CVE-2025-43906 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-21483 | 1 Qualcomm | 455 Apq8017, Apq8017 Firmware, Apq8064au and 452 more | 2026-02-26 | 9.8 Critical |
| Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. | ||||
| CVE-2025-36174 | 1 Ibm | 1 Integrated Analytics System | 2026-02-26 | 8 High |
| IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened. | ||||
| CVE-2025-43911 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-27032 | 1 Qualcomm | 385 Aqt1000, Aqt1000 Firmware, Ar8035 and 382 more | 2026-02-26 | 7.8 High |
| memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency. | ||||
| CVE-2025-43908 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.4 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||
| CVE-2025-27034 | 1 Qualcomm | 227 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 224 more | 2026-02-26 | 9.8 Critical |
| Memory corruption while selecting the PLMN from SOR failed list. | ||||
| CVE-2025-26467 | 1 Apache | 1 Cassandra | 2026-02-26 | 8.8 High |
| Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on affected versions should review data access rules for potential breaches. This issue affects Apache Cassandra 3.0.30, 3.11.17, 4.0.16, 4.1.7, 5.0.2, but this advisory is only for 4.0.16 because the fix to CVE-2025-23015 was incorrectly applied to 4.0.16, so that version is still affected. Users in the 4.0 series are recommended to upgrade to version 4.0.17 which fixes the issue. Users from 3.0, 3.11, 4.1 and 5.0 series should follow recommendation from CVE-2025-23015. | ||||
| CVE-2025-36567 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-27037 | 1 Qualcomm | 75 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 72 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers. | ||||
| CVE-2025-7775 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2026-02-26 | 9.8 Critical |
| Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX | ||||
| CVE-2025-36569 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||