Export limit exceeded: 364952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364952 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-20089 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20078 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20066 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20038 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-20007 2026-02-13 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused
CVE-2025-68458 2 Webpack, Webpack.js 2 Webpack, Webpack 2026-02-13 3.7 Low
Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTP(S) resolver (HttpUriPlugin) can be bypassed to fetch resources from hosts outside allowedUris by using crafted URLs that include userinfo (username:password@host). If allowedUris enforcement relies on a raw string prefix check (e.g., uri.startsWith(allowed)), a URL that looks allow-listed can pass validation while the actual network request is sent to a different authority/host after URL parsing. This is a policy/allow-list bypass that enables build-time SSRF behavior (outbound requests from the build machine to internal-only endpoints, depending on network access) and untrusted content inclusion (the fetched response is treated as module source and bundled). This issue has been patched in version 5.104.1.
CVE-2025-49742 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Integer overflow or wraparound in Microsoft Graphics Component allows an authorized attacker to execute code locally.
CVE-2025-49741 1 Microsoft 1 Edge Chromium 2026-02-13 7.4 High
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49740 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2026-02-13 8.8 High
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-47999 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-13 6.8 Medium
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49732 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2026-02-13 7.8 High
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
CVE-2025-49730 1 Microsoft 27 Windows, Windows 10, Windows 10 1507 and 24 more 2026-02-13 7.8 High
Time-of-check time-of-use (toctou) race condition in Microsoft Windows QoS scheduler allows an authorized attacker to elevate privileges locally.
CVE-2025-49725 1 Microsoft 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more 2026-02-13 7.8 High
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
CVE-2025-49724 1 Microsoft 16 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 13 more 2026-02-13 8.8 High
Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network.
CVE-2025-49722 1 Microsoft 27 Windows, Windows 10, Windows 10 1507 and 24 more 2026-02-13 5.7 Medium
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
CVE-2025-49718 1 Microsoft 3 Sql Server, Sql Server 2019, Sql Server 2022 2026-02-13 7.5 High
Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network.
CVE-2025-49705 1 Microsoft 13 365 Apps, Office, Office 2016 and 10 more 2026-02-13 7.8 High
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
CVE-2025-49704 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-02-13 8.8 High
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49701 1 Microsoft 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 2026-02-13 8.8 High
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-49698 1 Microsoft 10 365 Apps, Office, Office 2019 and 7 more 2026-02-13 7.8 High
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.