Export limit exceeded: 364861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364861 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24867 2026-01-28 N/A
Not used
CVE-2026-24866 2026-01-28 N/A
Not used
CVE-2026-24865 2026-01-28 N/A
Not used
CVE-2026-24864 2026-01-28 N/A
Not used
CVE-2026-24863 2026-01-28 N/A
Not used
CVE-2026-24862 2026-01-28 N/A
Not used
CVE-2026-24861 2026-01-28 N/A
Not used
CVE-2026-24860 2026-01-28 N/A
Not used
CVE-2026-24859 2026-01-28 N/A
Not used
CVE-2025-43860 2 Open-emr, Openemr 2 Openemr, Openemr 2026-01-27 7.6 High
OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation and editing privileges to inject arbitrary JavaScript code into the system by entering malicious payloads in the (1) Text Box fields of Address, Address Line 2, Postal Code and City fields and (2) Drop Down menu options of Address Use, State and Country of the Additional Addresses section of the Contact tab in Patient Demographics. The injected script can execute in two scenarios: (1) dynamically during form input, and (2) when the form data is later loaded for editing. Version 7.0.3.4 contains a patch for the issue.
CVE-2024-1545 3 Linux, Microsoft, Wolfssl 4 Linux Kernel, Windows, Wolfcrypt and 1 more 2026-01-27 5.9 Medium
Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the RsaKey structure.
CVE-2024-1544 1 Wolfssl 1 Wolfssl 2026-01-27 4.1 Medium
Generating the ECDSA nonce k samples a random number r and then truncates this randomness with a modular reduction mod n where n is the order of the elliptic curve. Meaning k = r mod n. The division used during the reduction estimates a factor q_e by dividing the upper two digits (a digit having e.g. a size of 8 byte) of r by the upper digit of n and then decrements q_e in a loop until it has the correct size. Observing the number of times q_e is decremented through a control-flow revealing side-channel reveals a bias in the most significant bits of k. Depending on the curve this is either a negligible bias or a significant bias large enough to reconstruct k with lattice reduction methods. For SECP160R1, e.g., we find a bias of 15 bits.
CVE-2025-47334 1 Qualcomm 293 Csra6620, Csra6620 Firmware, Csra6640 and 290 more 2026-01-27 6.7 Medium
Memory corruption while processing shared command buffer packet between camera userspace and kernel.
CVE-2025-47335 1 Qualcomm 91 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 88 more 2026-01-27 6.7 Medium
Memory corruption while parsing clock configuration data for a specific hardware type.
CVE-2025-47336 1 Qualcomm 37 Fastconnect 7800, Fastconnect 7800 Firmware, Qmp1000 and 34 more 2026-01-27 6.7 Medium
Memory corruption while performing sensor register read operations.
CVE-2025-47337 1 Qualcomm 129 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 126 more 2026-01-27 6.7 Medium
Memory corruption while accessing a synchronization object during concurrent operations.
CVE-2025-66518 1 Apache 1 Kyuubi 2026-01-27 8.8 High
Any client who can access to Apache Kyuubi Server via Kyuubi frontend protocols can bypass server-side config kyuubi.session.local.dir.allow.list and use local files which are not listed in the config. This issue affects Apache Kyuubi: from 1.6.0 through 1.10.2. Users are recommended to upgrade to version 1.10.3 or upper, which fixes the issue.
CVE-2025-14017 2 Curl, Haxx 2 Curl, Curl 2026-01-27 6.3 Medium
When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well.
CVE-2025-47339 1 Qualcomm 371 Ar8035, Ar8035 Firmware, Ar9380 and 368 more 2026-01-27 7.8 High
Memory corruption while deinitializing a HDCP session.
CVE-2025-47344 1 Qualcomm 165 Csra6620, Csra6620 Firmware, Csra6640 and 162 more 2026-01-27 6.7 Medium
Memory corruption while handling sensor utility operations.