Export limit exceeded: 76514 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76514 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27516 | 3 Debian, Palletsprojects, Redhat | 11 Debian Linux, Jinja, Ansible Automation Platform and 8 more | 2026-02-26 | 8.8 High |
| Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications which execute untrusted templates. Jinja's sandbox does catch calls to str.format and ensures they don't escape the sandbox. However, it's possible to use the |attr filter to get a reference to a string's plain format method, bypassing the sandbox. After the fix, the |attr filter no longer bypasses the environment's attribute lookup. This vulnerability is fixed in 3.1.6. | ||||
| CVE-2025-20903 | 1 Samsung | 1 Android | 2026-02-26 | 7.3 High |
| Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability. | ||||
| CVE-2025-20929 | 2 Samsung, Samsung Mobile | 2 Notes, Samsung Notes | 2026-02-26 | 7.3 High |
| Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. | ||||
| CVE-2025-20931 | 2 Samsung, Samsung Mobile | 2 Notes, Samsung Notes | 2026-02-26 | 7.3 High |
| Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. | ||||
| CVE-2025-26331 | 1 Dell | 12 Latitude 3420, Latitude 3440, Latitude 5440 and 9 more | 2026-02-26 | 7.8 High |
| Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution. | ||||
| CVE-2022-43454 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-02-26 | 7.8 High |
| A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2025-1920 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-2135 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-2136 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Use after free in Inspector in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-2137 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Out of bounds read in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-26661 | 2026-02-26 | 8.8 High | ||
| Due to missing authorization check, SAP NetWeaver (ABAP Class Builder) allows an attacker to gain higher access levels than they should have, resulting in escalation of privileges. On successful exploitation, this could result in disclosure of highly sensitive information. It could also have a high impact on the integrity and availability of the application. | ||||
| CVE-2025-27434 | 2026-02-26 | 8.8 High | ||
| Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an attacker to execute a cross-site scripting (XSS) attack. This could lead to a high impact on the confidentiality, integrity, and availability of data in SAP Commerce. | ||||
| CVE-2024-11253 | 1 Zyxel | 12 Dm4200-b0, Dm4200-b0 Firmware, Emg5723-t50k and 9 more | 2026-02-26 | 7.2 High |
| A post-authentication command injection vulnerability in the "DNSServer” parameter of the diagnostic function in the Zyxel VMG8825-T50K firmware version V5.50(ABOM.8.5)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. | ||||
| CVE-2024-12009 | 1 Zyxel | 76 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 73 more | 2026-02-26 | 7.2 High |
| A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601-T1 firmware version V5.70(ACDZ.3.6)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. | ||||
| CVE-2024-12010 | 1 Zyxel | 82 Ax7501-b0, Ax7501-b0 Firmware, Ax7501-b1 and 79 more | 2026-02-26 | 7.2 High |
| A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the Zyxel AX7501-B1 firmware version V5.17(ABPC.5.3)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. | ||||
| CVE-2025-27363 | 3 Debian, Freetype, Redhat | 9 Debian Linux, Freetype, Enterprise Linux and 6 more | 2026-02-26 | 8.1 High |
| An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. | ||||
| CVE-2025-22454 | 1 Ivanti | 1 Secure Access Client | 2026-02-26 | 7.8 High |
| Insufficiently restrictive permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | ||||
| CVE-2023-40723 | 1 Fortinet | 1 Fortisiem | 2026-02-26 | 7.7 High |
| An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.4 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 and 6.3.0 through 6.3.3 and 6.2.0 through 6.2.1 and 6.1.0 through 6.1.2 and 5.4.0 and 5.3.0 through 5.3.3 and 5.2.5 through 5.2.8 and 5.2.1 through 5.2.2 and 5.1.0 through 5.1.3 allows attacker to execute unauthorized code or commands via api request. | ||||
| CVE-2024-45328 | 1 Fortinet | 1 Fortisandbox | 2026-02-26 | 7.1 High |
| An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu. | ||||
| CVE-2024-52961 | 1 Fortinet | 1 Fortisandbox | 2026-02-26 | 8.6 High |
| An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests. | ||||