Export limit exceeded: 77142 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (77142 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24119 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||||
| CVE-2025-23283 | 1 Nvidia | 1 Gpu Display Driver | 2026-02-26 | 7.8 High |
| NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2025-43249 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. | ||||
| CVE-2025-23284 | 1 Nvidia | 1 Gpu Display Driver | 2026-02-26 | 7.8 High |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. | ||||
| CVE-2025-43270 | 1 Apple | 4 Macos, Sequoia, Sonoma and 1 more | 2026-02-26 | 8.8 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may gain unauthorized access to Local Network. | ||||
| CVE-2025-20700 | 1 Airoha | 6 Ab156x, Ab157x, Ab158x and 3 more | 2026-02-26 | 8.8 High |
| In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-43196 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. | ||||
| CVE-2025-25011 | 1 Elastic | 1 Elastic Beats | 2026-02-26 | 7 High |
| An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE) via Insecure Directory Permissions. The vulnerability arises from improper handling of directory permissions. An attacker with local access may exploit this flaw to move and delete arbitrary files, potentially gaining SYSTEM privileges. | ||||
| CVE-2025-20701 | 1 Airoha | 4 Ab156x, Ab157x, Ab158x and 1 more | 2026-02-26 | 8.8 High |
| In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-8292 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-26 | 8.8 High |
| Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-20702 | 1 Airoha | 6 Ab156x, Ab157x, Ab158x and 3 more | 2026-02-26 | 8.8 High |
| In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-6204 | 1 3ds | 1 Delmia Apriso | 2026-02-26 | 8 High |
| An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code. | ||||
| CVE-2025-36611 | 1 Dell | 2 Encryption, Security Management Server | 2026-02-26 | 7.3 High |
| Dell Encryption and Dell Security Management Server, versions prior to 11.11.0, contain an Improper Link Resolution Before File Access ('Link Following') Vulnerability. A local malicious user could potentially exploit this vulnerability, leading to privilege escalation. | ||||
| CVE-2025-30105 | 1 Dell | 3 Techadvisor, Xtremio Management Server, Xtremio X2 | 2026-02-26 | 8.8 High |
| Dell XtremIO, version(s) 6.4.0-22, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2025-26332 | 1 Dell | 3 Techadvisor, Xtremio Management Server, Xtremio X2 | 2026-02-26 | 8.8 High |
| TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, contain(s) an Insertion of Sensitive Information into Log File vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2025-36604 | 1 Dell | 1 Unity Operating Environment | 2026-02-26 | 7.3 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. | ||||
| CVE-2025-36606 | 1 Dell | 1 Unity Operating Environment | 2026-02-26 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-36607 | 1 Dell | 1 Unity Operating Environment | 2026-02-26 | 7.8 High |
| Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges. | ||||
| CVE-2025-30099 | 1 Dell | 2 Data Domain Operating System, Powerprotect Data Domain | 2026-02-26 | 7.8 High |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||
| CVE-2025-21120 | 1 Dell | 3 Avamar, Avamar Data Store, Avamar Server | 2026-02-26 | 8.3 High |
| Dell Avamar, versions prior to 19.10 SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure. | ||||