Export limit exceeded: 34627 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34627 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29130 | 1 Siemens | 1 Simatic Cn 4100 Firmware | 2026-02-18 | 9.9 Critical |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control. | ||||
| CVE-2023-39677 | 2 Myprestamodules, Updateproducts Project | 2 Product Catalog \(csv\, Excel\) Import, Updateproducts | 2026-02-18 | 7.5 High |
| MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. | ||||
| CVE-2025-47911 | 2 Go, Golang | 2 Html, Net | 2026-02-18 | 5.3 Medium |
| The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. | ||||
| CVE-2026-20680 | 1 Apple | 4 Ios And Ipados, Ipados, Iphone Os and 1 more | 2026-02-18 | 5.5 Medium |
| The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. A sandboxed app may be able to access sensitive user data. | ||||
| CVE-2026-20661 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-02-18 | 4.6 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-20656 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-02-18 | 3.3 Low |
| A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history. | ||||
| CVE-2026-20655 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-02-18 | 5.5 Medium |
| An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information. | ||||
| CVE-2026-20621 | 1 Apple | 5 Ios And Ipados, Ipados, Iphone Os and 2 more | 2026-02-18 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2026-20618 | 1 Apple | 1 Macos | 2026-02-18 | 5.5 Medium |
| An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data. | ||||
| CVE-2026-20602 | 1 Apple | 1 Macos | 2026-02-18 | 5.5 Medium |
| The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to cause a denial-of-service. | ||||
| CVE-2024-37370 | 2 Mit, Redhat | 8 Kerberos 5, Enterprise Linux, Rhel Aus and 5 more | 2026-02-18 | 7.5 High |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. | ||||
| CVE-2026-23836 | 1 Hotcrp | 1 Hotcrp | 2026-02-18 | 10 Critical |
| HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2. | ||||
| CVE-2026-20654 | 1 Apple | 7 Ios And Ipados, Ipados, Iphone Os and 4 more | 2026-02-18 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination. | ||||
| CVE-2026-20642 | 1 Apple | 3 Ios And Ipados, Ipados, Iphone Os | 2026-02-18 | 2.4 Low |
| An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2026-20603 | 1 Apple | 1 Macos | 2026-02-18 | 4.4 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information. | ||||
| CVE-2025-57783 | 2 Hiawatha, Hiawatha-webserver | 2 Web Server, Hiawatha | 2026-02-18 | 5.3 Medium |
| Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver. | ||||
| CVE-2025-57784 | 2 Hiawatha, Hiawatha-webserver | 2 Web Server, Hiawatha | 2026-02-18 | 4 Medium |
| Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client. | ||||
| CVE-2026-20676 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-02-17 | 4.3 Medium |
| This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions. | ||||
| CVE-2026-20629 | 1 Apple | 1 Macos | 2026-02-17 | 5.5 Medium |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data. | ||||
| CVE-2026-0485 | 1 Sap | 2 Businessobjects Bi Platform, Businessobjects Business Intelligence Platform | 2026-02-17 | 7.5 High |
| SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, rendering the CMS completely unavailable. Successful exploitation results in a high impact on availability, while confidentiality and integrity remain unaffected. | ||||