Export limit exceeded: 19212 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19212 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1861 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-11 | 8.8 High |
| Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-23715 | 1 Siemens | 2 Simcenter Femap, Simcenter Nastran | 2026-02-11 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds write vulnerability while parsing specially crafted XDB files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2026-21346 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2026-02-11 | 7.8 High |
| Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21316 | 1 Adobe | 1 Audition | 2026-02-11 | 5.5 Medium |
| Audition versions 25.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-11142 | 1 Axis Communications Ab | 1 Axis Os | 2026-02-11 | 7.1 High |
| The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. | ||||
| CVE-2024-38065 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-10 | 6.8 Medium |
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2024-38032 | 1 Microsoft | 10 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 7 more | 2026-02-10 | 7.1 High |
| Microsoft Xbox Remote Code Execution Vulnerability | ||||
| CVE-2024-38060 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2026-02-10 | 8.8 High |
| Windows Imaging Component Remote Code Execution Vulnerability | ||||
| CVE-2024-38054 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-10 | 7.8 High |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38051 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-10 | 7.8 High |
| Windows Graphics Component Remote Code Execution Vulnerability | ||||
| CVE-2024-38025 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-10 | 7.2 High |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | ||||
| CVE-2026-25857 | 1 Tenda | 1 G300-f | 2026-02-10 | N/A |
| Tenda G300-F router firmware version 16.01.14.2 and prior contain an OS command injection vulnerability in the WAN diagnostic functionality (formSetWanDiag). The implementation constructs a shell command that invokes curl and incorporates attacker-controlled input into the command line without adequate neutralization. As a result, a remote attacker with access to the affected management interface can inject additional shell syntax and execute arbitrary commands on the device with the privileges of the management process. | ||||
| CVE-2025-20993 | 1 Samsung | 1 Android | 2026-02-10 | 4 Medium |
| Out-of-bounds write in libsecimaging.camera.samsung.so prior to SMR Jun-2025 Release 1 allows local attackers to write out-of-bounds memory. | ||||
| CVE-2026-26009 | 1 Karutoil | 1 Catalyst | 2026-02-10 | 10 Critical |
| Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating system as root via bash -c, with no sandboxing or containerization. Any user with template.create or template.update permission can define arbitrary shell commands that achieve full root-level remote code execution on every node machine in the cluster. This vulnerability is fixed in commit 11980aaf3f46315b02777f325ba02c56b110165d. | ||||
| CVE-2025-52626 | 1 Hcltech | 1 Aion | 2026-02-10 | 4.5 Medium |
| A Potential Command Injection vulnerability in HCL AION. An This can allow unintended command execution, potentially leading to unauthorized actions on the underlying system.This issue affects AION: 2.0 | ||||
| CVE-2025-47320 | 1 Qualcomm | 427 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 424 more | 2026-02-10 | 7.8 High |
| Memory corruption while processing MFC channel configuration during music playback. | ||||
| CVE-2025-13447 | 1 Progress | 5 Connection Manager For Objectscale*, Ecs Connection Manager, Loadmaster and 2 more | 2026-02-10 | 8.4 High |
| OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters | ||||
| CVE-2026-24926 | 1 Huawei | 1 Harmonyos | 2026-02-10 | 8.4 High |
| Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-24925 | 1 Huawei | 1 Harmonyos | 2026-02-10 | 7.3 High |
| Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-24919 | 1 Huawei | 2 Emui, Harmonyos | 2026-02-10 | 6 Medium |
| Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||