Export limit exceeded: 41588 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (41588 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-7032 | 1 Rockwellautomation | 1 Arena | 2026-02-26 | 7.8 High |
| A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. | ||||
| CVE-2025-7033 | 1 Rockwellautomation | 2 Arena, Arena Simulation | 2026-02-26 | 7.8 High |
| A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information. | ||||
| CVE-2025-6013 | 1 Hashicorp | 2 Vault, Vault Enterprise | 2026-02-26 | 6.5 Medium |
| Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24. | ||||
| CVE-2025-3354 | 1 Ibm | 1 Tivoli Monitoring | 2026-02-26 | 8.1 High |
| IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. | ||||
| CVE-2025-22417 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In finishTransition of Transition.java, there is a possible way to bypass touch filtering restrictions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-22419 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In multiple locations, there is a possible way to mislead the user into enabling malicious phone calls forwarding due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-6634 | 1 Autodesk | 2 3ds Max, 3ds Max | 2026-02-26 | 7.8 High |
| A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-26416 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| In initializeSwizzler of SkBmpStandardCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21477 | 1 Samsung | 3 Android, Mobile, Samsung Mobile | 2026-02-26 | 7.9 High |
| Access of Memory Location After End of Buffer vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data. | ||||
| CVE-2025-30027 | 1 Axis | 1 Axis Os | 2026-02-26 | 6.7 Medium |
| An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application. | ||||
| CVE-2025-36900 | 1 Google | 1 Android | 2026-02-26 | 6.7 Medium |
| In lwis_test_register_io of lwis_device_test.c, there is a possible OOB Write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36902 | 1 Google | 1 Android | 2026-02-26 | 6.7 Medium |
| In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36906 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36907 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-20053 | 1 Intel | 3 Processor, Xeon, Xeon Processors | 2026-02-26 | 7.2 High |
| Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-0077 | 1 Google | 1 Android | 2026-02-26 | 4 Medium |
| In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-21096 | 1 Intel | 1 Tdx Module Software | 2026-02-26 | 1.9 Low |
| Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-22836 | 2 Intel, Linux | 2 Ethernet 800 Series Software, Linux Kernel | 2026-02-26 | 7.8 High |
| Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-22839 | 1 Intel | 3 Processors, Xeon, Xeon Processors | 2026-02-26 | 7.5 High |
| Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2025-22840 | 1 Intel | 3 Processors, Xeon, Xeon Processors | 2026-02-26 | 7.4 High |
| Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access | ||||