Export limit exceeded: 334996 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 334996 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334996 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-46762 | 1 Apache | 1 Parquet | 2026-02-26 | 8.1 High |
| Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default setting of trusted packages still allows malicious classes from these packages to be executed. The exploit is only applicable if the client code of parquet-avro uses the "specific" or the "reflect" models deliberately for reading Parquet files. ("generic" model is not impacted) Users are recommended to upgrade to 1.15.2 or set the system property "org.apache.parquet.avro.SERIALIZABLE_PACKAGES" to an empty string on 1.15.1. Both are sufficient to fix the issue. | ||||
| CVE-2024-45557 | 1 Qualcomm | 122 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 119 more | 2026-02-26 | 7.8 High |
| Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. | ||||
| CVE-2025-2898 | 1 Ibm | 1 Maximo Application Suite | 2026-02-26 | 7.5 High |
| IBM Maximo Application Suite 9.0 could allow an attacker with some level of access to elevate their privileges due to a security configuration vulnerability in Role-Based Access Control (RBAC) configurations. | ||||
| CVE-2024-49848 | 1 Qualcomm | 294 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 291 more | 2026-02-26 | 6.7 Medium |
| Memory corruption while processing multiple IOCTL calls from HLOS to DSP. | ||||
| CVE-2025-22478 | 1 Dell | 1 Storage Manager | 2026-02-26 | 8.1 High |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. | ||||
| CVE-2025-21421 | 1 Qualcomm | 91 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 88 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing escape code in API. | ||||
| CVE-2025-22477 | 1 Dell | 1 Storage Manager | 2026-02-26 | 8.3 High |
| Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges. | ||||
| CVE-2025-25014 | 1 Elastic | 1 Kibana | 2026-02-26 | 9.1 Critical |
| A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints. | ||||
| CVE-2025-21423 | 1 Qualcomm | 91 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 88 more | 2026-02-26 | 7.8 High |
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. | ||||
| CVE-2025-4372 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-21425 | 1 Qualcomm | 67 Qam8255p, Qam8255p Firmware, Qam8295p and 64 more | 2026-02-26 | 7.3 High |
| Memory corruption may occur due top improper access control in HAB process. | ||||
| CVE-2025-20937 | 1 Samsung | 1 Android | 2026-02-26 | 6.7 Medium |
| Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-21428 | 1 Qualcomm | 138 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 135 more | 2026-02-26 | 7.5 High |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. | ||||
| CVE-2025-20979 | 1 Google | 1 Android | 2026-02-26 | 8.4 High |
| Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code. | ||||
| CVE-2025-21429 | 1 Qualcomm | 364 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 361 more | 2026-02-26 | 7.5 High |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. | ||||
| CVE-2025-2777 | 1 Sysaid | 2 Sysaid, Sysaid On-premises | 2026-02-26 | 9.3 Critical |
| SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives. | ||||
| CVE-2025-21436 | 1 Qualcomm | 50 Fastconnect 7800, Fastconnect 7800 Firmware, Qmp1000 and 47 more | 2026-02-26 | 7.8 High |
| Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads. | ||||
| CVE-2025-20213 | 1 Cisco | 1 Catalyst Sd-wan Manager | 2026-02-26 | 5.5 Medium |
| A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user. | ||||
| CVE-2025-32819 | 1 Sonicwall | 12 Sma 100, Sma 100 Firmware, Sma 200 and 9 more | 2026-02-26 | 8.8 High |
| A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to bypass the path traversal checks and delete an arbitrary file potentially resulting in a reboot to factory default settings. | ||||
| CVE-2025-21437 | 1 Qualcomm | 62 Qam8255p, Qam8255p Firmware, Qam8295p and 59 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing memory map or unmap IOCTL operations simultaneously. | ||||