Export limit exceeded: 74640 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74640 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-1137 | 1 Ibm | 2 Spectrum Scale Container Native Storage Access, Storage Scale | 2026-02-26 | 7.5 High |
| IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization. | ||||
| CVE-2024-26013 | 1 Fortinet | 6 Fortianalyzer, Fortimanager, Fortios and 3 more | 2026-02-26 | 7.1 High |
| A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0.0 through 7.0.15, 6.4.0 through 6.4.15 and before 6.2.16, Fortinet FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9 and before 7.0.15, Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14 and before 6.2.13, Fortinet FortiVoice version 7.0.0 through 7.0.2 before 6.4.8 and Fortinet FortiWeb before 7.4.2 may allow an unauthenticated attacker in a man-in-the-middle position to impersonate the management device (FortiCloud server or/and in certain conditions, FortiManager), via intercepting the FGFM authentication request between the management device and the managed device | ||||
| CVE-2025-31223 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-02-26 | 8 High |
| The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-22458 | 1 Ivanti | 1 Endpoint Manager | 2026-02-26 | 7.8 High |
| DLL hijacking in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows an authenticated attacker to escalate to System. | ||||
| CVE-2025-30453 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-22461 | 1 Ivanti | 1 Endpoint Manager | 2026-02-26 | 7.2 High |
| SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution. | ||||
| CVE-2025-31238 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-02-26 | 7.3 High |
| The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-1095 | 4 Apple, Ibm, Linux and 1 more | 4 Macos, Personal Communications, Linux Kernel and 1 more | 2026-02-26 | 8.8 High |
| IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local privilege escalation (LPE). The vulnerability allows any interactively logged in users on the target computer to run commands with full privileges in the context of NT AUTHORITY\SYSTEM. This allows for a low privileged attacker to escalate their privileges. This vulnerability is due to an incomplete fix for CVE-2024-25029. | ||||
| CVE-2025-31222 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-02-26 | 7.8 High |
| A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges. | ||||
| CVE-2025-31259 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.5. An app may be able to gain elevated privileges. | ||||
| CVE-2025-31244 | 1 Apple | 1 Macos | 2026-02-26 | 8.8 High |
| A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox. | ||||
| CVE-2025-27082 | 1 Arubanetworks | 1 Arubaos | 2026-02-26 | 7.2 High |
| Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system. | ||||
| CVE-2025-31224 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass certain Privacy preferences. | ||||
| CVE-2025-30442 | 1 Apple | 1 Macos | 2026-02-26 | 7.8 High |
| The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain elevated privileges. | ||||
| CVE-2025-31246 | 1 Apple | 1 Macos | 2026-02-26 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6. Connecting to a malicious AFP server may corrupt kernel memory. | ||||
| CVE-2025-27183 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-02-26 | 7.8 High |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27182 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2026-02-26 | 7.8 High |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27194 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-26 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27195 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2026-02-26 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-4428 | 1 Ivanti | 1 Endpoint Manager Mobile | 2026-02-26 | 7.2 High |
| Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. | ||||