Export limit exceeded: 361611 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 15930 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20938 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20938 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54216 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54222 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-02-26 | 7.8 High |
| Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-43884 | 1 Dell | 1 Powerprotect Data Manager | 2026-02-26 | 8.2 High |
| Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-43885 | 1 Dell | 1 Powerprotect Data Manager | 2026-02-26 | 7.8 High |
| Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-21042 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-26 | 8.8 High |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code. | ||||
| CVE-2025-21043 | 1 Samsung | 2 Android, Mobile Devices | 2026-02-26 | 8.8 High |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code. | ||||
| CVE-2025-8893 | 1 Autodesk | 12 Advance Steel, Autocad, Autocad Architecture and 9 more | 2026-02-26 | 7.8 High |
| A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-9242 | 1 Watchguard | 35 Firebox M270, Firebox M290, Firebox M370 and 32 more | 2026-02-26 | 9.8 Critical |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1. | ||||
| CVE-2025-9132 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-26 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-48703 | 2 Centos-webpanel, Control-webpanel | 2 Centos Web Panel, Webpanel | 2026-02-26 | 9 Critical |
| CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote code execution via shell metacharacters in the t_total parameter in a filemanager changePerm request. A valid non-root username must be known. | ||||
| CVE-2025-47212 | 1 Qnap | 2 Qts, Quts Hero | 2026-02-26 | 7.2 High |
| A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later | ||||
| CVE-2025-43890 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-43906 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-43911 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-43908 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.4 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||
| CVE-2025-36567 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-36569 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges. | ||||
| CVE-2025-36566 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dd | 2026-02-26 | 6.7 Medium |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution. Exploitation may allow privilege escalation to root. | ||||
| CVE-2025-27054 | 1 Qualcomm | 599 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 596 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing a malformed license file during reboot. | ||||
| CVE-2025-47340 | 1 Qualcomm | 37 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 34 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing IOCTL call to get the mapping. | ||||