Export limit exceeded: 26246 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26246 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45391 | 1 Ssw | 1 Tinacms\/cli | 2026-03-13 | 7.5 High |
| Tina is an open-source content management system (CMS). Sites building with Tina CMS's command line interface (CLI) prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file (tina-lock.json). Administrators of Tina-enabled websites with search setup should rotate their key immediately. This issue has been patched in @tinacms/cli version 1.6.2. Upgrading and rotating the search token is required for the proper fix. | ||||
| CVE-2025-20096 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper input validation in the UEFI firmware for some Intel Reference Platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (high) and availability (high) impacts. | ||||
| CVE-2025-20027 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper input validation in the UEFI WheaERST module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-20064 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper input validation in the UEFI FlashUcAcmSmm module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts. | ||||
| CVE-2025-20068 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper input validation in the UEFI ImcErrorHandler module for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-20105 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper input validation in some UEFI firmware SMM module for the Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (high), integrity (high) and availability (high) impacts. | ||||
| CVE-2025-36920 | 1 Google | 1 Android | 2026-03-12 | 8.4 High |
| In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-61611 | 2 Linuxfoundation, Unisoc | 2 Yocto, Udx710 | 2026-03-10 | 7.5 High |
| In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.. | ||||
| CVE-2025-61612 | 2 Google, Unisoc | 6 Android, T7300, T8100 and 3 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-61613 | 2 Google, Unisoc | 5 Android, T8100, T8200 and 2 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-61614 | 2 Google, Unisoc | 6 Android, T7300, T8100 and 3 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-61615 | 2 Google, Unisoc | 5 Android, T8100, T8200 and 2 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-61616 | 2 Google, Unisoc | 5 Android, T8100, T8200 and 2 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-69278 | 2 Google, Unisoc | 6 Android, T7300, T8100 and 3 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-69279 | 2 Google, Unisoc | 5 Android, T8100, T8200 and 2 more | 2026-03-10 | 7.5 High |
| In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||||
| CVE-2025-41257 | 1 Supremainc | 1 Biostar 2 | 2026-03-09 | 4.8 Medium |
| Suprema’s BioStar 2 in version 2.9.11.6 allows users to set new password without providing the current one. Exploiting this flaw combined with other vulnerabilities can lead to unauthorized account access and potential system compromise. | ||||
| CVE-2025-7375 | 1 Tp-link | 3 Eap610 V3, Omada Eap610, Omada Eap610 Firmware | 2026-03-09 | 6.5 Medium |
| A denial-of-service (DoS) vulnerability was identified in Omada EAP610 v3. An attacker with adjacent network access can send crafted requests to cause the device’s HTTP service to crash. This results in temporary service unavailability until the device is rebooted. This issue affects Omada EAP610 firmware versions prior to 1.6.0. | ||||
| CVE-2025-15545 | 1 Tp-link | 2 Archer Re605x, Archer Re605x Firmware | 2026-03-09 | 6.8 Medium |
| The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. Successful exploitation allows the attacker to gain root-level command execution, compromising confidentiality, integrity and availability. | ||||
| CVE-2022-35290 | 1 Sap | 1 Authenticator | 2026-03-09 | 7.5 High |
| Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted. | ||||
| CVE-2025-15035 | 1 Tp-link | 2 Archer Axe75, Archer Axe75 Firmware | 2026-03-09 | 7.3 High |
| Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107. | ||||