Export limit exceeded: 35583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-3805 | 2 Curl, Haxx | 2 Curl, Curl | 2026-03-20 | 7.5 High |
| When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. | ||||
| CVE-2025-70046 | 1 Miazzy | 2 Oa-font-service, Oa Front Service | 2026-03-13 | 9.8 Critical |
| An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master. | ||||
| CVE-2024-53033 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2026-02-26 | 7.8 High |
| Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. | ||||
| CVE-2024-53034 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2026-02-26 | 7.8 High |
| Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. | ||||
| CVE-2025-27162 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-02-26 | 7.8 High |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27158 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-02-26 | 7.8 High |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-21354 | 1 Microsoft | 9 365 Apps, Office, Office 2019 and 6 more | 2026-02-26 | 8.4 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21363 | 1 Microsoft | 5 365 Apps, Office 2024, Office Long Term Servicing Channel and 2 more | 2026-02-26 | 7.8 High |
| Microsoft Word Remote Code Execution Vulnerability | ||||
| CVE-2024-45557 | 1 Qualcomm | 122 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 119 more | 2026-02-26 | 7.8 High |
| Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. | ||||
| CVE-2025-20236 | 1 Cisco | 1 Webex Teams | 2026-02-26 | 8.8 High |
| A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user. This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user. | ||||
| CVE-2025-47985 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.8 High |
| Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49661 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.8 High |
| Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49689 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.8 High |
| Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-21486 | 1 Qualcomm | 63 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 60 more | 2026-02-26 | 7.8 High |
| Memory corruption during dynamic process creation call when client is only passing address and length of shell binary. | ||||
| CVE-2025-43592 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2026-02-26 | 7.8 High |
| InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-49529 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-02-26 | 7.8 High |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47121 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2026-02-26 | 7.8 High |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-47098 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2026-02-26 | 7.8 High |
| InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-32463 | 6 Canonical, Debian, Opensuse and 3 more | 8 Ubuntu Linux, Debian Linux, Leap and 5 more | 2026-02-26 | 9.3 Critical |
| Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. | ||||
| CVE-2025-50165 | 1 Microsoft | 6 Server, Windows, Windows 11 24h2 and 3 more | 2026-02-26 | 9.8 Critical |
| Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | ||||