Total
1051 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22528 | 2 Microsoft, Sap | 2 Windows, Adaptive Server Enterprise | 2026-02-24 | 4.4 MEDIUM | 7.8 HIGH |
| SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The issue is with the ASE installer and does not impact other ASE binaries. | |||||
| CVE-2026-24016 | 2026-02-24 | N/A | 7.8 HIGH | ||
| The installer of ServerView Agents for Windows provided by Fsas Technologies Inc. may insecurely load Dynamic Link Libraries. Arbitrary code may be executed with the administrator privilege when the installer is executed. | |||||
| CVE-2026-2492 | 2026-02-23 | N/A | 7.0 HIGH | ||
| TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of plugins. The application loads plugins from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of a target user. Was ZDI-CAN-25480. | |||||
| CVE-2026-2040 | 2026-02-23 | N/A | 7.3 HIGH | ||
| PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of PDF-XChange Editor. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TrackerUpdate process. The product loads a library from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of a target user. Was ZDI-CAN-27788. | |||||
| CVE-2023-0213 | 2 M-files, Microsoft | 2 M-files, Windows | 2026-02-23 | N/A | 8.8 HIGH |
| Elevation of privilege issue in M-Files Installer versions before 22.6 on Windows allows user to gain SYSTEM privileges via DLL hijacking. | |||||
| CVE-2026-26050 | 2026-02-20 | N/A | 7.8 HIGH | ||
| The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges. | |||||
| CVE-2025-5471 | 1 Yandex | 1 Yandex Telemost | 2026-02-19 | N/A | 7.8 HIGH |
| Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1. | |||||
| CVE-2025-53000 | 2 Jupyter, Microsoft | 2 Nbconvert, Windows | 2026-02-18 | N/A | 7.8 HIGH |
| The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on Windows have a vulnerability in which converting a notebook containing SVG output to a PDF results in unauthorized code execution. Specifically, a third party can create a `inkscape.bat` file that defines a Windows batch script, capable of arbitrary code execution. When a user runs `jupyter nbconvert --to pdf` on a notebook containing SVG output to a PDF on a Windows platform from this directory, the `inkscape.bat` file is run unexpectedly. This issue has been patched in version 7.17.0. | |||||
| CVE-2026-23741 | 1 Sangoma | 2 Asterisk, Certified Asterisk | 2026-02-18 | N/A | N/A |
| Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2. | |||||
| CVE-2026-2538 | 2026-02-18 | 6.0 MEDIUM | 7.0 HIGH | ||
| A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25. Affected is an unknown function in the library Msimg32.dll. Performing a manipulation results in uncontrolled search path. Attacking locally is a requirement. The attack's complexity is rated as high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-2516 | 2026-02-18 | 6.0 MEDIUM | 7.0 HIGH | ||
| A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit. This affects an unknown part in the library SHFOLDER.dll. Such manipulation leads to uncontrolled search path. The attack needs to be performed locally. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-67450 | 1 Eaton | 1 Ups Companion | 2026-02-18 | N/A | 7.8 HIGH |
| Due to insecure library loading in the Eaton UPS Companion software executable, an attacker with access to the software package could perform arbitrary code execution . This security issue has been fixed in the latest version of EUC which is available on the Eaton download center. | |||||
| CVE-2025-59887 | 1 Eaton | 1 Ups Companion | 2026-02-18 | N/A | 8.6 HIGH |
| Improper authentication of library files in the Eaton UPS Companion software installer could lead to arbitrary code execution of an attacker with the access to the software package. This security issue has been fixed in the latest version of EUC which is available on the Eaton download center. | |||||
| CVE-2025-54519 | 2026-02-13 | N/A | 7.3 HIGH | ||
| A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | |||||
| CVE-2026-25655 | 1 Siemens | 1 Sinec Nms | 2026-02-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative privilege.(ZDI-CAN-28107) | |||||
| CVE-2026-25656 | 1 Siemens | 2 Sinec Nms, User Management Component | 2026-02-12 | N/A | 7.8 HIGH |
| A vulnerability has been identified in SINEC NMS (All versions), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with SYSTEM privileges.(ZDI-CAN-28108) | |||||
| CVE-2026-2360 | 2026-02-12 | N/A | 8.0 HIGH | ||
| PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a custom operator in the public schema and place malicious code in that operator. This operator will later be executed with superuser privileges when the extension is created. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version. With PostgreSQL 15 and later, the creation permission on the public schema is revoked by default and this exploit can only be achieved if a superuser adds a new schema in her/his own search_path and grants the CREATE privilege on that schema to untrusted users, both actions being clearly discouraged by the PostgreSQL documentation. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions | |||||
| CVE-2026-2361 | 2026-02-12 | N/A | 8.0 HIGH | ||
| PostgreSQL Anonymizer contains a vulnerability that allows a user to gain superuser privileges by creating a temporary view based on a function containing malicious code. When the anon.get_tablesample_ratio function is then called, the malicious code is executed with superuser privileges. This privilege elevation can be exploited by users having the CREATE privilege in PostgreSQL 15 and later. The risk is higher with PostgreSQL 14 or with instances upgraded from PostgreSQL 14 or a prior version because the creation permission on the public schema is granted by default. The problem is resolved in PostgreSQL Anonymizer 3.0.1 and further versions | |||||
| CVE-2026-25676 | 2026-02-12 | N/A | 7.8 HIGH | ||
| The installer of M-Track Duo HD version 1.0.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrator privileges. | |||||
| CVE-2025-48503 | 2026-02-11 | N/A | 7.8 HIGH | ||
| A DLL hijacking vulnerability in the AMD Software Installer could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. | |||||