Total
29818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46813 | 1 Linux | 1 Linux Kernel | 2026-02-25 | N/A | 7.0 HIGH |
| An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the #VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kernel memory (and thus privilege escalation). This depends on a race condition through which userspace can replace an instruction before the #VC handler reads it. | |||||
| CVE-2023-26303 | 1 Executablebooks | 1 Markdown-it-py | 2026-02-25 | N/A | 3.3 LOW |
| Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. | |||||
| CVE-2023-26302 | 1 Executablebooks | 1 Markdown-it-py | 2026-02-25 | N/A | 3.3 LOW |
| Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. | |||||
| CVE-2021-36934 | 1 Microsoft | 5 Windows 10 1809, Windows 10 1909, Windows 10 2004 and 2 more | 2026-02-25 | 4.6 MEDIUM | 7.8 HIGH |
| <p>An elevation of privilege vulnerability exists because of overly permissive Access Control Lists (ACLs) on multiple system files, including the Security Accounts Manager (SAM) database. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>An attacker must have the ability to execute code on a victim system to exploit this vulnerability.</p> <p>After installing this security update, you <em>must</em> manually delete all shadow copies of system files, including the SAM database, to fully mitigate this vulnerabilty. <strong>Simply installing this security update will not fully mitigate this vulnerability.</strong> See <a href="https://support.microsoft.com/topic/1ceaa637-aaa3-4b58-a48b-baf72a2fa9e7">KB5005357- Delete Volume Shadow Copies</a>.</p> | |||||
| CVE-2022-27518 | 1 Citrix | 4 Application Delivery Controller, Application Delivery Controller Firmware, Gateway and 1 more | 2026-02-25 | N/A | 9.8 CRITICAL |
| Unauthenticated remote arbitrary code execution | |||||
| CVE-2024-38886 | 1 Horizoncloud | 1 Caterease | 2026-02-24 | N/A | 9.8 CRITICAL |
| An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Traffic Injection attack due to improper verification of the source of a communication channel. | |||||
| CVE-2025-21014 | 1 Samsung | 1 Android | 2026-02-24 | N/A | 4.3 MEDIUM |
| Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2025-20909 | 1 Samsung | 1 Android | 2026-02-24 | N/A | 4.0 MEDIUM |
| Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1 allows local attackers to access sensitive information. | |||||
| CVE-2020-16969 | 1 Microsoft | 1 Exchange Server | 2026-02-23 | 4.3 MEDIUM | 7.1 HIGH |
| <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.</p> <p>To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning or filtering, from the attacker-controlled URL. This callback vector provides an information disclosure tactic used in web beacons and other types of tracking systems.</p> <p>The security update corrects the way that Exchange handles these token validations.</p> | |||||
| CVE-2023-6189 | 1 M-files | 1 M-files Server | 2026-02-23 | N/A | 4.3 MEDIUM |
| Missing access permissions checks in the M-Files server before 23.11.13156.0 allow attackers to perform data write and export jobs using the M-Files API methods. | |||||
| CVE-2023-3405 | 1 M-files | 1 M-files Server | 2026-02-23 | N/A | 7.5 HIGH |
| Unchecked parameter value in M-Files Server in versions before 23.6.12695.3 (excluding 23.2 SR2 and newer) allows anonymous user to cause denial of service | |||||
| CVE-2023-2112 | 1 M-files | 1 M-files Server | 2026-02-23 | N/A | 3.6 LOW |
| Desktop component service allows lateral movement between sessions in M-Files before 23.4.12455.0. | |||||
| CVE-2019-18269 | 1 Omron | 2 Plc Cj Firmware, Plc Cs Firmware | 2026-02-20 | 7.5 HIGH | 9.8 CRITICAL |
| Omron’s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. | |||||
| CVE-2023-32493 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 7.3 HIGH |
| Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution. | |||||
| CVE-2023-44288 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 7.5 HIGH |
| Dell PowerScale OneFS, 8.2.2.x through 9.6.0.x, contains an improper control of a resource through its lifetime vulnerability. An unauthenticated network attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-25965 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.1 MEDIUM |
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2023-32489 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. | |||||
| CVE-2023-44295 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.6.0.x contains an improper control of a resource through its lifetime vulnerability. A low privilege attacker could potentially exploit this vulnerability, leading to loss of information, and information disclosure. | |||||
| CVE-2024-24901 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 3.0 LOW |
| Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period. | |||||
| CVE-2021-21553 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | 7.2 HIGH | 7.3 HIGH |
| Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest. | |||||