Total
29818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25967 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execution with unnecessary privileges vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
| CVE-2023-32488 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2024-49603 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 4.3 MEDIUM |
| Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2024-25964 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-25966 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2025-64528 | 1 Discourse | 1 Discourse | 2026-02-20 | N/A | 5.3 MEDIUM |
| Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when `enable_names` is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix. | |||||
| CVE-2025-23155 | 1 Linux | 1 Linux Kernel | 2026-02-19 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinity_hint In stmmac_request_irq_multi_msi(), a pointer to the stack variable cpu_mask is passed to irq_set_affinity_hint(). This value is stored in irq_desc->affinity_hint, but once stmmac_request_irq_multi_msi() returns, the pointer becomes dangling. The affinity_hint is exposed via procfs with S_IRUGO permissions, allowing any unprivileged process to read it. Accessing this stale pointer can lead to: - a kernel oops or panic if the referenced memory has been released and unmapped, or - leakage of kernel data into userspace if the memory is re-used for other purposes. All platforms that use stmmac with PCI MSI (Intel, Loongson, etc) are affected. | |||||
| CVE-2026-0391 | 1 Microsoft | 1 Edge Chromium | 2026-02-18 | N/A | 6.5 MEDIUM |
| User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | |||||
| CVE-2026-2054 | 1 Dlink | 4 Dir-605l, Dir-605l Firmware, Dir-619l and 1 more | 2026-02-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2026-2055 | 1 Dlink | 4 Dir-605l, Dir-605l Firmware, Dir-619l and 1 more | 2026-02-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2023-31726 | 1 Alistgo | 1 Alist | 2026-02-13 | N/A | 7.5 HIGH |
| AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information. | |||||
| CVE-2025-36009 | 1 Ibm | 1 Db2 | 2026-02-11 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to excessive use of a global variable. | |||||
| CVE-2025-52631 | 1 Hcltech | 1 Aion | 2026-02-11 | N/A | 3.7 LOW |
| HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0. | |||||
| CVE-2025-20991 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 4.0 MEDIUM |
| Improper export of Android application components in Bluetooth prior to SMR Jun-2025 Release 1 allows local attackers to make devices discoverable. | |||||
| CVE-2025-20989 | 1 Samsung | 1 Android | 2026-02-10 | N/A | 5.2 MEDIUM |
| Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmac_key. | |||||
| CVE-2025-52629 | 1 Hcltech | 1 Aion | 2026-02-10 | N/A | 3.7 LOW |
| HCL AION is susceptible to Missing Content-Security-Policy. An The absence of a CSP header may increase the risk of cross-site scripting and other content injection attacks by allowing unsafe scripts or resources to execute..This issue affects AION: 2.0. | |||||
| CVE-2026-24916 | 1 Huawei | 1 Harmonyos | 2026-02-10 | N/A | 5.9 MEDIUM |
| Identity authentication bypass vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-53533 | 1 Linux | 1 Linux Kernel | 2026-02-09 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: Input: raspberrypi-ts - fix refcount leak in rpi_ts_probe rpi_firmware_get() take reference, we need to release it in error paths as well. Use devm_rpi_firmware_get() helper to handling the resources. Also remove the existing rpi_firmware_put(). | |||||
| CVE-2023-53592 | 1 Linux | 1 Linux Kernel | 2026-02-09 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: gpio: sifive: Fix refcount leak in sifive_gpio_probe of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2007-2774 | 1 Sunlight-cms | 1 Sunlight Cms | 2026-02-06 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php. | |||||