Total
34918 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37134 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability to gain root-level access. | |||||
| CVE-2023-32487 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 7.8 HIGH |
| Dell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. | |||||
| CVE-2023-32486 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
| CVE-2024-37132 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges. | |||||
| CVE-2023-32495 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 7.8 HIGH |
| Dell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges. | |||||
| CVE-2024-37133 | 1 Dell | 1 Powerscale Onefs | 2026-02-20 | N/A | 6.7 MEDIUM |
| Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to unauthorized gain of root-level access. | |||||
| CVE-2023-38005 | 1 Ibm | 1 Cloud Pak System | 2026-02-20 | N/A | 4.3 MEDIUM |
| IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls. | |||||
| CVE-2025-13821 | 1 Mattermost | 1 Mattermost Server | 2026-02-18 | N/A | 5.7 MEDIUM |
| Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensitive data in WebSocket messages which allows authenticated users to exfiltrate password hashes and MFA secrets via profile nickname updates or email verification events. Mattermost Advisory ID: MMSA-2025-00560 | |||||
| CVE-2026-26273 | 1 Withknown | 1 Known | 2026-02-18 | N/A | 9.8 CRITICAL |
| Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier. The application leaks the password reset token within a hidden HTML input field on the password reset page. This allows any unauthenticated attacker to retrieve the reset token for any user by simply querying the user's email, leading to full Account Takeover (ATO) without requiring access to the victim's email inbox. This vulnerability is fixed in 1.6.3. | |||||
| CVE-2025-36425 | 1 Ibm | 1 Db2 | 2026-02-18 | N/A | 5.3 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to obtain sensitive information under specific HADR configuration. | |||||
| CVE-2022-31342 | 1 Oretnom23 | 1 Online Car Wash Booking System | 2026-02-18 | 5.5 MEDIUM | 6.5 MEDIUM |
| Online Car Wash Booking System v1.0 is vulnerable to Delete any file via /ocwbs/classes/Master.php?f=delete_img. | |||||
| CVE-2023-29130 | 1 Siemens | 1 Simatic Cn 4100 Firmware | 2026-02-18 | N/A | 9.9 CRITICAL |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.5). Affected device consists of improper access controls in the configuration files that leads to privilege escalation. An attacker could gain admin access with this vulnerability leading to complete device control. | |||||
| CVE-2023-39677 | 2 Myprestamodules, Updateproducts Project | 2 Product Catalog \(csv\, Excel\) Import, Updateproducts | 2026-02-18 | N/A | 7.5 HIGH |
| MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. | |||||
| CVE-2025-47911 | 1 Go | 1 Html | 2026-02-18 | N/A | 5.3 MEDIUM |
| The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. | |||||
| CVE-2026-21626 | 1 Stackideas | 1 Easydiscuss | 2026-02-18 | N/A | 7.5 HIGH |
| Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure | |||||
| CVE-2026-20618 | 1 Apple | 1 Macos | 2026-02-18 | N/A | 5.5 MEDIUM |
| An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data. | |||||
| CVE-2024-37370 | 1 Mit | 1 Kerberos 5 | 2026-02-18 | N/A | 7.5 HIGH |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. | |||||
| CVE-2026-23836 | 1 Hotcrp | 1 Hotcrp | 2026-02-18 | N/A | 9.9 CRITICAL |
| HotCRP is conference review software. A problem introduced in April 2024 in version 3.1 led to inadequately sanitized code generation for HotCRP formulas which allowed users to trigger the execution of arbitrary PHP code. The problem is patched in release version 3.2. | |||||
| CVE-2026-20642 | 1 Apple | 2 Ipados, Iphone Os | 2026-02-18 | N/A | 2.4 LOW |
| An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen. | |||||
| CVE-2026-20603 | 1 Apple | 1 Macos | 2026-02-18 | N/A | 4.4 MEDIUM |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information. | |||||