Total
34918 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-20674 | 1 Apple | 2 Ipados, Iphone Os | 2026-02-13 | N/A | 4.6 MEDIUM |
| A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information. | |||||
| CVE-2026-20662 | 1 Apple | 1 Macos | 2026-02-13 | N/A | 4.6 MEDIUM |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information. | |||||
| CVE-2026-2315 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-13 | N/A | 8.8 HIGH |
| Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-12784 | 1 Hp | 124 7kw48a, 7kw48a Firmware, 7kw49a and 121 more | 2026-02-13 | N/A | 4.9 MEDIUM |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | |||||
| CVE-2025-12785 | 1 Hp | 124 7kw48a, 7kw48a Firmware, 7kw49a and 121 more | 2026-02-13 | N/A | 7.5 HIGH |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | |||||
| CVE-2020-0919 | 1 Microsoft | 1 Windows App | 2026-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries, aka 'Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability'. | |||||
| CVE-2025-54373 | 1 Open-emr | 1 Openemr | 2026-02-12 | N/A | 6.5 MEDIUM |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability where sensitive data is unintentionally revealed to unauthorized parties. Contents of Clinical Notes and Care Plan, where an encounter has Sensitivity=high, can be viewed and changed by users who do not have Sensitivities=high privilege. Version 7.0.4 fixes the issue. | |||||
| CVE-2025-67645 | 1 Open-emr | 1 Openemr | 2026-02-12 | N/A | 8.8 HIGH |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters (pubpid / pid) to reference another user’s record; the server accepts the modified IDs and applies the changes to that other user’s profile. This allows one user to alter another user’s profile data (name, contact info, etc.), and could enable account takeover. Version 7.0.4 fixes the issue. | |||||
| CVE-2026-20669 | 1 Apple | 1 Macos | 2026-02-12 | N/A | 5.5 MEDIUM |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data. | |||||
| CVE-2026-20666 | 1 Apple | 1 Macos | 2026-02-12 | N/A | 5.5 MEDIUM |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data. | |||||
| CVE-2026-0405 | 1 Netgear | 50 Cbr750, Cbr750 Firmware, Nbr750 and 47 more | 2026-02-12 | N/A | 7.8 HIGH |
| An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin. | |||||
| CVE-2026-0404 | 1 Netgear | 24 Rbr750, Rbr750 Firmware, Rbr840 and 21 more | 2026-02-12 | N/A | 8.0 HIGH |
| An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default. | |||||
| CVE-2025-43914 | 1 Dell | 1 Data Domain Operating System | 2026-02-12 | N/A | 7.5 HIGH |
| Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | |||||
| CVE-2025-27023 | 1 Nokia | 2 G42, G42 Firmware | 2026-02-11 | N/A | 6.5 MEDIUM |
| Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows remote authenticated users to read all OS files via crafted CLI commands. Details: The web interface based management of the Infinera G42 appliance enables the feature of executing a restricted set of commands. This feature also offers the option to execute a script-file already present on the target device. When a non-script or incorrect file is specified, the content of the file is shown along with an error message. Due to an execution of the http service with a privileged user all files on the file system can be viewed this way. | |||||
| CVE-2025-47366 | 1 Qualcomm | 318 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 315 more | 2026-02-11 | N/A | 7.1 HIGH |
| Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input. | |||||
| CVE-2023-36881 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 4.5 MEDIUM |
| Azure Apache Ambari Spoofing Vulnerability | |||||
| CVE-2023-36419 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 8.8 HIGH |
| Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability | |||||
| CVE-2023-38188 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 4.5 MEDIUM |
| Azure Apache Hadoop Spoofing Vulnerability | |||||
| CVE-2023-35394 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 4.6 MEDIUM |
| Azure HDInsight Jupyter Notebook Spoofing Vulnerability | |||||
| CVE-2023-35393 | 1 Microsoft | 1 Azure Hdinsight | 2026-02-11 | N/A | 4.5 MEDIUM |
| Azure Apache Hive Spoofing Vulnerability | |||||