Export limit exceeded: 34935 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 15488 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15488 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53033 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2026-02-26 | 7.8 High |
| Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. | ||||
| CVE-2024-53034 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2026-02-26 | 7.8 High |
| Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. | ||||
| CVE-2024-56346 | 1 Ibm | 1 Aix | 2026-02-26 | 10 Critical |
| IBM AIX 7.2 and 7.3 nimesis NIM master service could allow a remote attacker to execute arbitrary commands due to improper process controls. | ||||
| CVE-2024-56347 | 1 Ibm | 1 Aix | 2026-02-26 | 9.6 Critical |
| IBM AIX 7.2 and 7.3 nimsh service SSL/TLS protection mechanisms could allow a remote attacker to execute arbitrary commands due to improper process controls. | ||||
| CVE-2024-0179 | 2026-02-26 | 8.2 High | ||
| SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution. | ||||
| CVE-2024-31155 | 1 Intel | 1 Processors | 2026-02-26 | 7.5 High |
| Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-48267 | 2026-02-26 | 7.9 High | ||
| Improper buffer restrictions in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-1950 | 1 Ibm | 2 Hardware Management Console, Power Hardware Management Console | 2026-02-26 | 9.3 Critical |
| IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands locally due to improper validation of libraries of an untrusted source. | ||||
| CVE-2025-31651 | 1 Apache | 1 Tomcat | 2026-02-26 | 9.8 Critical |
| Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely rewrite rule configurations, it was possible for a specially crafted request to bypass some rewrite rules. If those rewrite rules effectively enforced security constraints, those constraints could be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.5, from 10.1.0-M1 through 10.1.39, from 9.0.0.M1 through 9.0.102. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version [FIXED_VERSION], which fixes the issue. | ||||
| CVE-2025-35003 | 1 Apache | 1 Nuttx | 2026-02-26 | 9.8 Critical |
| Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets. NuttX's Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues. This issue affects Apache NuttX: from 7.25 before 12.9.0. | ||||
| CVE-2025-24338 | 2026-02-26 | 7.1 High | ||
| A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (lowprivileged) attacker to execute arbitrary client-side code in the context of another user's browser via multiple crafted HTTP requests. | ||||
| CVE-2025-48927 | 1 Smarsh | 1 Telemessage | 2026-02-26 | 5.3 Medium |
| The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. | ||||
| CVE-2025-6543 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2026-02-26 | 9.8 Critical |
| Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | ||||
| CVE-2025-33076 | 1 Ibm | 2 Engineering Systems Design Rhapsody, Rhapsody Design Manager | 2026-02-26 | 8.8 High |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | ||||
| CVE-2025-33077 | 1 Ibm | 2 Engineering Systems Design Rhapsody, Rhapsody Design Manager | 2026-02-26 | 8.8 High |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | ||||
| CVE-2023-31325 | 1 Amd | 6 Radeon, Radeon Pro W7000, Radeon Rx 7000 and 3 more | 2026-02-26 | 7.2 High |
| Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity. | ||||
| CVE-2025-36222 | 1 Ibm | 3 Storage Fusion, Storage Fusion Hci, Storage Fusion Hci For Watsonx | 2026-02-26 | 8.7 High |
| IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions. | ||||
| CVE-2025-26503 | 1 Windriver | 1 Vxworks | 2026-02-26 | 6.7 Medium |
| A crafted system call argument can cause memory corruption. | ||||
| CVE-2025-36156 | 1 Ibm | 2 Infosphere Data Replication, Infosphere Data Replication Vsam For Z\/os Remote Source | 2026-02-26 | 7.4 High |
| IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with access to the files storing CECSUB or CECRM on the container could overflow the buffer and execute arbitrary code on the system. | ||||
| CVE-2025-21483 | 1 Qualcomm | 455 Apq8017, Apq8017 Firmware, Apq8064au and 452 more | 2026-02-26 | 9.8 Critical |
| Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. | ||||