Export limit exceeded: 337774 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337774 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13219 | 2 Ibm, Linux | 2 Aspera Orchestrator, Linux Kernel | 2026-03-12 | 5.9 Medium |
| IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. | ||||
| CVE-2026-27281 | 1 Adobe | 2 Dng Sdk, Dng Software Development Kit | 2026-03-12 | 5.5 Medium |
| DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-27280 | 1 Adobe | 2 Dng Sdk, Dng Software Development Kit | 2026-03-12 | 7.8 High |
| DNG SDK versions 1.7.1 2471 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-26742 | 1 Dronecode | 1 Px4 Drone Autopilot | 2026-03-12 | 8.1 High |
| PX4 Autopilot versions 1.12.x through 1.15.x contain a protection mechanism failure in the "Re-arm Grace Period" logic. The system incorrectly applies the in-air emergency re-arm logic to ground scenarios. If a pilot switches to Manual mode and re-arms within 5 seconds (default configuration) of an automatic landing, the system bypasses all pre-flight safety checks, including the throttle threshold check. This allows for an immediate high-thrust takeoff if the throttle stick is raised, leading to loss of control. | ||||
| CVE-2026-26741 | 1 Dronecode | 1 Px4 Drone Autopilot | 2026-03-12 | 8.1 High |
| PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state (after landing and before the automatic disarm triggered by the COM_DISARM_LAND parameter), the system lacks a throttle threshold safety check for the physical throttle stick. This flaw can directly cause the drone to lose control, experience rapid uncontrolled ascent (flyaway), and result in property damage | ||||
| CVE-2026-3845 | 1 Mozilla | 1 Firefox | 2026-03-12 | 8.8 High |
| Heap buffer overflow in the Audio/Video: Playback component in Firefox for Android. This vulnerability affects Firefox < 148.0.2. | ||||
| CVE-2026-20841 | 1 Microsoft | 2 Window Notepad, Windows Notepad | 2026-03-12 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-26119 | 1 Microsoft | 1 Windows Admin Center | 2026-03-12 | 8.8 High |
| Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20846 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-12 | 7.5 High |
| Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-21222 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-03-12 | 5.5 Medium |
| Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-21228 | 1 Microsoft | 1 Azure Local | 2026-03-12 | 8.1 High |
| Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-21231 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-12 | 7.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21232 | 1 Microsoft | 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more | 2026-03-12 | 7.8 High |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21237 | 1 Microsoft | 19 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 16 more | 2026-03-12 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21238 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-03-12 | 7.8 High |
| Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21239 | 1 Microsoft | 28 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 25 more | 2026-03-12 | 7.8 High |
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21241 | 1 Microsoft | 15 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 12 more | 2026-03-12 | 7 High |
| Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21240 | 1 Microsoft | 22 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 19 more | 2026-03-12 | 7.8 High |
| Time-of-check time-of-use (toctou) race condition in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21243 | 1 Microsoft | 8 Windows Server 2019, Windows Server 2019 (server Core Installation), Windows Server 2022 and 5 more | 2026-03-12 | 7.5 High |
| Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-21244 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-03-12 | 7.3 High |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||