Export limit exceeded: 334978 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (334978 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2630 | 1 Tenable | 1 Security Center | 2026-02-26 | 8.8 High |
| A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security Center is hosted. | ||||
| CVE-2026-22769 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2026-02-26 | 10 Critical |
| Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | ||||
| CVE-2026-22284 | 1 Dell | 1 Smartfabric Os10 Software | 2026-02-26 | 6.6 Medium |
| Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. | ||||
| CVE-2025-13691 | 1 Ibm | 1 Datastage On Cloud Pak For Data | 2026-02-26 | 8.1 High |
| IBM DataStage on Cloud Pak for Data 5.1.2 through 5.3.0 returns sensitive information in an HTTP response that could be used to impersonate other users in the system. | ||||
| CVE-2025-33088 | 2 Ibm, Linux | 2 Concert, Linux Kernel | 2026-02-26 | 7.4 High |
| IBM Concert 1.0.0 through 2.1.0 could allow a local user with specific knowledge about the system's architecture to escalate their privileges due to incorrect file permissions for critical resources. | ||||
| CVE-2025-13689 | 1 Ibm | 2 Datastage On Cloud Pak, Datastage On Cloud Pak For Data | 2026-02-26 | 8.8 High |
| IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads. | ||||
| CVE-2026-26119 | 1 Microsoft | 1 Windows Admin Center | 2026-02-26 | 8.8 High |
| Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-33236 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where malicious data created by an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33241 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by loading a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33243 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution in distributed environments. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33245 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 8 High |
| NVIDIA NeMo Framework contains a vulnerability where malicious data could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33246 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in the ASR Evaluator utility, where a user could cause a command injection by supplying crafted input to a configuration parameter. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, or information disclosure. | ||||
| CVE-2025-33249 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework for all platforms contains a vulnerability in a voice-preprocessing script, where malicious input created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-33250 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33251 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33252 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-33253 | 1 Nvidia | 2 Nemo, Nemo Framework | 2026-02-26 | 7.8 High |
| NVIDIA NeMo Framework contains a vulnerability where an attacker could cause remote code execution by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2026-20144 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Enterprise | 2026-02-26 | 6.8 Medium |
| In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.8, and 9.2.11, and Splunk Cloud Platform versions below 10.2.2510.0, 10.1.2507.11, 10.0.2503.9, and 9.3.2411.120, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the the Splunk _internal index could view the Security Assertion Markup Language (SAML) configurations for Attribute query requests (AQRs) or Authentication extensions in plain text within the conf.log file, depending on which feature is configured. | ||||
| CVE-2026-20138 | 1 Splunk | 2 Splunk, Splunk Enterprise | 2026-02-26 | 6.8 Medium |
| In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could view the `integrationKey`, `secretKey`, and `appSecretKey` secrets, generated by [Duo Two-Factor Authentication for Splunk Enterprise](https://duo.com/docs/splunk), in plain text. | ||||
| CVE-2026-20142 | 1 Splunk | 2 Splunk, Splunk Enterprise | 2026-02-26 | 6.8 Medium |
| In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.7, 9.3.9, and 9.2.11, a user of a Splunk Search Head Cluster (SHC) deployment who holds a role with access to the Splunk `_internal` index could view the RSA `accessKey` value from the [<u>Authentication.conf</u> ](https://help.splunk.com/en/splunk-enterprise/administer/admin-manual/10.2/configuration-file-reference/10.2.0-configuration-file-reference/authentication.conf)file, in plain text. | ||||