Export limit exceeded: 74813 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74813 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-36906 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-36907 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after a bootloader unlock, with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-20053 | 1 Intel | 3 Processor, Xeon, Xeon Processors | 2026-02-26 | 7.2 High |
| Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-56190 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-20074 | 1 Intel | 1 Connectivity Performance Suite | 2026-02-26 | 7.8 High |
| Time-of-check Time-of-use race condition for some Intel(R) Connectivity Performance Suite software installers before version 40.24.11210 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-36887 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-7388 | 1 Progress | 2 Openedge, Progress | 2026-02-26 | 8.4 High |
| It was possible to perform Remote Command Execution (RCE) via Java RMI interface in the OpenEdge AdminServer, allowing authenticated users to inject and execute OS commands under the delegated authority of the AdminServer process. An RMI interface permitted manipulation of a configuration property with inadequate input validation leading to OS command injection. | ||||
| CVE-2025-20093 | 2 Intel, Linux | 2 Ethernet 800 Series Software, Linux Kernel | 2026-02-26 | 8.2 High |
| Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-9636 | 1 Pgadmin | 2 Pgadmin, Pgadmin 4 | 2026-02-26 | 7.9 High |
| pgAdmin <= 9.7 is affected by a Cross-Origin Opener Policy (COOP) vulnerability. This vulnerability allows an attacker to manipulate the OAuth flow, potentially leading to unauthorised account access, account takeover, data breaches, and privilege escalation. | ||||
| CVE-2025-20109 | 1 Intel | 1 Processors | 2026-02-26 | 7.8 High |
| Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-21086 | 2 Intel, Linux | 2 Ethernet 700 Series Software, Linux Kernel | 2026-02-26 | 7.5 High |
| Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege. | ||||
| CVE-2025-22836 | 2 Intel, Linux | 2 Ethernet 800 Series Software, Linux Kernel | 2026-02-26 | 7.8 High |
| Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-22839 | 1 Intel | 3 Processors, Xeon, Xeon Processors | 2026-02-26 | 7.5 High |
| Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2025-22840 | 1 Intel | 3 Processors, Xeon, Xeon Processors | 2026-02-26 | 7.4 High |
| Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access | ||||
| CVE-2025-26430 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26435 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a secondary user to disable the primary user's deceptive app scanning setting due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26436 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an application to launch an activity from the background due to BAL Bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-22889 | 1 Intel | 3 Processor, Xeon, Xeon Processors | 2026-02-26 | 7.9 High |
| Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-26438 | 1 Google | 1 Android | 2026-02-26 | 8.8 High |
| In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP authentication due to Incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-22893 | 2 Intel, Linux | 2 Ethernet 800 Series Software, Linux Kernel | 2026-02-26 | 7.8 High |
| Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||