Export limit exceeded: 342349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9033 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2144 | 2 Katsushi-kawamori, Wordpress | 2 Magic Login Mail Or Qr Code, Wordpress | 2026-02-18 | 8.1 High |
| The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user's account. | ||||
| CVE-2025-67905 | 1 Malwarebytes | 1 Adwcleaner | 2026-02-18 | 8.7 High |
| Malwarebytes AdwCleaner before v.8.7.0 runs as Administrator and performs an insecure log file delete operation in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link, a related issue to CVE-2023-28892. To exploit this, an attacker must create a file in a given folder path and intercept the application log file deletion flow. | ||||
| CVE-2026-1750 | 2 Ecwid, Wordpress | 2 Ecwid By Lightspeed Ecommerce Shopping Cart, Wordpress | 2026-02-18 | 8.8 High |
| The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.0.7. This is due to a missing capability check in the 'save_custom_user_profile_fields' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to supply the 'ec_store_admin_access' parameter during a profile update and gain store manager access to the site. | ||||
| CVE-2026-23599 | 1 Hpe | 1 Aruba Networking Clearpass Policy Manager | 2026-02-18 | 7.8 High |
| A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. | ||||
| CVE-2024-50619 | 1 Cipplanner | 1 Cipace | 2026-02-13 | 8.8 High |
| Vulnerabilities in the My Account and User Management components in CIPPlanner CIPAce before 9.17 allows attackers to escalate their access levels. A low-privileged authenticated user can gain access to other people's accounts by tampering with the client's user id to change their account information. A low-privileged authenticated user can elevate his or her system privileges by modifying the information of a user role that is disabled in the client. | ||||
| CVE-2026-26010 | 1 Open-metadata | 1 Openmetadata | 2026-02-13 | 7.6 High |
| OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes in OpenMetadata instances, and potential data leakage (e.g. sample data, or service metadata which would be unavailable per roles/policies). This vulnerability is fixed in 1.11.8. | ||||
| CVE-2025-21360 | 1 Microsoft | 1 Autoupdate | 2026-02-13 | 7.8 High |
| Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability | ||||
| CVE-2025-21343 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2026-02-13 | 7.5 High |
| Windows Web Threat Defense User Service Information Disclosure Vulnerability | ||||
| CVE-2025-21287 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2025-21199 | 1 Microsoft | 3 Azure Agent, Azure Agent For Backup, Azure Agent For Site Recovery | 2026-02-13 | 6.7 Medium |
| Improper privilege management in Azure Agent Installer allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24070 | 2 Microsoft, Redhat | 4 Asp.net Core, Visual Studio 2022, Enterprise Linux and 1 more | 2026-02-13 | 7 High |
| Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-29800 | 1 Microsoft | 1 Autoupdate | 2026-02-13 | 7.8 High |
| Improper privilege management in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-29976 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-02-13 | 7.8 High |
| Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49741 | 1 Microsoft | 1 Edge Chromium | 2026-02-13 | 7.4 High |
| No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-49758 | 1 Microsoft | 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more | 2026-02-13 | 8.8 High |
| Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-13979 | 2 Drupal, Salsa.digital | 2 Mini Site, Mini Site | 2026-02-12 | 5.4 Medium |
| Privilege Defined With Unsafe Actions vulnerability in Drupal Mini site allows Stored XSS.This issue affects Mini site: from 0.0.0 before 3.0.2. | ||||
| CVE-2025-27021 | 1 Nokia | 2 G42, G42 Firmware | 2026-02-11 | 7 High |
| The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by tampering with kernel memory. Details: The output of "sudo -l" reports the presence of "devmem" command executable as super user without using a password. This command allows to read and write an arbitrary memory area of the target device, specifying an absolute address. | ||||
| CVE-2026-25575 | 2 Tum, Tum-dev | 2 Navigatum, Navigatum | 2026-02-11 | 7.5 High |
| NavigaTUM is a website and API to search for rooms, buildings and other places. Prior to commit 86f34c7, there is a path traversal vulnerability in the propose_edits endpoint allows unauthenticated users to overwrite files in directories writable by the application user (e.g., /cdn). By supplying unsanitized file keys containing traversal sequences (e.g., ../../) in the JSON payload, an attacker can escape the intended temporary directory and replace public facing images or fill the server's storage. This issue has been patched via commit 86f34c7. | ||||
| CVE-2026-25643 | 2 Blakeblackshear, Frigate | 2 Frigate, Frigate | 2026-02-11 | 9.1 Critical |
| Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application does not sanitize user input in the video stream configuration (config.yaml), allowing direct injection of system commands via the exec: directive. The go2rtc service executes these commands without restrictions. This vulnerability is only exploitable by an administrator or users who have exposed their Frigate install to the open internet with no authentication which allows anyone full administrative control. This vulnerability is fixed in 0.16.4. | ||||
| CVE-2025-69875 | 1 Quickheal | 1 Total Security | 2026-02-11 | 7.8 High |
| A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation. | ||||