Export limit exceeded: 15481 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21513 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21513 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-48812 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-13 | 5.5 Medium |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-49691 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-13 | 8 High |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network. | ||||
| CVE-2025-49687 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 8.8 High |
| Out-of-bounds read in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-49674 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-13 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-49671 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-13 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-49658 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 5.5 Medium |
| Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-47987 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-13 | 7.8 High |
| Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53783 | 1 Microsoft | 6 Dynamics 365 Guides, Dynamics 365 Remote Assist, Teams and 3 more | 2026-02-13 | 7.5 High |
| Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53766 | 1 Microsoft | 29 Gdi+, Gdiplus, Office and 26 more | 2026-02-13 | 9.8 Critical |
| Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53736 | 1 Microsoft | 20 365, 365 Apps, Office and 17 more | 2026-02-13 | 6.8 Medium |
| Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-25007 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 5.3 Medium |
| Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-66409 | 1 Espressif | 1 Esp-idf | 2026-02-13 | 9.1 Critical |
| ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command buffer length. This may lead to an out-of-bounds read, potentially exposing unintended memory content or causing unexpected behavior. | ||||
| CVE-2022-37020 | 1 Hp | 52 Elite Slice, Elite Slice Firmware, Elite Slice For Meeting Rooms and 49 more | 2026-02-13 | 6.8 Medium |
| Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | ||||
| CVE-2025-54169 | 2 Qnap, Qnap Systems | 2 File Station, File Station 5 | 2026-02-12 | 6.5 Medium |
| An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later | ||||
| CVE-2024-56807 | 1 Qnap | 1 Media Streaming Add-on | 2026-02-12 | 5.5 Medium |
| An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later | ||||
| CVE-2025-54170 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-12 | 6.5 Medium |
| An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-57709 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-12 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-52869 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-12 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-52870 | 2 Qnap, Qnap Systems | 2 Qsync Central, Qsync Central | 2026-02-12 | 8.1 High |
| A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later | ||||
| CVE-2025-12474 | 1 Google | 1 Libjxl | 2026-02-11 | 3.1 Low |
| A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating those areas. | ||||