Export limit exceeded: 34905 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34905 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39677 | 2 Myprestamodules, Updateproducts Project | 2 Product Catalog \(csv\, Excel\) Import, Updateproducts | 2026-02-18 | 7.5 High |
| MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php. | ||||
| CVE-2025-47911 | 2 Go, Golang | 2 Html, Net | 2026-02-18 | 5.3 Medium |
| The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. | ||||
| CVE-2024-37370 | 2 Mit, Redhat | 8 Kerberos 5, Enterprise Linux, Rhel Aus and 5 more | 2026-02-18 | 7.5 High |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application. | ||||
| CVE-2025-57783 | 2 Hiawatha, Hiawatha-webserver | 2 Web Server, Hiawatha | 2026-02-18 | 5.3 Medium |
| Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver. | ||||
| CVE-2025-57784 | 2 Hiawatha, Hiawatha-webserver | 2 Web Server, Hiawatha | 2026-02-18 | 4 Medium |
| Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client. | ||||
| CVE-2025-20644 | 1 Mediatek | 41 Mt2735, Mt2737, Mt6833 and 38 more | 2026-02-17 | 6.5 Medium |
| In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747. | ||||
| CVE-2025-21389 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.5 High |
| Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2025-21300 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.5 High |
| Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability | ||||
| CVE-2023-28322 | 5 Apple, Fedoraproject, Haxx and 2 more | 17 Macos, Fedora, Curl and 14 more | 2026-02-13 | 5.3 Medium |
| An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST. | ||||
| CVE-2025-21245 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21409 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21223 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21238 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21240 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21250 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21417 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21246 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21185 | 1 Microsoft | 1 Edge Chromium | 2026-02-13 | 6.5 Medium |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2025-21325 | 1 Microsoft | 11 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 8 more | 2026-02-13 | 7.8 High |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | ||||
| CVE-2025-21311 | 1 Microsoft | 5 Windows 11 24h2, Windows 11 24h2, Windows Server 2022 23h2 and 2 more | 2026-02-13 | 9.8 Critical |
| Windows NTLM V1 Elevation of Privilege Vulnerability | ||||