Export limit exceeded: 24994 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24994 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47980 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 6.2 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-49719 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2026-02-13 | 7.5 High |
| Improper input validation in SQL Server allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-49671 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-13 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53728 | 1 Microsoft | 1 Dynamics 365 | 2026-02-13 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53156 | 1 Microsoft | 9 Server, Windows, Windows 11 24h2 and 6 more | 2026-02-13 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53136 | 1 Microsoft | 26 Windows, Windows 10 1507, Windows 10 1607 and 23 more | 2026-02-13 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-53134 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-13 | 7 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50154 | 1 Microsoft | 27 Windows, Windows 10 1507, Windows 10 1607 and 24 more | 2026-02-13 | 6.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-25005 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 6.5 Medium |
| Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tampering over a network. | ||||
| CVE-2025-53781 | 1 Microsoft | 34 Dcadsv5 Series Azure Vm, Dcasv5 Series Azure Vm, Dcedsv5 Series Azure Vm and 31 more | 2026-02-13 | 7.7 High |
| Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-33051 | 1 Microsoft | 4 Exchange Server, Exchange Server 2016, Exchange Server 2019 and 1 more | 2026-02-13 | 7.5 High |
| Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2026-2317 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-13 | 6.5 Medium |
| Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-12784 | 1 Hp | 135 7kw48a, 7kw48a Firmware, 7kw49a and 132 more | 2026-02-13 | 4.9 Medium |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | ||||
| CVE-2025-12785 | 1 Hp | 137 7kw48a, 7kw48a Firmware, 7kw49a and 134 more | 2026-02-13 | 7.5 High |
| Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP Server. | ||||
| CVE-2026-25475 | 1 Openclaw | 1 Openclaw | 2026-02-13 | 6.5 Medium |
| OpenClaw is a personal AI assistant. Prior to version 2026.1.30, the isValidMedia() function in src/media/parse.ts allows arbitrary file paths including absolute paths, home directory paths, and directory traversal sequences. An agent can read any file on the system by outputting MEDIA:/path/to/file, exfiltrating sensitive data to the user/channel. This issue has been patched in version 2026.1.30. | ||||
| CVE-2025-54373 | 2 Open-emr, Openemr | 2 Openemr, Openemr | 2026-02-12 | 6.5 Medium |
| OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a vulnerability where sensitive data is unintentionally revealed to unauthorized parties. Contents of Clinical Notes and Care Plan, where an encounter has Sensitivity=high, can be viewed and changed by users who do not have Sensitivities=high privilege. Version 7.0.4 fixes the issue. | ||||
| CVE-2026-20027 | 1 Cisco | 3 Secure Firewall Threat Defense, Snort, Utd Snort Ips Engine Software | 2026-02-12 | 5.3 Medium |
| Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to obtain sensitive information in the Snort 3 data stream. | ||||
| CVE-2025-67399 | 1 Airth | 1 Smart Home Aqi Monitor Bootloader | 2026-02-12 | 4.6 Medium |
| An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a physically proximate attacker to obtain sensitive information via the UART port of the BK7231N controller (Wi-Fi and BLE module) on the device is open to access | ||||
| CVE-2025-13295 | 2 Argustech, Argusteknoloji | 2 Bilger, Bilger | 2026-02-12 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in Argus Technology Inc. BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.9. | ||||
| CVE-2025-12131 | 1 Silabs | 2 Simplicity Sdk, Simplicity Software Development Kit | 2026-02-12 | 6.5 Medium |
| A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. | ||||