Export limit exceeded: 341102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9010 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27021 | 1 Nokia | 2 G42, G42 Firmware | 2026-02-11 | 7 High |
| The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure, denial of service, and privilege escalation by tampering with kernel memory. Details: The output of "sudo -l" reports the presence of "devmem" command executable as super user without using a password. This command allows to read and write an arbitrary memory area of the target device, specifying an absolute address. | ||||
| CVE-2026-25575 | 2 Tum, Tum-dev | 2 Navigatum, Navigatum | 2026-02-11 | 7.5 High |
| NavigaTUM is a website and API to search for rooms, buildings and other places. Prior to commit 86f34c7, there is a path traversal vulnerability in the propose_edits endpoint allows unauthenticated users to overwrite files in directories writable by the application user (e.g., /cdn). By supplying unsanitized file keys containing traversal sequences (e.g., ../../) in the JSON payload, an attacker can escape the intended temporary directory and replace public facing images or fill the server's storage. This issue has been patched via commit 86f34c7. | ||||
| CVE-2026-25643 | 2 Blakeblackshear, Frigate | 2 Frigate, Frigate | 2026-02-11 | 9.1 Critical |
| Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application does not sanitize user input in the video stream configuration (config.yaml), allowing direct injection of system commands via the exec: directive. The go2rtc service executes these commands without restrictions. This vulnerability is only exploitable by an administrator or users who have exposed their Frigate install to the open internet with no authentication which allows anyone full administrative control. This vulnerability is fixed in 0.16.4. | ||||
| CVE-2025-69875 | 1 Quickheal | 1 Total Security | 2026-02-11 | 7.8 High |
| A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. This behavior can be abused by a local attacker to place files in high-privilege locations, potentially leading to privilege escalation. | ||||
| CVE-2025-3569 | 1 Jameszbl | 1 Db-hospital-drug | 2026-02-10 | 6.3 Medium |
| A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ShiroConfig.java. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-52334 | 1 Siemens | 1 Syngo Plaza Vb30e | 2026-02-10 | 5.3 Medium |
| A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF07). The affected application does not encrypt the passwords properly. This could allow an attacker to recover the original passwords and might gain unauthorized access. | ||||
| CVE-2026-24923 | 1 Huawei | 1 Harmonyos | 2026-02-10 | 6.3 Medium |
| Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-14778 | 1 Redhat | 2 Build Keycloak, Build Of Keycloak | 2026-02-10 | 5.4 Medium |
| A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first resource in the policy's list. This allows a user (Owner A) who owns one resource (RA) to update a shared policy and modify authorization rules for other resources (e.g., RB) in that same policy, even if those other resources are owned by a different user (Owner B). This constitutes a horizontal privilege escalation. | ||||
| CVE-2025-13881 | 1 Redhat | 1 Build Keycloak | 2026-02-10 | 2.7 Low |
| A flaw was found in Keycloak Admin API. This vulnerability allows an administrator with limited privileges to retrieve sensitive custom attributes via the /unmanagedAttributes endpoint, bypassing User Profile visibility settings. | ||||
| CVE-2026-24920 | 1 Huawei | 2 Emui, Harmonyos | 2026-02-09 | 6.2 Medium |
| Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-24931 | 1 Huawei | 1 Harmonyos | 2026-02-09 | 5.9 Medium |
| Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-15100 | 1 Wordpress | 1 Wordpress | 2026-02-09 | 8.8 High |
| The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_panel_ajax_update_profile' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator. | ||||
| CVE-2025-15027 | 1 Wordpress | 1 Wordpress | 2026-02-09 | 9.8 Critical |
| The JAY Login & Register plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.6.03. This is due to the plugin allowing a user to update arbitrary user meta through the 'jay_login_register_ajax_create_final_user' function. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator. | ||||
| CVE-2022-29164 | 1 Argoproj | 1 Argo Workflows | 2026-02-06 | 7.1 High |
| Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script which uses XHR calls to interact with the Argo Server API. The attacker emails the deep-link to the artifact to their victim. The victim opens the link, the script starts running. As the script has access to the Argo Server API (as the victim), so may read information about the victim’s workflows, or create and delete workflows. Note the attacker must be an insider: they must have access to the same cluster as the victim and must already be able to run their own workflows. The attacker must have an understanding of the victim’s system. We have seen no evidence of this in the wild. We urge all users to upgrade to the fixed versions. | ||||
| CVE-2026-1010 | 1 Altium | 2 Altium 365, On-prem Enterprise Server | 2026-02-05 | 8 High |
| A stored cross-site scripting (XSS) vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data. When an administrator views the affected workflow, the injected payload executes in the administrator’s browser context, allowing privilege escalation, including creation of new administrator accounts, session token theft, and execution of administrative actions. | ||||
| CVE-2025-63384 | 1 Chipsalliance | 2 Rocket-chip, Rocketchip | 2026-02-05 | 6.5 Medium |
| A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET (Supervisor-mode Exception Return) instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode (M-mode) to Supervisor-mode (S-mode) as specified by the sstatus.SPP bit, the processor incorrectly remains in M-mode, leading to a critical privilege retention vulnerability. | ||||
| CVE-2016-11003 | 1 Elegantthemes | 1 Bloom | 2026-02-04 | 8.8 High |
| The Elegant Themes Bloom plugin before 1.1.1 for WordPress has privilege escalation. | ||||
| CVE-2025-13176 | 1 Eset | 1 Inspect Connector | 2026-02-04 | N/A |
| Planting a custom configuration file in ESET Inspect Connector allow load a malicious DLL. | ||||
| CVE-2025-15030 | 1 Wordpress | 1 Wordpress | 2026-02-04 | 9.8 Critical |
| The User Profile Builder WordPress plugin before 3.15.2 does not have a proper password reset process, allowing a few unauthenticated requests to reset the password of any user by knowing their username, such as administrator ones, and therefore gain access to their account | ||||
| CVE-2026-22708 | 2 Anysphere, Cursor | 2 Cursor, Cursor | 2026-02-03 | 9.8 Critical |
| Cursor is a code editor built for programming with AI. Prior to 2.3, hen the Cursor Agent is running in Auto-Run Mode with Allowlist mode enabled, certain shell built-ins can still be executed without appearing in the allowlist and without requiring user approval. This allows an attacker via indirect or direct prompt injection to poison the shell environment by setting, modifying, or removing environment variables that influence trusted commands. This vulnerability is fixed in 2.3. | ||||