Export limit exceeded: 12206 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (12206 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-3086 1 M-files 1 M-files Server 2026-02-23 7.1 High
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service
CVE-2025-2091 1 M-files 1 M-files Mobile 2026-02-23 5.4 Medium
An open redirection vulnerability in M-Files mobile applications for Android and iOS prior to version 25.6.0 allows attackers to use maliciously crafted PDF files to trick other users into making requests to untrusted URLs.
CVE-2025-15531 1 Open5gs 1 Open5gs 2026-02-23 5.3 Medium
A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwc_bearer_add of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The issue report is flagged as already-fixed.
CVE-2025-15530 1 Open5gs 1 Open5gs 2026-02-23 5.3 Medium
A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request of the file /src/sgwc/s11-handler.c. Executing a manipulation can lead to reachable assertion. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The issue report is flagged as already-fixed.
CVE-2022-1911 1 M-files 1 M-files Server 2026-02-23 5.3 Medium
Error in parser function in M-Files Server versions before 22.6.11534.1 and before 22.6.11505.0 allowed unauthenticated access to some information of the underlying operating system.
CVE-2025-15422 2 Empiresoft, Phome 2 Empirecms, Empirecms 2026-02-23 5.3 Medium
A flaw has been found in EmpireSoft EmpireCMS up to 8.0. This issue affects the function egetip of the file e/class/connect.php of the component IP Address Handler. This manipulation causes protection mechanism failure. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2019-1187 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2026-02-20 5.5 Medium
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to an XML application. The update addresses the vulnerability by correcting how the XmlLite runtime parses XML input.
CVE-2025-36376 1 Ibm 1 Security Qradar Edr 2026-02-20 6.3 Medium
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
CVE-2025-65519 1 Mayswind 1 Ezbookkeeping 2026-02-20 6.5 Medium
mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested malicious files. This results in CPU exhaustion, service degradation, or complete service unavailability.
CVE-2024-49602 1 Dell 1 Powerscale Onefs 2026-02-20 6.5 Medium
Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2024-39578 1 Dell 1 Powerscale Onefs 2026-02-20 6.3 Medium
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, leading to denial of service, information tampering.
CVE-2024-49603 1 Dell 1 Powerscale Onefs 2026-02-20 4.3 Medium
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.
CVE-2025-43724 1 Dell 1 Powerscale Onefs 2026-02-20 4.4 Medium
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user-controlled key vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to gain unauthorized access to NFSv4 or SMB shares.
CVE-2023-32493 1 Dell 1 Powerscale Onefs 2026-02-20 7.3 High
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.
CVE-2025-36377 1 Ibm 2 Qradar Edr, Security Qradar Edr 2026-02-20 6.3 Medium
IBM Security QRadar EDR 3.12 through 3.12.23 does not invalidate session after a session expiration which could allow an authenticated user to impersonate another user on the system.
CVE-2020-37158 2 Avideo, Wwbn 2 Avideo Platform, Avideo 2026-02-20 5.3 Medium
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
CVE-2025-54917 1 Microsoft 28 Windows, Windows 10, Windows 10 1507 and 25 more 2026-02-20 4.3 Medium
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
CVE-2025-33050 1 Microsoft 7 Windows Server, Windows Server 2016, Windows Server 2019 and 4 more 2026-02-20 7.5 High
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-32725 1 Microsoft 7 Windows Server, Windows Server 2016, Windows Server 2019 and 4 more 2026-02-20 7.5 High
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
CVE-2025-47160 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2026-02-20 5.4 Medium
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.