Search
Search Results (331944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-13064 | 1 Axis Communications Ab | 1 Axis Camera Station Pro | 2026-02-10 | 4.5 Medium |
| A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a client that have been tampered with. | ||||
| CVE-2025-12757 | 1 Axis Communications Ab | 1 Axis Camera Station Pro | 2026-02-10 | 4.6 Medium |
| An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to. | ||||
| CVE-2025-11547 | 1 Axis Communications Ab | 1 Axis Camera Station Pro | 2026-02-10 | 7.8 High |
| AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user. | ||||
| CVE-2025-11142 | 1 Axis Communications Ab | 1 Axis Os | 2026-02-10 | 7.1 High |
| The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account. | ||||
| CVE-2026-25981 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25980 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25979 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25978 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25977 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25976 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25975 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25974 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-25973 | 2026-02-10 | N/A | ||
| Not used | ||||
| CVE-2026-21419 | 2026-02-10 | 6.6 Medium | ||
| Dell Display and Peripheral Manager (Windows) versions prior to 2.2 contain an Improper Link Resolution Before File Access ('Link Following') vulnerability in the Installer and Service. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges | ||||
| CVE-2026-1731 | 1 Beyondtrust | 2 Privileged Remote Access, Remote Support | 2026-02-10 | N/A |
| BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user. | ||||
| CVE-2026-25848 | 2026-02-10 | 9.1 Critical | ||
| In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible | ||||
| CVE-2026-2260 | 2026-02-10 | 7.2 High | ||
| A vulnerability was found in D-Link DCS-931L up to 1.13.0. This affects an unknown part of the file /goform/setSysAdmin. The manipulation of the argument AdminID results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-2259 | 2026-02-10 | 3.3 Low | ||
| A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2f45fe860d00990e79e13250251c1dde633f1f89. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2026-24328 | 2026-02-10 | 6.1 Medium | ||
| SAP TAF_APPLAUNCHER within Business Server Pages allows unauthenticated attacker to craft malicious links that, when clicked by a victim, redirect them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on confidentiality and integrity, with no impact on the availability of the application. | ||||
| CVE-2026-24327 | 2026-02-10 | 4.3 Medium | ||
| Due to missing authorization check in SAP Strategic Enterprise Management (Balanced Scorecard in Business Server Pages), an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or availability. | ||||