Search
Search Results (333217 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-27037 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27036 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27035 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27034 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27033 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27032 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27031 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-23599 | 2026-02-18 | 7.8 High | ||
| A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. | ||||
| CVE-2026-22048 | 2026-02-18 | 7.1 High | ||
| StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptible to a Server-Side Request Forgery (SSRF) vulnerability. Successful exploit could allow an authenticated attacker with low privileges to delete configuration data or deny access to some resources. | ||||
| CVE-2026-1344 | 1 Tanium | 1 Service Enforce Recovery-key-portal | 2026-02-18 | 6.5 Medium |
| Tanium addressed an insecure file permissions vulnerability in Enforce Recovery Key Portal. | ||||
| CVE-2026-2570 | 2026-02-17 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2026-26119 | 1 Microsoft | 1 Windows Admin Center | 2026-02-17 | 8.8 High |
| Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-1670 | 2026-02-17 | 9.8 Critical | ||
| The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address. | ||||
| CVE-2025-62183 | 2026-02-17 | N/A | ||
| Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low. | ||||
| CVE-2025-13689 | 1 Ibm | 1 Datastage On Cloud Pak | 2026-02-17 | 8.8 High |
| IBM DataStage on Cloud Pak for Data could allow an authenticated user to execute arbitrary commands and gain access to sensitive information due to unrestricted file uploads. | ||||
| CVE-2025-13333 | 1 Ibm | 1 Websphere Application Server | 2026-02-17 | 4.4 Medium |
| IBM WebSphere Application Server 9.0, and 8.5 could provide weaker than expected security during system administration of security settings. | ||||
| CVE-2026-20841 | 1 Microsoft | 2 Window Notepad, Windows Notepad | 2026-02-17 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-20846 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-02-17 | 7.5 High |
| Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-21222 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-02-17 | 5.5 Medium |
| Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-21228 | 1 Microsoft | 1 Azure Local | 2026-02-17 | 8.1 High |
| Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network. | ||||