Export limit exceeded: 19584 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19584 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25070 | 2 Anhui Seeker Electronic Technology Co., Ltd., Seekswan | 3 Xikestor Sks8310-8x, Zikestor Sks8310-8x, Zikestor Sks8310-8x Firmware | 2026-03-12 | 9.8 Critical |
| XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through the destIp parameter to achieve remote code execution with root privileges on the network switch. | ||||
| CVE-2026-27275 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-03-12 | 7.8 High |
| Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-36920 | 1 Google | 1 Android | 2026-03-12 | 8.4 High |
| In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0111 | 1 Google | 1 Android | 2026-03-12 | 9.8 Critical |
| In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0113 | 1 Google | 1 Android | 2026-03-12 | 9.8 Critical |
| In ns_GetUserData of ns_SmscbUtilities.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0114 | 1 Google | 1 Android | 2026-03-12 | 9.8 Critical |
| In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0116 | 1 Google | 1 Android | 2026-03-12 | 9.8 Critical |
| In __mfc_handle_released_buf of mfc_core_isr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0117 | 1 Google | 1 Android | 2026-03-12 | 8.4 High |
| In mfc_dec_dqbuf of mfc_dec_v4l2.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0120 | 1 Google | 1 Android | 2026-03-12 | 9.8 Critical |
| In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-1427 | 1 Wellchoose | 1 Single Sign-on Portal System | 2026-03-11 | 8.8 High |
| Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server. | ||||
| CVE-2026-1428 | 1 Wellchoose | 2 Single Sign-on Portal System, Single Sign On Portal System | 2026-03-11 | 8.8 High |
| Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server. | ||||
| CVE-2026-27273 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-03-11 | 7.8 High |
| Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-27274 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-03-11 | 7.8 High |
| Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-41766 | 2 Mbs, Mbs-solutions | 7 Ubr-01 Mk Ii, Ubr-02, Ubr-lon and 4 more | 2026-03-11 | 8.8 High |
| A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise. | ||||
| CVE-2026-27279 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-03-11 | 7.8 High |
| Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-30936 | 1 Imagemagick | 1 Imagemagick | 2026-03-11 | 5.5 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. | ||||
| CVE-2026-28693 | 1 Imagemagick | 1 Imagemagick | 2026-03-11 | 8.1 High |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. | ||||
| CVE-2026-0124 | 1 Google | 1 Android | 2026-03-11 | 7.8 High |
| There is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-27272 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | 7.8 High |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2026-21362 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2026-03-11 | 7.8 High |
| Illustrator versions 29.8.4, 30.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||