Export limit exceeded: 341651 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10034 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10034 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21208 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2025-21406 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21407 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21410 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2025-21190 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2026-02-26 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2024-49749 | 1 Google | 1 Android | 2026-02-26 | 8.8 High |
| In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-21200 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2026-02-26 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21201 | 1 Microsoft | 17 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 14 more | 2026-02-26 | 8.8 High |
| Windows Telephony Server Remote Code Execution Vulnerability | ||||
| CVE-2025-21198 | 1 Microsoft | 2 Microsoft Hpc Pack 2016, Microsoft Hpc Pack 2019 | 2026-02-26 | 9 Critical |
| Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability | ||||
| CVE-2025-21371 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 8.8 High |
| Windows Telephony Service Remote Code Execution Vulnerability | ||||
| CVE-2025-21386 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21387 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21390 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21392 | 1 Microsoft | 9 365 Apps, Office, Office 2016 and 6 more | 2026-02-26 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2025-21394 | 1 Microsoft | 11 365 Apps, Excel, Excel 2016 and 8 more | 2026-02-26 | 7.8 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2025-21397 | 1 Microsoft | 4 365 Apps, Office 2021, Office 2024 and 1 more | 2026-02-26 | 7.8 High |
| Microsoft Office Remote Code Execution Vulnerability | ||||
| CVE-2025-0108 | 1 Paloaltonetworks | 1 Pan-os | 2026-02-26 | 9.1 Critical |
| An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software. | ||||
| CVE-2025-0624 | 1 Redhat | 7 Enterprise Linux, Openshift, Rhel Aus and 4 more | 2026-02-26 | 7.6 High |
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | ||||
| CVE-2025-24893 | 1 Xwiki | 1 Xwiki | 2026-02-26 | 9.8 Critical |
| XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead of simply outputting the content of the feed. | ||||
| CVE-2025-2945 | 1 Pgadmin | 1 Pgadmin 4 | 2026-02-26 | 9.9 Critical |
| Remote Code Execution security vulnerability in pgAdmin 4 (Query Tool and Cloud Deployment modules). The vulnerability is associated with the 2 POST endpoints; /sqleditor/query_tool/download, where the query_commited parameter and /cloud/deploy endpoint, where the high_availability parameter is unsafely passed to the Python eval() function, allowing arbitrary code execution. This issue affects pgAdmin 4: before 9.2. | ||||