Total
35123 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-43914 | 4 Canonical, Dell, Linux and 1 more | 5 Ubuntu, Data Domain Operating System, Powerprotect Data Domain and 2 more | 2026-02-26 | 7.5 High |
| Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access. | ||||
| CVE-2025-43882 | 1 Dell | 33 Latitude 3330, Latitude 3420, Latitude 3440 and 30 more | 2026-02-26 | 7.8 High |
| Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access. | ||||
| CVE-2025-21064 | 1 Samsung | 1 Smart Switch | 2026-02-26 | 8.8 High |
| Improper authentication in Smart Switch prior to version 3.7.66.6 allows adjacent attackers to access transferring data. | ||||
| CVE-2025-58716 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 8.8 High |
| Improper input validation in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59199 | 1 Microsoft | 18 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 15 more | 2026-02-26 | 7.8 High |
| Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-59228 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-02-26 | 8.8 High |
| Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-21078 | 1 Samsung | 1 Smart Switch | 2026-02-26 | 8.8 High |
| Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications. | ||||
| CVE-2025-59249 | 1 Microsoft | 6 Exchange, Exchange Server, Exchange Server 2016 and 3 more | 2026-02-26 | 8.8 High |
| Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-59250 | 1 Microsoft | 10 Jdbc Driver For Sql Server, Jdbc Driver For Sql Server 10.2, Jdbc Driver For Sql Server 11.2 and 7 more | 2026-02-26 | 8.1 High |
| Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-59494 | 1 Microsoft | 2 Azure, Azure Monitor Agent | 2026-02-26 | 7.8 High |
| Improper access control in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-25004 | 1 Microsoft | 31 Powershell, Windows, Windows 10 and 28 more | 2026-02-26 | 7.3 High |
| Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-43990 | 1 Dell | 2 Command Monitor, Command|monitor | 2026-02-26 | 7.3 High |
| Dell Command Monitor (DCM), versions prior to 10.12.3.28, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges. | ||||
| CVE-2025-10885 | 1 Autodesk | 1 Installer | 2026-02-26 | 7.8 High |
| A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM. | ||||
| CVE-2025-55692 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-26 | 7.8 High |
| Improper input validation in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55694 | 1 Microsoft | 10 Windows, Windows 11, Windows 11 24h2 and 7 more | 2026-02-26 | 7.8 High |
| Improper access control in Windows Error Reporting allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-12907 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low) | ||||
| CVE-2025-58726 | 1 Microsoft | 30 Windows, Windows 10, Windows 10 1507 and 27 more | 2026-02-26 | 7.5 High |
| Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-12429 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-02-26 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-53474 | 1 F5 | 22 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 19 more | 2026-02-26 | 7.5 High |
| When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-58481 | 1 Samsung | 2 Mobile, Motionphoto | 2026-02-26 | 7.3 High |
| Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service. | ||||