Total
12961 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-25941 | 1 Freerdp | 1 Freerdp | 2026-02-27 | 4.3 Medium |
| FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory by sending a crafted WIRE_TO_SURFACE_2 PDU with a `bitmapDataLength` value larger than the actual data in the packet. This can lead to information disclosure or client crashes when a user connects to a malicious server. Versions 2.11.8 and 3.23.0 fix the issue. | ||||
| CVE-2025-13327 | 1 Redhat | 2 Ai Inference Server, Openshift Ai | 2026-02-27 | 6.3 Medium |
| A flaw was found in uv. This vulnerability allows an attacker to execute malicious code during package resolution or installation via specially crafted ZIP (Zipped Information Package) archives that exploit parsing differentials, requiring user interaction to install an attacker-controlled package. | ||||
| CVE-2025-15438 | 1 Pluxml | 1 Pluxml | 2026-02-27 | 4.7 Medium |
| A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::__destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was informed early about this issue and announced that "[w]e fix this issue in the next version 5.8.23". A patch for it is ready. | ||||
| CVE-2025-27378 | 1 Altium | 2 Aes, On-prem Enterprise Server | 2026-02-26 | 8.6 High |
| AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries. | ||||
| CVE-2026-27585 | 1 Caddyserver | 1 Caddy | 2026-02-26 | 6.5 Medium |
| Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, the path sanitization routine in file matcher doesn't sanitize backslashes which can lead to bypassing path related security protections. It affects users with specific Caddy and environment configurations. Version 2.11.1 fixes the issue. | ||||
| CVE-2025-15284 | 1 Qs Project | 1 Qs | 2026-02-26 | 3.7 Low |
| Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation (a[]=1&a[]=2), only for indexed notation (a[0]=1). This is a consistency bug; arrayLimit should apply uniformly across all array notations. Note: The default parameterLimit of 1000 effectively mitigates the DoS scenario originally described. With default options, bracket notation cannot produce arrays larger than parameterLimit regardless of arrayLimit, because each a[]=valueconsumes one parameter slot. The severity has been reduced accordingly. Details The arrayLimit option only checked limits for indexed notation (a[0]=1&a[1]=2) but did not enforce it for bracket notation (a[]=1&a[]=2). Vulnerable code (lib/parse.js:159-162): if (root === '[]' && options.parseArrays) { obj = utils.combine([], leaf); // No arrayLimit check } Working code (lib/parse.js:175): else if (index <= options.arrayLimit) { // Limit checked here obj = []; obj[index] = leaf; } The bracket notation handler at line 159 uses utils.combine([], leaf) without validating against options.arrayLimit, while indexed notation at line 175 checks index <= options.arrayLimit before creating arrays. PoC const qs = require('qs'); const result = qs.parse('a[]=1&a[]=2&a[]=3&a[]=4&a[]=5&a[]=6', { arrayLimit: 5 }); console.log(result.a.length); // Output: 6 (should be max 5) Note on parameterLimit interaction: The original advisory's "DoS demonstration" claimed a length of 10,000, but parameterLimit (default: 1000) caps parsing to 1,000 parameters. With default options, the actual output is 1,000, not 10,000. Impact Consistency bug in arrayLimit enforcement. With default parameterLimit, the practical DoS risk is negligible since parameterLimit already caps the total number of parsed parameters (and thus array elements from bracket notation). The risk increases only when parameterLimit is explicitly set to a very high value. | ||||
| CVE-2024-53012 | 2026-02-26 | 7.8 High | ||
| Memory corruption may occur due to improper input validation in clock device. | ||||
| CVE-2024-53022 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2026-02-26 | 7.8 High |
| Memory corruption may occur during communication between primary and guest VM. | ||||
| CVE-2024-53029 | 2026-02-26 | 7.8 High | ||
| Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. | ||||
| CVE-2024-53030 | 1 Qualcomm | 88 Msm8996au, Msm8996au Firmware, Qam8255p and 85 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing input message passed from FE driver. | ||||
| CVE-2024-53031 | 1 Qualcomm | 52 Qam8255p, Qam8255p Firmware, Qam8295p and 49 more | 2026-02-26 | 7.8 High |
| Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. | ||||
| CVE-2025-21234 | 1 Microsoft | 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more | 2026-02-26 | 7.8 High |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | ||||
| CVE-2025-21235 | 1 Microsoft | 14 Windows 10 21h2, Windows 10 21h2, Windows 10 22h2 and 11 more | 2026-02-26 | 7.8 High |
| Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | ||||
| CVE-2025-21344 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2026-02-26 | 7.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2025-29814 | 1 Microsoft | 1 Partner Center | 2026-02-26 | 9.3 Critical |
| Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-1097 | 1 Kubernetes | 1 Ingress-nginx | 2026-02-26 | 8.8 High |
| A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | ||||
| CVE-2025-1098 | 1 Kubernetes | 1 Ingress-nginx | 2026-02-26 | 8.8 High |
| A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | ||||
| CVE-2025-24514 | 1 Kubernetes | 1 Ingress-nginx | 2026-02-26 | 8.8 High |
| A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | ||||
| CVE-2024-0179 | 2026-02-26 | 8.2 High | ||
| SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-30391 | 1 Microsoft | 1 Dynamics 365 Customer Service | 2026-02-26 | 8.1 High |
| Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network. | ||||