Total
2581 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-6177 | 1 Google | 1 Chrome Os | 2026-02-26 | 7.4 High |
| Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmware Write Protect (FWMP). | ||||
| CVE-2025-53024 | 1 Oracle | 1 Vm Virtualbox | 2026-02-26 | 8.2 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2025-53025 | 1 Oracle | 1 Vm Virtualbox | 2026-02-26 | 6 Medium |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). | ||||
| CVE-2025-4879 | 1 Citrix | 1 Workspace | 2026-02-26 | 7.8 High |
| Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Workspace app for Windows | ||||
| CVE-2025-53027 | 1 Oracle | 1 Vm Virtualbox | 2026-02-26 | 8.2 High |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2025-0320 | 2 Citrix, Microsoft | 2 Secure Access Client, Windows | 2026-02-26 | 7.8 High |
| Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix Secure Access Client for Windows | ||||
| CVE-2025-53030 | 1 Oracle | 1 Vm Virtualbox | 2026-02-26 | 6 Medium |
| Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). | ||||
| CVE-2025-20282 | 1 Cisco | 2 Identity Services Engine, Identity Services Engine Passive Identity Connector | 2026-02-26 | 10 Critical |
| A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system. | ||||
| CVE-2025-37101 | 2026-02-26 | 8.7 High | ||
| A potential security vulnerability has been identified in HPE OneView for VMware vCenter (OV4VC). This vulnerability could be exploited allowing an attacker with read only privilege to cause Vertical Privilege Escalation (operator can perform admin actions). | ||||
| CVE-2025-22165 | 1 Atlassian | 1 Sourcetree | 2026-02-26 | 7.3 High |
| This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE (Arbitrary Code Execution) vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac users upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://www.sourcetreeapp.com/download-archives . You can download the latest version of Sourcetree for Mac from the download center https://www.sourcetreeapp.com/download-archives . This vulnerability was found through the Atlassian Bug Bounty Program by Karol Mazurek (AFINE). | ||||
| CVE-2025-43248 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2026-02-26 | 7.8 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-43256 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2026-02-26 | 7.8 High |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges. | ||||
| CVE-2025-43188 | 1 Apple | 2 Macos, Macos Sequoia | 2026-02-26 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-31243 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to gain root privileges. | ||||
| CVE-2025-24119 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | ||||
| CVE-2025-43199 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 9.8 Critical |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app may be able to gain root privileges. | ||||
| CVE-2025-43249 | 1 Apple | 4 Macos, Macos Sequoia, Macos Sonoma and 1 more | 2026-02-26 | 7.8 High |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges. | ||||
| CVE-2025-26513 | 1 Netapp | 2 San Host Utilities, Windows Host Utilities | 2026-02-26 | 7 High |
| The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited could allow a local user to escalate their privileges. | ||||
| CVE-2025-36890 | 1 Google | 1 Android | 2026-02-26 | 9.8 Critical |
| Elevation of Privilege | ||||
| CVE-2025-36891 | 1 Google | 1 Android | 2026-02-26 | 8.8 High |
| Elevation of privilege | ||||