Export limit exceeded: 355201 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1755 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-12749 | 3 Canonical, Freedesktop, Redhat | 5 Ubuntu Linux, Dbus, Enterprise Linux and 2 more | 2026-02-13 | 7.1 High |
| dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case, this could result in the DBusServer reusing a cookie that is known to the malicious client, and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid, allowing authentication bypass. | ||||
| CVE-2025-21331 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 7.3 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2025-21274 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 5.5 Medium |
| Windows Event Tracing Denial of Service Vulnerability | ||||
| CVE-2025-21294 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.1 High |
| Microsoft Digest Authentication Remote Code Execution Vulnerability | ||||
| CVE-2025-21373 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2025-21322 | 1 Microsoft | 1 Pc Manager | 2026-02-13 | 7.8 High |
| Microsoft PC Manager Elevation of Privilege Vulnerability | ||||
| CVE-2025-21347 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 6 Medium |
| Windows Deployment Services Denial of Service Vulnerability | ||||
| CVE-2025-21420 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-13 | 7.8 High |
| Windows Disk Cleanup Tool Elevation of Privilege Vulnerability | ||||
| CVE-2025-24045 | 1 Microsoft | 8 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 5 more | 2026-02-13 | 8.1 High |
| Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-25008 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2026-02-13 | 7.1 High |
| Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24035 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 8.1 High |
| Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-27732 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7 High |
| Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27727 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27482 | 1 Microsoft | 6 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 3 more | 2026-02-13 | 8.1 High |
| Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-27484 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.5 High |
| Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-26671 | 1 Microsoft | 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 7 more | 2026-02-13 | 8.1 High |
| Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-26648 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-13 | 7.8 High |
| Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21204 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 7.8 High |
| Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27475 | 1 Microsoft | 6 Windows 11 22h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2026-02-13 | 7 High |
| Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27471 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-13 | 5.9 Medium |
| Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network. | ||||