17282 Total CVEs
8582 AI Analyzed
264 CISA KEV
3488 Critical
All Vendors
Showing 13251-13300 of 17282 CVEs Page 266 of 346
CVE-2025-40547
Analyzed
9.1
Microsoft Multiple Products

A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute cod...

2025-11-19
CVE-2025-40541
Analyzed
9.1
SolarWinds Serv-U

An Insecure Direct Object Reference (IDOR) vulnerability in Serv-U allows authenticated administrators to execute native code as a privileged account...

2026-02-24
CVE-2025-40540
Analyzed
9.1
SolarWinds Serv-U

A critical type confusion vulnerability in Serv-U allows an authenticated administrative user to execute arbitrary native code, potentially compromisi...

2026-02-24
CVE-2025-40539
Analyzed
9.1
SolarWinds Serv-U

A type confusion vulnerability in Serv-U enables authenticated administrative users to execute arbitrary native code with the privileges of the servic...

2026-02-24
CVE-2025-40538
Analyzed
9.1
SolarWinds Serv-U

A broken access control vulnerability in Serv-U allows domain or group administrators to escalate privileges, create system admin users, and execute a...

2026-02-24
CVE-2025-40537
7.5
SolarWinds Multiple Products

SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to ad...

2026-01-28
CVE-2025-40536
KEV
8.1
SolarWinds Multiple Products

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated atta...

2026-01-28
CVE-2025-4046
Analyzed
8.5
Intel Multiple Products

A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization

2025-08-19
CVE-2025-4044
Analyzed
8.2
Microsoft Multiple Products

Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information...

2025-08-19
CVE-2025-4008
KEV
9.5
Smartbedded Meteobridge

Smartbedded Meteobridge Command Injection Vulnerability - Active in CISA KEV catalog.

2025-10-02
CVE-2025-39510
8.5
ValvePress Pinterest Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Pinterest Automatic Pin allows SQL In...

2025-08-14
CVE-2025-39496
Analyzed
9.3
WordPress Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW WooBeWoo Product Filter Pro allows SQL Injec...

2025-08-28
CVE-2025-39484
Analyzed
9.3
Intel Multiple Products

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Waituk Entrada allows SQL Injection.This issue a...

2026-01-06
CVE-2025-39477
Analyzed
9.8
Unknown Multiple Products

Missing Authorization vulnerability in Sfwebservice InWave Jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff...

2026-01-07
CVE-2025-3947
8.2
Unknown Multiple Products

The Honeywell Experion PKS contains an Integer Underflow vulnerability in the component Control Data Access (CDA)

2025-07-11
CVE-2025-3946
8.2
Unknown Multiple Products

The Honeywell Experion PKS and OneWireless WDM contains a Deployment of Wrong Handler vulnerability in the component Control Data Access (CDA...

2025-07-11
CVE-2025-39247
Analyzed
8.6
Unknown Multiple Products

There is an Access Control Vulnerability in some HikCentral Professional versions

2025-08-29
CVE-2025-38747
7.8
Dell Multiple Products

Dell SupportAssist OS Recovery, versions prior to 5

2025-08-07
CVE-2025-38743
Analyzed
7.8
Dell Multiple Products

Dell iDRAC Service Module (iSM), versions prior to 6

2025-08-21
CVE-2025-38741
Analyzed
7.5
Dell Multiple Products

Dell Enterprise SONiC OS, version 4

2025-08-05
CVE-2025-38739
Analyzed
7.2
Dell Multiple Products

Dell Digital Delivery, versions prior to 5

2025-08-05
CVE-2025-3848
Analyzed
8.8
WordPress Multiple Products

The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to privilege escalation via account takeover i...

2025-07-05
CVE-2025-3839
8
Unknown Multiple Products

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction

2026-01-23
CVE-2025-38352
KEV
9.5
Linux Kernel

Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability - Active in CISA KEV catalog.

2025-09-04
CVE-2025-3831
8.1
Log Multiple Products

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties

2025-08-12
CVE-2025-38250
Analyzed
7.8
Linux Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-afte...

2026-06-21
CVE-2025-38129
Analyzed
7.8
Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf...

2026-06-21
CVE-2025-37736
Analyzed
8.8
Unknown Multiple Products

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be...

2025-11-08
CVE-2025-37735
Analyzed
7
Microsoft Multiple Products

Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service...

2025-11-06
CVE-2025-37729
Analyzed
9.1
Unknown Multiple Products

Improper neutralization of special elements used in a template engine in Elastic Cloud Enterprise (ECE) can lead to a malicious actor with Admin acces...

2025-10-13
CVE-2025-3770
Analyzed
7
Unknown Multiple Products

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access

2025-08-07
CVE-2025-3753
7.8
Unknown Multiple Products

A code execution vulnerability has been identified in the Robot Operating System (ROS) 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and...

2025-07-17
CVE-2025-3719
8.1
Unknown Multiple Products

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users wit...

2025-10-07
CVE-2025-3718
7.9
Unknown Multiple Products

A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter

2025-10-07
CVE-2025-37168
8.2
Unknown Multiple Products

Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system

2026-01-14
CVE-2025-37164
KEV Analyzed
10
HP Multiple Products

A remote code execution issue exists in HPE OneView.

2025-12-17
CVE-2025-37163
7.2
HP Multiple Products

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform

2025-11-19
CVE-2025-37161
7.5
Unknown Multiple Products

A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service

2025-11-19
CVE-2025-37155
7.8
SSH restricted Multiple Products

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only us...

2025-11-19
CVE-2025-37127
Analyzed
7.2
HP Multiple Products

A vulnerability in the cryptographic logic used by HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to ga...

2025-09-16
CVE-2025-37126
Analyzed
7.2
HP Multiple Products

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run ar...

2025-09-16
CVE-2025-37125
7.5
HP Multiple Products

A broken access control vulnerability exists in HPE Aruba Networking EdgeConnect OS (ECOS)

2025-09-16
CVE-2025-37124
Analyzed
8.6
HP Multiple Products

A vulnerability in the HPE Aruba Networking SD-WAN Gateways could allow an unauthenticated remote attacker to bypass firewall protections

2025-09-16
CVE-2025-37123
Analyzed
8.8
HP Multiple Products

A vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways could allow an authenticated remote attacker to esca...

2025-09-16
CVE-2025-37107
Analyzed
7.3
HP Multiple Products

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9

2025-07-16
CVE-2025-37106
Analyzed
7.3
HP Multiple Products

An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass License Server (APLS) prior to 9

2025-07-16
CVE-2025-37105
Analyzed
7.5
HP Multiple Products

An hsqldb-related remote code execution vulnerability exists in HPE AutoPass License Server (APLS) prior to 9

2025-07-16
CVE-2025-37104
7.1
HP Multiple Products

A security vulnerability has been identified in HPE Telco Service Orchestrator software

2025-07-16
CVE-2025-37103
Analyzed
9.8
HP Multiple Products

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing anyone with knowledge of it to bypass normal device aut...

2025-07-08
CVE-2025-37099
Analyzed
9.8
HP Multiple Products

A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646.

2025-07-06