Search
Search Results (333343 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-1283 | 1 Dassault | 1 Edrawings | 2026-02-18 | 7.8 High |
| A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1284 | 1 Dassault | 1 Edrawings | 2026-02-18 | 7.8 High |
| An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file. | ||||
| CVE-2026-1603 | 1 Ivanti | 1 Endpoint Manager | 2026-02-18 | 8.6 High |
| An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data. | ||||
| CVE-2026-1602 | 1 Ivanti | 1 Endpoint Manager | 2026-02-18 | 6.5 Medium |
| SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. | ||||
| CVE-2008-0015 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2026-02-18 | 8.8 High |
| Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability." | ||||
| CVE-2026-27038 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27037 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27036 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27035 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27034 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27033 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27032 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-27031 | 2026-02-18 | N/A | ||
| Not used | ||||
| CVE-2026-2570 | 2026-02-17 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2026-20841 | 1 Microsoft | 2 Window Notepad, Windows Notepad | 2026-02-17 | 7.8 High |
| Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally. | ||||
| CVE-2026-20846 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-02-17 | 7.5 High |
| Buffer over-read in Windows GDI+ allows an unauthorized attacker to deny service over a network. | ||||
| CVE-2026-21222 | 1 Microsoft | 25 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 22 more | 2026-02-17 | 5.5 Medium |
| Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-21228 | 1 Microsoft | 1 Azure Local | 2026-02-17 | 8.1 High |
| Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2026-21231 | 1 Microsoft | 30 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 27 more | 2026-02-17 | 7.8 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2026-21232 | 1 Microsoft | 14 Windows 11 22h3, Windows 11 23h2, Windows 11 23h2 and 11 more | 2026-02-17 | 7.8 High |
| Untrusted pointer dereference in Windows HTTP.sys allows an authorized attacker to elevate privileges locally. | ||||