Export limit exceeded: 10887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23277 | 1 Nvidia | 1 Gpu Display Driver | 2026-02-26 | 7.3 High |
| NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or information disclosure. | ||||
| CVE-2025-43270 | 1 Apple | 4 Macos, Sequoia, Sonoma and 1 more | 2026-02-26 | 8.8 High |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Ventura 13.7.7, macOS Sonoma 14.7.7. An app may gain unauthorized access to Local Network. | ||||
| CVE-2024-40653 | 1 Google | 1 Android | 2026-02-26 | 7.3 High |
| In multiple functions of ConnectionServiceWrapper.java, there is a possible way to retain a permission forever in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-53792 | 1 Microsoft | 2 Azure, Azure Portal | 2026-02-26 | 9.1 Critical |
| Azure Portal Elevation of Privilege Vulnerability | ||||
| CVE-2025-20099 | 1 Intel | 1 Rapid Storage Technology | 2026-02-26 | 6.7 Medium |
| Improper access control for some Intel(R) Rapid Storage Technology installation software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-26420 | 1 Google | 1 Android | 2026-02-26 | 4.4 Medium |
| In multiple functions of GrantPermissionsActivity.java , there is a possible way to trick the user into granting the incorrect permission due to permission overload. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26430 | 1 Google | 1 Android | 2026-02-26 | 7.8 High |
| In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-26438 | 1 Google | 1 Android | 2026-02-26 | 8.8 High |
| In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP authentication due to Incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-24323 | 1 Intel | 1 Pcie Switch Software | 2026-02-26 | 6.5 Medium |
| Improper access control in some firmware package and LED mode toggle tool for some Intel(R) PCIe Switch software before version MR4_1.0b1 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-24840 | 1 Intel | 1 Edge Orchestrator Software | 2026-02-26 | 5.8 Medium |
| Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2025-53729 | 1 Microsoft | 1 Azure File Sync | 2026-02-26 | 7.8 High |
| Improper access control in Azure File Sync allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24999 | 1 Microsoft | 5 Sql Server, Sql Server 2016, Sql Server 2017 and 2 more | 2026-02-26 | 8.8 High |
| Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-55244 | 1 Microsoft | 3 Azure, Azure Ai Bot Service, Azure Bot Service | 2026-02-26 | 9 Critical |
| Azure Bot Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-54914 | 1 Microsoft | 2 Azure, Azure Networking | 2026-02-26 | 10 Critical |
| Azure Networking Elevation of Privilege Vulnerability | ||||
| CVE-2025-55241 | 1 Microsoft | 2 Entra Id, Microsoft Entra Id | 2026-02-26 | 10 Critical |
| Azure Entra ID Elevation of Privilege Vulnerability | ||||
| CVE-2025-53778 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-26 | 8.8 High |
| Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-49707 | 1 Microsoft | 33 Dcadsv5 Series Azure Vm, Dcasv5 Series Azure Vm, Dcedsv5 Series Azure Vm and 30 more | 2026-02-26 | 7.9 High |
| Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2024-26009 | 1 Fortinet | 4 Fortios, Fortipam, Fortiproxy and 1 more | 2026-02-26 | 7.9 High |
| An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number. | ||||
| CVE-2025-49692 | 1 Microsoft | 2 Azure, Azure Connected Machine Agent | 2026-02-26 | 7.8 High |
| Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54098 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-26 | 7.8 High |
| Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||