Total
336347 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16855 | 1 Microsoft | 1 Office | 2026-02-23 | 4.3 MEDIUM | 5.5 MEDIUM |
|
<p>An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.</p>
<p>Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.</p>
<p>The security update addresses the vulnerability by properly initializin ...
Show More |
|||||
| CVE-2020-16854 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2026-02-23 | 2.1 LOW | 5.5 MEDIUM |
|
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>
<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain i ...
Show More |
|||||
| CVE-2020-16853 | 1 Microsoft | 1 Onedrive | 2026-02-23 | 3.6 LOW | 7.1 HIGH |
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p>
<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p>
<p>The ...
Show More |
|||||
| CVE-2020-16852 | 1 Microsoft | 1 Onedrive | 2026-02-23 | 3.6 LOW | 7.1 HIGH |
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p>
<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p>
<p>The ...
Show More |
|||||
| CVE-2020-16851 | 1 Microsoft | 1 Onedrive | 2026-02-23 | 3.6 LOW | 7.1 HIGH |
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file with an elevated status.</p>
<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete a targeted file with an elevated status.</p>
<p>The ...
Show More |
|||||
| CVE-2020-16228 | 1 Philips | 24 Intellivue Mp2-mp90, Intellivue Mp2-mp90 Firmware, Intellivue Mx100 and 21 more | 2026-02-23 | 5.2 MEDIUM | 6.4 MEDIUM |
|
In Patient Information Center iX (PICiX) Versions C.02 and C.03,
PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors
MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and
prior, the software does not check or incorrectly checks the revocation
status of a certificate, which may cause it to use a compromised
certificate.
|
|||||
| CVE-2020-16224 | 1 Philips | 1 Patient Information Center Ix | 2026-02-23 | 3.3 LOW | 6.5 MEDIUM |
|
In Patient Information Center iX (PICiX) Versions C.02, C.03, the
software parses a formatted message or structure but does not handle or
incorrectly handles a length field that is inconsistent with the actual
length of the associated data, causing the application on the
surveillance station to restart.
|
|||||
| CVE-2020-16222 | 1 Philips | 2 Patient Information Center Ix, Performancebridge Focal Point | 2026-02-23 | 5.8 MEDIUM | 8.8 HIGH |
|
In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and
PerformanceBridge Focal Point Version A.01, when an actor claims to have
a given identity, the software does not prove or insufficiently proves
the claim is correct.
|
|||||
| CVE-2020-16220 | 1 Philips | 2 Patient Information Center Ix, Performancebridge Focal Point | 2026-02-23 | 3.3 LOW | 4.3 MEDIUM |
|
In Patient Information Center iX (PICiX) Versions C.02, C.03,
PerformanceBridge Focal Point Version A.01, the product receives input
that is expected to be well-formed (i.e., to comply with a certain
syntax) but it does not validate or incorrectly validates that the input
complies with the syntax, causing the certificate enrollment service to
crash. It does not impact monitoring but prevents new devices from
enrolling.
|
|||||
| CVE-2020-16218 | 1 Philips | 1 Patient Information Center Ix | 2026-02-23 | 2.7 LOW | 3.5 LOW |
|
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software does not neutralize or incorrectly neutralizes
user-controllable input before it is placed in output that is then used
as a webpage and served to other users. Successful exploitation could
lead to unauthorized access to patient data via a read-only web
application.
|
|||||
| CVE-2020-16216 | 1 Philips | 24 Intellivue Mp2-mp90, Intellivue Mp2-mp90 Firmware, Intellivue Mx100 and 21 more | 2026-02-23 | 6.1 MEDIUM | 6.5 MEDIUM |
|
In IntelliVue patient monitors MX100, MX400-550, MX600, MX700, MX750,
MX800, MX850, MP2-MP90, and IntelliVue X2 and X3 Versions N and prior,
the product receives input or data but does not validate or incorrectly
validates that the input has the properties required to process the data
safely and correctly, which can induce a denial-of-service condition
through a system restart.
|
|||||
| CVE-2020-16214 | 1 Philips | 1 Patient Information Center Ix | 2026-02-23 | 5.8 MEDIUM | 5.0 MEDIUM |
|
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software saves user-provided information into a comma-separated value
(CSV) file, but it does not neutralize or incorrectly neutralizes
special elements that could be interpreted as a command when the file is
opened by spreadsheet software.
|
|||||
| CVE-2026-22778 | 1 Vllm | 1 Vllm | 2026-02-23 | N/A | 9.8 CRITICAL |
|
vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guesses to ~8 guesses. This vulnerability can be chained a heap overflow with JPEG2000 decoder in OpenCV/FFmpeg to achieve remote code execution. This vulnerability is fixed in 0.14.1.
|
|||||
| CVE-2026-24762 | 1 Rustfs | 1 Rustfs | 2026-02-23 | N/A | 7.5 HIGH |
|
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material (access key, secret key, session token) to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive credentials. This issue has been patched in version alpha.82.
|
|||||
| CVE-2020-14498 | 1 Hms-networks | 1 Ecatcher | 2026-02-23 | 10.0 HIGH | 9.6 CRITICAL |
|
HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
|
|||||
| CVE-2026-24776 | 1 Openproject | 1 Openproject | 2026-02-23 | N/A | 4.3 MEDIUM |
|
OpenProject is an open-source, web-based project management software. Prior to 17.0.2, the drag&drop handler moving an agenda item to a different section was not properly checking if the target meeting section is part of the same meeting (or is the backlog, in case of recurring meetings). This allowed an attacker to move a meeting agenda item into a different meeting. The attacker did not get access to meetings, but they could add arbitrary agenda items, that could cause confusions. The vulnerab ...
Show More |
|||||
| CVE-2026-27113 | 2026-02-23 | N/A | 6.3 MEDIUM | ||
|
Liquid Prompt is an adaptive prompt for Bash and Zsh. Starting in commit cf3441250bb5d8b45f6f8b389fcdf427a99ac28a and prior to commit a4f6b8d8c90b3eaa33d13dfd1093062ab9c4b30c on the master branch, arbitrary command injection can lead to code execution when a user enters a directory in a Git repository containing a crafted branch name. Exploitation requires the LP_ENABLE_GITSTATUSD config option to be enabled (enabled by default), gitstatusd to be installed and started before Liquid Prompt is loa ...
Show More |
|||||
| CVE-2026-27118 | 2026-02-23 | N/A | N/A | ||
|
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Versions of @sveltejs/adapter-vercel prior to 6.3.2 are vulnerable to cache poisoning. An internal query parameter intended for Incremental Static Regeneration (ISR) is accessible on all routes, allowing an attacker to cause sensitive user-specific responses to be cached and served to other users. Successful exploitation requires a victim to visit an attacker-controlled link while authenticated. Exi ...
Show More |
|||||
| CVE-2026-2033 | 2026-02-23 | N/A | 8.1 HIGH | ||
|
MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vuln ...
Show More |
|||||
| CVE-2026-2473 | 2026-02-23 | N/A | N/A | ||
|
Predictable bucket naming in Vertex AI Experiments in Google Cloud Vertex AI from version 1.21.0 up to (but not including) 1.133.0 on Google Cloud Platform allows an unauthenticated remote attacker to achieve cross-tenant remote code execution, model theft, and poisoning via pre-creating predictably named Cloud Storage buckets (Bucket Squatting).
This vulnerability was patched and no customer action is needed.
|
|||||
| CVE-2019-25441 | 2026-02-23 | N/A | 9.8 CRITICAL | ||
|
thesystem 1.0 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious input to the run_command endpoint. Attackers can send POST requests with shell commands in the command parameter to execute arbitrary code on the server without authentication.
|
|||||
| CVE-2026-2035 | 2026-02-23 | N/A | 6.8 MEDIUM | ||
|
Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of backup configuration files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverag ...
Show More |
|||||
| CVE-2019-25432 | 2026-02-23 | N/A | 7.5 HIGH | ||
|
Part-DB 0.4 contains an authentication bypass vulnerability that allows unauthenticated attackers to login by injecting SQL syntax into authentication parameters. Attackers can submit a single quote followed by 'or' in the login form to bypass credential validation and gain unauthorized access to the application.
|
|||||
| CVE-2019-25431 | 2026-02-23 | N/A | 8.2 HIGH | ||
|
delpino73 Blue-Smiley-Organizer 1.32 contains an SQL injection vulnerability in the datetime parameter that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through POST requests to extract sensitive data using boolean-based blind and time-based blind techniques, or write files to the server using INTO OUTFILE statements.
|
|||||
| CVE-2019-25437 | 2026-02-23 | N/A | 6.2 MEDIUM | ||
|
Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 5000-character buffer into the UID parameter during device addition to trigger an application crash when the Login Check function is invoked.
|
|||||
| CVE-2026-0777 | 2026-02-23 | N/A | 7.8 HIGH | ||
|
Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xmind. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of attachments. When opening an attachment, the user interface fails to warn the user of unsafe actions. An attacker can leverage this vuln ...
Show More |
|||||
| CVE-2021-35402 | 2026-02-23 | N/A | 10.0 CRITICAL | ||
|
PROLiNK PRC2402M 20190909 before 2021-06-13 allows live_api.cgi?page=satellite_list OS command injection via shell metacharacters in the ip parameter (for satellite_status).
|
|||||
| CVE-2026-27022 | 2026-02-23 | N/A | 6.5 MEDIUM | ||
|
@langchain/langgraph-checkpoint-redis is the Redis checkpoint and store implementation for LangGraph. A query injection vulnerability exists in the @langchain/langgraph-checkpoint-redis package's filter handling. The RedisSaver and ShallowRedisSaver classes construct RediSearch queries by directly interpolating user-provided filter keys and values without proper escaping. RediSearch has special syntax characters that can modify query behavior, and when user-controlled data contains these charact ...
Show More |
|||||
| CVE-2026-27020 | 2026-02-23 | N/A | N/A | ||
|
Photobooth prior to 1.0.1 has a cross-site scripting (XSS) vulnerability in user input fields. Malicious users could inject scripts through unvalidated form inputs. This vulnerability is fixed in 1.0.1.
|
|||||
| CVE-2018-25158 | 2026-02-23 | N/A | 8.8 HIGH | ||
|
Chamilo LMS 1.11.8 contains an arbitrary file upload vulnerability that allows authenticated users to upload and execute PHP files through the elfinder filemanager module. Attackers can upload files with image headers in the social myfiles section, rename them to PHP extensions, and execute arbitrary code by accessing the uploaded files.
|
|||||
| CVE-2026-25880 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2026-02-23 | N/A | 7.8 HIGH |
|
SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, the PDF reader allows execution of a malicious binary (explorer.exe) located in the same directory as the opened PDF when the user clicks File → “Show in folder”. This behavior leads to arbitrary code execution on the victim’s system with the privileges of the current user, without any warning or user interaction beyond the menu click.
|
|||||
| CVE-2019-25443 | 2026-02-23 | N/A | 8.2 HIGH | ||
|
Inventory Webapp contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through GET parameters. Attackers can supply malicious SQL payloads in the name, description, quantity, or cat_id parameters to add-item.php to execute arbitrary database commands.
|
|||||
| CVE-2026-26365 | 2026-02-23 | N/A | 4.0 MEDIUM | ||
|
Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message framing, depending on the Akamai processing path. This could result in the origin server parsing the request body incorrectly, leading to HTTP request smuggling.
|
|||||
| CVE-2026-2635 | 2026-02-23 | N/A | 9.8 CRITICAL | ||
|
MLflow Use of Default Password Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the basic_auth.ini file. The file contains hard-coded default credentials. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of the administrator. Was ZDI-CAN-28256.
|
|||||
| CVE-2026-2385 | 2026-02-23 | N/A | 5.3 MEDIUM | ||
|
The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.4.7. This is due to the plugin decrypting and trusting attacker-controlled email_data in an unauthenticated AJAX handler without cryptographic authenticity guarantees. This makes it possible for unauthenticated attackers to tamper with form email routing and redirectio ...
Show More |
|||||
| CVE-2019-25439 | 2026-02-23 | N/A | 8.2 HIGH | ||
|
NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the Referer HTTP header field. Attackers can craft requests with time-based SQL injection payloads in the Referer header to extract sensitive database information or cause denial of service.
|
|||||
| CVE-2019-25440 | 2026-02-23 | N/A | 8.2 HIGH | ||
|
WebIncorp ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the prod_id parameter. Attackers can send GET requests to product_detail.php with malicious prod_id values to extract sensitive database information.
|
|||||
| CVE-2019-25446 | 2026-02-23 | N/A | 8.2 HIGH | ||
|
DIGIT CENTRIS ERP contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the datum1, datum2, KID, and PID parameters. Attackers can send POST requests to /korisnikinfo.php with malicious SQL syntax in these parameters to extract or modify sensitive database information.
|
|||||
| CVE-2026-2974 | 2026-02-23 | 1.0 LOW | 2.5 LOW | ||
|
A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file shared_prefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/key_derivation_params/auth_methods leads to exposure of backup file to an unauthorized control sphere. An attack has to be approached locally. The attack is considered to have high complexity. It is stated that the exploitability is difficult ...
Show More |
|||||
| CVE-2026-2963 | 2026-02-23 | 6.5 MEDIUM | 6.3 MEDIUM | ||
|
A vulnerability was determined in Jinher OA C6 up to 20260210. This issue affects some unknown processing of the file /C6/Jhsoft.Web.officesupply/OfficeSupplyTypeRight.aspx. This manipulation of the argument id/offsnum causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. It is suggested to install a patch to address this issue. The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||