Total
335189 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47996 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1507 and 24 more | 2026-02-26 | 7.8 High |
| Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-5036 | 1 Autodesk | 1 Revit | 2026-02-26 | 7.8 High |
| A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-47998 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-5086 | 1 3ds | 1 Delmia Apriso | 2026-02-26 | 9 Critical |
| A deserialization of untrusted data vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could lead to a remote code execution. | ||||
| CVE-2025-48805 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-02-26 | 7.8 High |
| Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally. | ||||
| CVE-2025-5419 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2026-02-26 | 8.8 High |
| Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2025-48806 | 1 Microsoft | 25 Mpeg-2 Video Extension, Windows 10 1507, Windows 10 1607 and 22 more | 2026-02-26 | 7.8 High |
| Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally. | ||||
| CVE-2025-5068 | 1 Google | 1 Chrome | 2026-02-26 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2025-48811 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2026-02-26 | 6.7 Medium |
| Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21480 | 1 Qualcomm | 152 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 149 more | 2026-02-26 | 8.6 High |
| Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. | ||||
| CVE-2025-48817 | 1 Microsoft | 28 Remote Desktop, Remote Desktop Client, Windows 10 1507 and 25 more | 2026-02-26 | 8.8 High |
| Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-21485 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2026-02-26 | 7.8 High |
| Memory corruption while processing INIT and multimode invoke IOCTL calls on FastRPC. | ||||
| CVE-2025-49660 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2026-02-26 | 7.8 High |
| Use after free in Windows Event Tracing allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21486 | 1 Qualcomm | 63 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 60 more | 2026-02-26 | 7.8 High |
| Memory corruption during dynamic process creation call when client is only passing address and length of shell binary. | ||||
| CVE-2025-49667 | 1 Microsoft | 26 Windows, Windows 10, Windows 10 1507 and 23 more | 2026-02-26 | 7.8 High |
| Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-27038 | 1 Qualcomm | 88 Ar8031, Ar8031 Firmware, Csra6620 and 85 more | 2026-02-26 | 7.5 High |
| Memory corruption while rendering graphics using Adreno GPU drivers in Chrome. | ||||
| CVE-2025-49668 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-21479 | 1 Qualcomm | 150 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 147 more | 2026-02-26 | 8.6 High |
| Memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands. | ||||
| CVE-2025-49669 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-02-26 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-4517 | 2 Python, Redhat | 7 Cpython, Enterprise Linux, Rhel Aus and 4 more | 2026-02-26 | 9.4 Critical |
| Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links. | ||||