Total
333384 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2071 | 1 Utt | 2 520w, 520w Firmware | 2026-02-13 | 8.8 High |
| A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-49736 | 2 Google, Microsoft | 2 Android, Edge | 2026-02-13 | 4.3 Medium |
| The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-69229 | 3 Aio-libs, Aio-libs Project, Aiohttp | 4 Aiohttp Session, Aiohttp, Aio-libs and 1 more | 2026-02-13 | 5.3 Medium |
| AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read() method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU time (e.g. 1 second) while processing the request. This could potentially lead to DoS as the server would be unable to handle other requests during that time. This issue is fixed in version 3.13.3. | ||||
| CVE-2025-49712 | 1 Microsoft | 5 Sharepoint Enterprise Server 2016, Sharepoint Server, Sharepoint Server 2010 and 2 more | 2026-02-13 | 8.8 High |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-49707 | 1 Microsoft | 33 Dcadsv5 Series Azure Vm, Dcasv5 Series Azure Vm, Dcedsv5 Series Azure Vm and 30 more | 2026-02-13 | 7.9 High |
| Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally. | ||||
| CVE-2025-55231 | 1 Microsoft | 10 Server, Windows, Windows Server and 7 more | 2026-02-13 | 7.5 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-55229 | 1 Microsoft | 23 Windows, Windows 10, Windows 10 1507 and 20 more | 2026-02-13 | 5.3 Medium |
| Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-49755 | 2 Google, Microsoft | 2 Android, Edge | 2026-02-13 | 4.3 Medium |
| User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2025-53787 | 1 Microsoft | 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more | 2026-02-13 | 8.2 High |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | ||||
| CVE-2025-53774 | 1 Microsoft | 4 365, 365 Copilot, 365 Copilot Business Chat and 1 more | 2026-02-13 | 6.5 Medium |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | ||||
| CVE-2025-53767 | 1 Microsoft | 3 Azure, Azure Open-ai, Azure Openai | 2026-02-13 | 10 Critical |
| Azure OpenAI Elevation of Privilege Vulnerability | ||||
| CVE-2025-53792 | 1 Microsoft | 2 Azure, Azure Portal | 2026-02-13 | 9.1 Critical |
| Azure Portal Elevation of Privilege Vulnerability | ||||
| CVE-2025-48807 | 1 Microsoft | 23 Hyper-v, Server, Windows and 20 more | 2026-02-13 | 6.7 Medium |
| Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally. | ||||
| CVE-2025-53793 | 1 Microsoft | 4 Azure Stack Hub, Azure Stack Hub 2406, Azure Stack Hub 2408 and 1 more | 2026-02-13 | 7.5 High |
| Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53789 | 1 Microsoft | 23 Server, Windows, Windows 10 1507 and 20 more | 2026-02-13 | 7.8 High |
| Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53788 | 1 Microsoft | 1 Windows Subsystem For Linux | 2026-02-13 | 7 High |
| Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-53784 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2026-02-13 | 8.4 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-53783 | 1 Microsoft | 6 Dynamics 365 Guides, Dynamics 365 Remote Assist, Teams and 3 more | 2026-02-13 | 7.5 High |
| Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-53779 | 1 Microsoft | 4 Server, Windows, Windows Server and 1 more | 2026-02-13 | 7.2 High |
| Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-53778 | 1 Microsoft | 29 Windows, Windows 10, Windows 10 1507 and 26 more | 2026-02-13 | 8.8 High |
| Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network. | ||||