Export limit exceeded: 18659 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351227 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-23222 | 2026-04-15 | 8.4 High | ||
| An issue was discovered in Deepin dde-api-proxy through 1.0.19 in which unprivileged users can access D-Bus services as root. Specifically, dde-api-proxy runs as root and forwards messages from arbitrary local users to legacy D-Bus methods in the actual D-Bus services, and the actual D-Bus services don't know about the proxy situation (they believe that root is asking them to do things). Consequently several proxied methods, that shouldn't be accessible to non-root users, are accessible to non-root users. In situations where Polkit is involved, the caller would be treated as admin, resulting in a similar escalation of privileges. | ||||
| CVE-2025-23245 | 2026-04-15 | 5.5 Medium | ||
| NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-23233 | 2026-04-15 | 3.5 Low | ||
| Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2025-32353 | 2026-04-15 | 8.2 High | ||
| Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file. | ||||
| CVE-2025-23241 | 2 Intel, Linux | 2 Ethernet 800 Series Software, Linux Kernel | 2026-04-15 | 7.3 High |
| Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2025-23246 | 2026-04-15 | 5.5 Medium | ||
| NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it allows a guest to consume uncontrolled resources. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2025-23258 | 1 Nvidia | 1 Doca | 2026-04-15 | 7.3 High |
| NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that could allow an attacker with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges. | ||||
| CVE-2025-23253 | 2026-04-15 | 2.5 Low | ||
| NVIDIA NvContainer service for Windows contains a vulnerability in its usage of OpenSSL, where an attacker could exploit a hard-coded constant issue by copying a malicious DLL in a hard-coded path. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2025-23254 | 2026-04-15 | 8.8 High | ||
| NVIDIA TensorRT-LLM for any platform contains a vulnerability in python executor where an attacker may cause a data validation issue by local access to the TRTLLM server. A successful exploit of this vulnerability may lead to code execution, information disclosure and data tampering. | ||||
| CVE-2025-23256 | 1 Nvidia | 4 Bluefield, Bluefield 2 Ga, Bluefield 2 Lts and 1 more | 2026-04-15 | 8.7 High |
| NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23257 | 1 Nvidia | 1 Doca | 2026-04-15 | 7.3 High |
| NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an actor with low privileges to escalate privileges. A successful exploit of this vulnerability might lead to escalation of privileges. | ||||
| CVE-2025-23259 | 1 Nvidia | 2 Mellanox Os, Mellanox Os Firmware | 2026-04-15 | 6.5 Medium |
| NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD), where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface. | ||||
| CVE-2025-23261 | 1 Nvidia | 2 Cumulus Linux, Nvs | 2026-04-15 | 5.5 Medium |
| NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users. | ||||
| CVE-2025-23262 | 1 Nvidia | 3 Connectx, Connectx-4, Connectx-5 | 2026-04-15 | 6.3 Medium |
| NVIDIA ConnectX contains a vulnerability in the management interface, where an attacker with local access could cause incorrect authorization to modify the configuration. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23267 | 1 Nvidia | 1 Container Toolkit | 2026-04-15 | 8.5 High |
| NVIDIA Container Toolkit for all platforms contains a vulnerability in the update-ldcache hook, where an attacker could cause a link following by using a specially crafted container image. A successful exploit of this vulnerability might lead to data tampering and denial of service. | ||||
| CVE-2025-23269 | 2026-04-15 | 4.7 Medium | ||
| NVIDIA Jetson Linux contains a vulnerability in the kernel where an attacker may cause an exposure of sensitive information due to a shared microarchitectural predictor state that influences transient execution. A successful exploit of this vulnerability may lead to information disclosure. | ||||
| CVE-2025-2327 | 2026-04-15 | N/A | ||
| A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is logged during key rotation when RDL is configured. | ||||
| CVE-2025-23270 | 2026-04-15 | 7.1 High | ||
| NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, where an unprivileged local attacker may cause exposure of sensitive information via a side channel vulnerability. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure. | ||||
| CVE-2025-23272 | 1 Nvidia | 2 Cuda Toolkit, Nvjpeg | 2026-04-15 | 5.7 Medium |
| NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. | ||||
| CVE-2025-23274 | 1 Nvidia | 2 Cuda Toolkit, Nvjpeg | 2026-04-15 | 4.5 Medium |
| NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service. | ||||