Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (12121 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2023-21721 1 Microsoft 2 Onenote, Onenote For Android 2025-01-01 6.5 Medium
Microsoft OneNote Elevation of Privilege Vulnerability
CVE-2023-21817 1 Microsoft 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more 2025-01-01 7.8 High
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2023-21777 1 Microsoft 2 Azure App Service On Azure Stack, Azure Stack Hub 2025-01-01 8.7 High
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2023-21752 1 Microsoft 11 Windows 10, Windows 10 1507, Windows 10 1607 and 8 more 2025-01-01 7.1 High
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-21750 1 Microsoft 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more 2025-01-01 7.1 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21549 1 Microsoft 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more 2025-01-01 8.8 High
Windows SMB Witness Service Elevation of Privilege Vulnerability
CVE-2023-21531 1 Microsoft 1 Azure Service Fabric 2025-01-01 7 High
Azure Service Fabric Container Elevation of Privilege Vulnerability
CVE-2024-38016 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2024-12-31 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2024-43460 1 Microsoft 2 .dynamics 365 Business Central Online, Dynamics 365 Business Central 2024-12-31 8.1 High
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.
CVE-2024-43479 1 Microsoft 2 Power Automate, Power Automate For Desktop 2024-12-31 8.5 High
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
CVE-2024-38231 1 Microsoft 10 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 7 more 2024-12-31 6.5 Medium
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38225 1 Microsoft 1 Dynamics 365 Business Central 2024-12-31 8.8 High
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVE-2024-37341 1 Microsoft 6 Sql 2016 Azure Connect Feature Pack, Sql Server, Sql Server 2016 and 3 more 2024-12-31 8.8 High
Microsoft SQL Server Elevation of Privilege Vulnerability
CVE-2024-43492 1 Microsoft 1 Autoupdate 2024-12-31 7.8 High
Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
CVE-2024-43482 1 Microsoft 1 Outlook 2024-12-31 6.5 Medium
Microsoft Outlook for iOS Information Disclosure Vulnerability
CVE-2024-38220 1 Microsoft 1 Azure Stack Hub 2024-12-31 9 Critical
Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2022-41738 2 Ibm, Linux 2 Spectrum Scale Container Native Storage Access, Linux Kernel 2024-12-31 7.5 High
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812.
CVE-2022-41737 2 Ibm, Linux 2 Spectrum Scale Container Native Storage Access, Linux Kernel 2024-12-31 7.1 High
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. IBM X-Force ID: 237811.
CVE-2024-0104 1 Nvidia 8 Mga100-hs2, Mlnx-gw, Mlnx-os and 5 more 2024-12-26 4.2 Medium
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might lead to information disclosure, data tampering, and escalation of privileges.
CVE-2020-3503 1 Cisco 128 1100-4g Integrated Services Router, 1100-4gltegb Integrated Services Router, 1100-4gltena Integrated Services Router and 125 more 2024-12-19 6 Medium
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators.