Export limit exceeded: 356032 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10047 | 1 Lollms | 1 Lollms Web Ui | 2025-07-08 | N/A |
| parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /open_file endpoint. | ||||
| CVE-2024-49046 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-08 | 7.8 High |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||||
| CVE-2024-43452 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more | 2025-07-08 | 7.5 High |
| Windows Registry Elevation of Privilege Vulnerability | ||||
| CVE-2024-43511 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | 7 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||
| CVE-2022-30214 | 1 Microsoft | 4 Windows Server 2016, Windows Server 2019, Windows Server 2022 and 1 more | 2025-07-08 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||
| CVE-2022-30212 | 1 Microsoft | 11 Windows 10, Windows 10 1809, Windows 10 20h2 and 8 more | 2025-07-08 | 4.7 Medium |
| Windows Connected Devices Platform Service Information Disclosure Vulnerability | ||||
| CVE-2022-30205 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2025-07-08 | 6.6 Medium |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2022-24525 | 1 Microsoft | 9 Windows 10, Windows 10 1909, Windows 10 20h2 and 6 more | 2025-07-08 | 7 High |
| Windows Update Stack Elevation of Privilege Vulnerability | ||||
| CVE-2022-23283 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2022-21975 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2025-07-08 | 4.7 Medium |
| Windows Hyper-V Denial of Service Vulnerability | ||||
| CVE-2022-24505 | 1 Microsoft | 15 Windows 10, Windows 10 1507, Windows 10 1607 and 12 more | 2025-07-08 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2024-36621 | 1 Mobyproject | 1 Moby | 2025-07-02 | 6.5 Medium |
| moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion. | ||||
| CVE-2024-36623 | 1 Mobyproject | 1 Moby | 2025-07-02 | 8.1 High |
| moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes. | ||||
| CVE-2023-40597 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-07-01 | 7.8 High |
| In Splunk Enterprise versions lower than 8.2.12, 9.0.6, and 9.1.1, an attacker can exploit an absolute path traversal to execute arbitrary code that is located on a separate disk. | ||||
| CVE-2024-34732 | 1 Google | 1 Android | 2025-06-27 | 8.4 High |
| In RGXMMUCacheInvalidate of rgxmem.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-33844 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-27 | 5.5 Medium |
| A floating point exception (divide-by-zero) issue was discovered in SoX in functon startread() of wav.c file. An attacker with a crafted wav file, could cause an application to crash. | ||||
| CVE-2021-23210 | 1 Sound Exchange Project | 1 Sound Exchange | 2025-06-27 | 5.5 Medium |
| A floating point exception (divide-by-zero) issue was discovered in SoX in functon read_samples() of voc.c file. An attacker with a crafted file, could cause an application to crash. | ||||
| CVE-2024-27297 | 1 Nixos | 1 Nix | 2025-06-27 | 6.3 Medium |
| Nix is a package manager for Linux and other Unix systems. A fixed-output derivations on Linux can send file descriptors to files in the Nix store to another program running on the host (or another fixed-output derivation) via Unix domain sockets in the abstract namespace. This allows to modify the output of the derivation, after Nix has registered the path as "valid" and immutable in the Nix database. In particular, this allows the output of fixed-output derivations to be modified from their expected content. This issue has been addressed in versions 2.3.18 2.18.2 2.19.4 and 2.20.5. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-27361 | 1 Samsung | 16 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 13 more | 2025-06-26 | 5.1 Medium |
| A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service. | ||||
| CVE-2021-42390 | 1 Clickhouse | 1 Clickhouse | 2025-06-25 | 6.5 Medium |
| Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. | ||||