Search
Search Results (1619 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36955 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-10-30 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2021-38645 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 7.8 High |
| Open Management Infrastructure Elevation of Privilege Vulnerability | ||||
| CVE-2021-38646 | 1 Microsoft | 2 365 Apps, Office | 2025-10-30 | 7.8 High |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | ||||
| CVE-2021-38647 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 9.8 Critical |
| Open Management Infrastructure Remote Code Execution Vulnerability | ||||
| CVE-2021-38648 | 1 Microsoft | 12 Azure Automation State Configuration, Azure Automation Update Management, Azure Diagnostics and 9 more | 2025-10-30 | 7.8 High |
| Open Management Infrastructure Elevation of Privilege Vulnerability | ||||
| CVE-2021-34484 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2025-10-30 | 7.8 High |
| Windows User Profile Service Elevation of Privilege Vulnerability | ||||
| CVE-2021-34486 | 1 Microsoft | 11 Windows 10 1809, Windows 10 1909, Windows 10 2004 and 8 more | 2025-10-30 | 7.8 High |
| Windows Event Tracing Elevation of Privilege Vulnerability | ||||
| CVE-2021-34523 | 1 Microsoft | 1 Exchange Server | 2025-10-30 | 9 Critical |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | ||||
| CVE-2021-36942 | 1 Microsoft | 10 Windows Server 2004, Windows Server 2008, Windows Server 2008 R2 and 7 more | 2025-10-30 | 7.5 High |
| Windows LSA Spoofing Vulnerability | ||||
| CVE-2023-21715 | 1 Microsoft | 1 365 Apps | 2025-10-30 | 7.3 High |
| Microsoft Publisher Security Feature Bypass Vulnerability | ||||
| CVE-2023-21823 | 1 Microsoft | 22 Office, Windows 10 1507, Windows 10 1607 and 19 more | 2025-10-30 | 7.8 High |
| Windows Graphics Component Remote Code Execution Vulnerability | ||||
| CVE-2023-36761 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-30 | 6.5 Medium |
| Microsoft Word Information Disclosure Vulnerability | ||||
| CVE-2023-36802 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2025-10-30 | 7.8 High |
| Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||||
| CVE-2024-43573 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2025-10-30 | 6.5 Medium |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-43572 | 1 Microsoft | 25 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 22 more | 2025-10-30 | 7.8 High |
| Microsoft Management Console Remote Code Execution Vulnerability | ||||
| CVE-2021-38406 | 1 Deltaww | 1 Dopsoft | 2025-10-30 | 7.8 High |
| Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-1316 | 1 Edimax | 2 Ic-7100, Ic-7100 Firmware | 2025-10-30 | 9.8 Critical |
| Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted requests to achieve remote code execution on the device | ||||
| CVE-2025-0994 | 1 Trimble | 1 Cityworks | 2025-10-30 | 8.8 High |
| Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services (IIS) web server. | ||||
| CVE-2019-18187 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2025-10-30 | 8.8 High |
| Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). The remote process execution is bound to a web service account, which depending on the web platform used may have restricted permissions. An attempted attack requires user authentication. | ||||
| CVE-2022-22265 | 2 Google, Samsung | 2 Android, Exynos | 2025-10-30 | 5 Medium |
| An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. | ||||