Search
59,162 CVEs
CVEs (59,162, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 59,162 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2025-47172 | HIGH | Patched | 8.8 | 2025-06-10 | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. |
| CVE-2025-47173 | HIGH | 7.8 | 2025-06-10 | Improper input validation in Microsoft Office allows an unauthorized attacker to execute code locally. | |
| CVE-2025-47174 | HIGH | 7.8 | 2025-06-10 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |
| CVE-2025-47175 | HIGH | 7.8 | 2025-06-10 | Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | |
| CVE-2025-47176 | HIGH | 7.8 | 2025-06-10 | '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | |
| CVE-2025-47953 | HIGH | 8.4 | 2025-06-10 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | |
| CVE-2025-47955 | HIGH | Patched | 7.8 | 2025-06-10 | Improper privilege management in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. |
| CVE-2025-47956 | MEDIUM | Patched | 5.5 | 2025-06-10 | External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally. |
| CVE-2025-47957 | HIGH | 8.4 | 2025-06-10 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |
| CVE-2025-47962 | HIGH | Patched | 7.8 | 2025-06-10 | Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. |
| CVE-2025-47968 | HIGH | Patched | 7.8 | 2025-06-10 | Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. |
| CVE-2025-47969 | MEDIUM | Patched | 4.4 | 2025-06-10 | Exposure of sensitive information to an unauthorized actor in Windows Hello allows an authorized attacker to disclose information locally. |
| CVE-2025-47977 | HIGH | Patched | 8.2 | 2025-06-10 | Improper neutralization of input during web page generation ('cross-site scripting') in Nuance Digital Engagement Platform allows an unauthorized attacker to perform spoofi… |
| CVE-2025-5969 | HIGH | 8.8 | 2025-06-10 | A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of… | |
| CVE-2025-5970 | LOW | 2.4 | 2025-06-10 | A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file … | |
| CVE-2024-37394 | MEDIUM | Patched | 5.4 | 2025-06-10 | A stored cross-site scripting (XSS) vulnerability in the Project Dashboards of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting… |
| CVE-2024-37395 | MEDIUM | Patched | 5.4 | 2025-06-10 | A stored cross-site scripting (XSS) vulnerability in the Public Survey function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injec… |
| CVE-2024-37396 | MEDIUM | Patched | 5.4 | 2025-06-10 | A stored cross-site scripting (XSS) vulnerability in the Calendar function of REDCap 13.1.9 allows authenticated users to execute arbitrary web script or HTML by injecting … |
| CVE-2025-0051 | NONE | — | 2025-06-10 | Improper input validation performed during the authentication process of FlashArray could lead to a system Denial of Service. | |
| CVE-2025-0052 | NONE | — | 2025-06-10 | Improper input validation performed during the authentication process of FlashBlade could lead to a system Denial of Service. | |
| CVE-2025-2474 | CRITICAL | 9.8 | 2025-06-10 | Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute co… | |
| CVE-2025-2884 | MEDIUM | 6.6 | 2025-06-10 | TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signatur… | |
| CVE-2025-36574 | HIGH | Patched | 8.2 | 2025-06-10 | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially ex… |
| CVE-2025-36575 | HIGH | Patched | 7.5 | 2025-06-10 | Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive Information Through Data Queries vulnerability. An unauthenticated attacker with rem… |
| CVE-2025-36576 | LOW | Patched | 2.7 | 2025-06-10 | Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potent… |