CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

CNNVD•added 2026/05/22 12:0 a.m.•5 views

Microsoft Azure Stack HCI 输入验证错误漏洞

Microsoft Azure Stack HCI is a hybrid product developed by Microsoft Corporation. It can host Windows and Linux VMs or containerized workloads along with their storage. There is an input validation vulnerability in Microsoft Azure Stack HCI, which stems from improper input validation. This...

7.7CVSS5.8AI score0.0013EPSS

Exploits0References1

CNNVD•added 2026/05/20 12:0 a.m.•10 views

Microsoft Defender 后置链接漏洞

Microsoft Defender is a threat protection software developed by the American company Microsoft. Microsoft Defender has a postback link vulnerability, which stems from improper link resolution before file access. This vulnerability could allow authorized attackers to gain local privileges...

7.8CVSS6AI score0.08013EPSS

Exploits2References1

CNNVD•added 2026/05/19 12:0 a.m.•6 views

Microsoft Azure Portal Windows Admin Center 后置链接漏洞

Microsoft Azure Portal Windows Admin Center is a Windows server and hybrid cloud management platform integrated with the Azure Portal by Microsoft Corporation. There is a postback link vulnerability in Microsoft Azure Portal Windows Admin Center, which stems from improper link resolution before...

7.8CVSS5.8AI score0.00026EPSS

Exploits0References2

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-40147

Name of the Vulnerable Software and Affected Versions Windows Win32K affected versions not specified Description A use after free issue in ICOMP allows an authorized attacker to elevate privileges locally to SYSTEM level. Use after free is a memory corruption flaw that occurs when an application...

7.8CVSS5.8AI score0.00066EPSS

Exploits0References8

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22597

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS5.6AI score0.0005EPSS

Exploits0References2

EUVD•added 2026/03/10 6:31 p.m.•0 views

EUVD-2026-10619

Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00045EPSS

Exploits0References2

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2025-208487

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer-BigDa...

6CVSS5.9AI score0.00055EPSS

Exploits0References2

Microsoft CVE•added 2026/03/10 2:0 p.m.•1 views

Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00041EPSS

Exploits0

CNNVD•added 2026/03/05 12:0 a.m.•5 views

Microsoft Azure Compute Gallery 安全漏洞

Microsoft Azure Compute Gallery is a service provided by Microsoft in the United States that manages virtual machines. There is a security vulnerability in Azure Compute Gallery, which stems from overly lax regular expressions, potentially allowing authorized attackers to gain local privileges...

6.7CVSS5.8AI score0.00038EPSS

Exploits0References1

Positive Technologies•added 2026/01/13 12:0 a.m.•2 views

PT-2026-2688

Name of the Vulnerable Software and Affected Versions Windows Kernel affected versions not specified Description The Windows Kernel has a flaw where the generation of error messages can expose sensitive information to a local attacker. This allows an attacker to potentially disclose information a...

5.5CVSS6AI score0.00075EPSS

Exploits0References5

EUVD•added 2025/11/07 6:30 p.m.•2 views

EUVD-2025-38289

An issue was discovered in rymcu forest thru commit f782e85 2025-09-04 in function doBefore in file src/main/java/com/rymcu/forest/core/service/security/AuthorshipAspect.java, allowing authorized attackers to delete arbitrary users posts...

6.5AI score0.00057EPSS

Exploits1References3

Positive Technologies•added 2025/11/07 12:0 a.m.•2 views

PT-2025-45448

7AI score0.00057EPSS

Exploits1References3

Vulnrichment•added 2025/11/07 12:0 a.m.•2 views

CVE-2025-63687

6.6AI score0.00057EPSS

Exploits1References2

OSV•added 2025/10/14 12:0 a.m.•0 views

UBUNTU-CVE-2025-55248

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...

5.7CVSS7.2AI score0.0003EPSS

Exploits0References4

Positive Technologies•added 2025/10/14 12:0 a.m.•2 views

PT-2025-42093

Name of the Vulnerable Software and Affected Versions Network Connection Status Indicator NCSI affected versions not specified Description An issue with access control in Network Connection Status Indicator NCSI could allow a local attacker to gain elevated privileges. Recommendations At the...

7.8CVSS8.5AI score0.00061EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-10833

Malicious code in bioql PyPI...

6.8CVSS6.4AI score0.003EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-14050

Malicious code in bioql PyPI...

9.9CVSS8.5AI score0.05726EPSS

Exploits2References1