CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4930 matches found

OSV•added 2025/03/11 5:16 p.m.•2 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network...

7.5CVSS6.1AI score0.00605EPSS

Exploits0References1

NVD•added 2025/03/11 5:16 p.m.•5 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network...

7.5CVSS0.00605EPSS

Exploits0References1

Vulnrichment•added 2025/03/11 4:50 p.m.•6 views

CVE-2025-26634 Windows Core Messaging Elevation of Privileges Vulnerability

...

7.5CVSS7.6AI score0.00605EPSS

Exploits0References1

Cvelist•added 2025/03/11 4:50 p.m.•18 views

CVE-2025-26634 Windows Core Messaging Elevation of Privileges Vulnerability

...

7.5CVSS0.00605EPSS

Exploits0References1

CVE•added 2025/03/11 4:50 p.m.•83 views

CVE-2025-26634

CVE-2025-26634 describes a heap-based buffer overflow in Windows Core Messaging that could allow an unauthenticated? not; authorized attacker to elevate privileges over a network. The CVE entry lists a CVSS v3.1 base score of 7.5 (HIGH) with NETWORK attack vector, HIGH impact on confidentiality/i...

7.5CVSS7.7AI score0.00605EPSS

Exploits0References1Affected Software12

Microsoft CVE•added 2025/03/11 7:0 a.m.•21 views

Windows Core Messaging Elevation of Privileges Vulnerability

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network...

7.5CVSS7.5AI score0.00605EPSS

Exploits0

Positive Technologies•added 2025/03/11 12:0 a.m.•3 views

PT-2025-10849 · Microsoft · Windows Core Messaging +1

Name of the Vulnerable Software and Affected Versions: Windows Core Messaging affected versions not specified Description: A heap-based buffer overflow issue in Windows Core Messaging allows an authorized attacker to elevate privileges over a network. Recommendations: At the moment, there is no...

7.5CVSS6.3AI score0.00605EPSS

Exploits0References12

ATTACKERKB•added 2025/02/28 3:15 a.m.•3 views

CVE-2025-0975

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters...

8.8CVSS5.9AI score0.00607EPSS

Exploits0References2

OSV•added 2025/02/28 3:15 a.m.•2 views

CVE-2025-23225

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue...

6.5CVSS5.8AI score0.00399EPSS

Exploits0References1

OSV•added 2025/02/28 3:15 a.m.•5 views

CVE-2024-54173

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled...

4.7CVSS5.7AI score0.00119EPSS

Exploits0References1

CNNVD•added 2025/02/28 12:0 a.m.•2 views

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and proven messaging backbone for Service Oriented Architecture SOA. A denial of service vulnerability exists in IBM MQ that stems from improper handling of invalid heade...

6.5CVSS6.5AI score0.00399EPSS

Exploits0References2

CNNVD•added 2025/02/28 12:0 a.m.•6 views

IBM MQ 安全漏洞

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ that stems from storing sensitive information in...

6.5CVSS6AI score0.00236EPSS

Exploits0References3

BDU FSTEC•added 2025/02/27 12:0 a.m.•5 views

The vulnerability of the Core Messaging component in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Core Messaging component in Windows operating systems is related to unreliable pointer aliasing. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7.8CVSS7.7AI score0.00711EPSS

Exploits0References2

Malwarebytes•added 2025/02/26 3:0 p.m.•6 views

Android happy to check your nudes before you forward them

Sometimes the updates we install to keep our devices safe do a little bit more than we might suspect at first glance. Take the October 2024 Android Security Bulletin. It included a new service called Android System SafetyCore. If you can find a mention of that in the security bulletin, you’re a...

7.3AI score

Exploits0

BDU FSTEC•added 2025/02/26 12:0 a.m.•5 views

The vulnerability of the Core Messaging component in Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the Core Messaging component in Windows operating systems is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS8AI score0.00569EPSS

Exploits0References2

OSV•added 2025/02/20 10:31 a.m.•12 views

BIT-DISCOURSE-2024-56197 Users can see other user's tagged PMs in Discourse

Discourse is an open source platform for community discussion. PM titles and metadata can be read by other users when the "PM tags allowed for groups" option is enabled, the other user is a member of a group added to this option, and the PM has been tagged. This issue has been patched in the late...

4.9CVSS3.8AI score0.00329EPSS

Exploits0References2

BDU FSTEC•added 2025/02/18 12:0 a.m.•5 views

The vulnerability of the XMPP protocol (Extensible Messaging and Presence Protocol), which is used by the Jitsi Meet video conferencing software, allows a hacker to disclose meeting passwords.

The vulnerability of the Jitsi Meet software, a video conferencing solution based on the XMPP protocol, is related to insufficient protection of sensitive data. Exploiting this vulnerability could allow a malicious actor to retrieve meeting passwords through HTTP POST requests...

7.8CVSS5.5AI score0.00655EPSS

Exploits0References4Affected Software1