Lucene search
K

21767 matches found

Microsoft CVE
Microsoft CVE
•added 2025/08/06 12:0 a.m.•3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.25. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

...

6.5CVSS7AI score0.00525EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/08/01 1:54 a.m.•7 views

Chromium: CVE-2025-8292 Use after free in Media Stream

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.9AI score0.00315EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•4 views

Perl threads have a working directory race condition where file operations may target unintended paths

...

5.9CVSS7AI score0.00368EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•2 views

Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

...

7.5CVSS6.9AI score0.01067EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•3 views

Libxml2: stack buffer overflow in xmllint interactive shell command handling

...

2.5CVSS7AI score0.0019EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•2 views

Libxml: heap use after free (uaf) leads to denial of service (dos)

...

9.1CVSS6.9AI score0.00669EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•6 views

AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

...

8.7CVSS7AI score0.00443EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/29 7:0 a.m.•2 views

Libxml: type confusion leads to denial of service (dos)

...

9.1CVSS6.9AI score0.01437EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/26 12:50 a.m.•5 views

Chromium: CVE-2025-8011 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.9AI score0.0025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/26 12:50 a.m.•2 views

Chromium: CVE-2025-8010 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.9AI score0.0025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/20 2:0 p.m.•29 views

Microsoft SharePoint Server Spoofing Vulnerability

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

9.8CVSS8.9AI score0.99982EPSS
Exploits41
Microsoft CVE
Microsoft CVE
•added 2025/07/19 2:0 p.m.•22 views

Microsoft SharePoint Server Remote Code Execution Vulnerability

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this...

9.8CVSS7.5AI score0.99982EPSS
Exploits41
Microsoft CVE
Microsoft CVE
•added 2025/07/19 7:0 a.m.•5 views

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c.

...

9.4CVSS7AI score0.00536EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/19 7:0 a.m.•3 views

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

...

9.8CVSS7AI score0.00483EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/18 2:0 p.m.•11 views

Microsoft Purview Elevation of Privilege Vulnerability

Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network...

9.9CVSS6.4AI score0.00738EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/18 2:0 p.m.•8 views

Azure Machine Learning Elevation of Privilege Vulnerability

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

9.9CVSS6.5AI score0.00692EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/18 2:0 p.m.•12 views

Azure DevOps Server Elevation of Privilege Vulnerability

Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

9CVSS6.5AI score0.00668EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/18 2:0 p.m.•8 views

Azure Machine Learning Elevation of Privilege Vulnerability

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

9.9CVSS6.4AI score0.00645EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/18 2:0 p.m.•5 views

Azure Machine Learning Elevation of Privilege Vulnerability

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.8AI score0.0063EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/18 7:0 a.m.•3 views

urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation

...

6.1CVSS7AI score0.004EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/18 7:0 a.m.•3 views

HTMLParser quadratic complexity when processing malformed inputs

...

4.3CVSS7AI score0.00462EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•8 views

Apache HTTP Server: HTTP/2 DoS by Memory Increase

...

7.5CVSS7AI score0.04409EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•4 views

Apache HTTP Server: mod_ssl TLS upgrade attack

...

7.5CVSS7AI score0.00516EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•5 views

Apache HTTP Server: mod_proxy_http2 denial of service

...

7.5CVSS7AI score0.01149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•3 views

Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()

...

6.5CVSS7AI score0.00619EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•4 views

Libssh: incorrect return code handling in ssh_kdf() in libssh

...

8.8CVSS7AI score0.00407EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•2 views

Libssh: double free vulnerability in libssh key export functions

...

6.5CVSS7AI score0.00494EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•4 views

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.

...

7.8CVSS7AI score0.00142EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•3 views

Apache HTTP Server: mod_ssl error log variable escaping

...

7.5CVSS7AI score0.00669EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•6 views

Apache HTTP Server: SSRF with mod_headers setting Content-Type header

...

7.5CVSS7AI score0.00772EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•3 views

Apache HTTP Server: HTTP response splitting

...

7.5CVSS7AI score0.00679EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•3 views

Libssh: invalid return code for chacha20 poly1305 with openssl backend

...

8.1CVSS7AI score0.0144EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•8 views

Apache HTTP Server: mod_ssl access control bypass with session resumption

...

9.1CVSS7AI score0.0097EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/17 7:0 a.m.•2 views

Libssh: out-of-bounds read in sftp_handle()

...

8.1CVSS7AI score0.02394EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/16 11:31 p.m.•10 views

Chromium: CVE-2025-7657 Use after free in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.00497EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/16 11:31 p.m.•9 views

Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild...

8.8CVSS6.9AI score0.09185EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/16 11:31 p.m.•4 views

Chromium: CVE-2025-7656 Integer overflow in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.0863EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/16 7:0 a.m.•3 views

Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

...

8.6CVSS7AI score0.00363EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/07/16 7:0 a.m.•1 views

Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf

...

7.5CVSS7AI score0.01051EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/16 7:0 a.m.•3 views

Redis DoS Vulnerability due to bad connection error handling

...

7.5CVSS7AI score0.00733EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/15 7:0 a.m.•5 views

Gnutls: vulnerability in gnutls sct extension parsing

...

5.3CVSS7AI score0.01179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/15 7:0 a.m.•2 views

Gnutls: vulnerability in gnutls certtool template parsing

...

8.2CVSS7AI score0.0072EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/15 7:0 a.m.•4 views

Gnutls: vulnerability in gnutls othername san export

...

8.2CVSS7AI score0.01185EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•8 views

net: libwx: handle page_pool_dev_alloc_pages error

...

5.5CVSS6.8AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•10 views

jfs: Prevent copying of nlink with value 0 from disk inode

...

5.5CVSS7.4AI score0.00128EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•1 views

net: vlan: don't propagate flags on open

...

5.5CVSS7AI score0.00128EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•8 views

PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type

...

5.5CVSS7.4AI score0.00122EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•7 views

media: venus: hfi_parser: refactor hfi packet parsing logic

...

7.1CVSS7.4AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•5 views

mptcp: fix NULL pointer in can_accept_new_subflow

...

5.5CVSS6.8AI score0.00176EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/07/11 7:0 a.m.•4 views

x86/mce: use is_copy_from_user() to determine copy-from-user context

...

5.5CVSS6.8AI score0.00201EPSS
Exploits0
Total number of security vulnerabilities21767