Lucene search
K

21767 matches found

Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•13 views

Windows Recovery Driver Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows Recovery Driver allows an authorized attacker to elevate privileges locally...

7.3CVSS7.2AI score0.00595EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•39 views

Windows Storage Management Provider Information Disclosure Vulnerability

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally...

5.5CVSS6.8AI score0.00602EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•6 views

Windows SMB Client Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows SMB allows an authorized attacker to elevate privileges locally...

7.8CVSS7.5AI score0.00455EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•7 views

Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7.8CVSS7.7AI score0.00455EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•13 views

Windows Schannel Remote Code Execution Vulnerability

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network...

8.1CVSS7.6AI score0.01112EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•57 views

.NET and Visual Studio Remote Code Execution Vulnerability

Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network...

7.5CVSS7.6AI score0.0089EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•13 views

Remote Desktop Protocol Client Information Disclosure Vulnerability

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network...

6.5CVSS6.8AI score0.01241EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/10 7:0 a.m.•15 views

Windows Remote Desktop Services Remote Code Execution Vulnerability

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network...

8.1CVSS8.1AI score0.0095EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/06/05 7:0 a.m.•17 views

Power Automate Elevation of Privilege Vulnerability

Exposure of sensitive information to an unauthorized actor in Power Automate allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS6.8AI score0.01022EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/03 8:50 p.m.•18 views

Chromium: CVE-2025-5068 Use after free in Blink

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.02614EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/06/03 8:50 p.m.•27 views

Chromium: CVE-2025-5419 Out of bounds read and write in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-5419 exists in the wild...

8.8CVSS6.9AI score0.06463EPSS
Exploits3
Microsoft CVE
Microsoft CVE
•added 2025/05/30 7:0 a.m.•3 views

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

...

8.8CVSS7.6AI score0.01479EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2025/05/29 7:6 p.m.•14 views

Chromium: CVE-2025-5066 Inappropriate implementation in Messages

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS6.9AI score0.00392EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•288 views

Chromium: CVE-2025-5067 Inappropriate implementation in Tab Strip

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00349EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•294 views

Chromium: CVE-2025-5283 Use after free in libvpx

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00493EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•295 views

Chromium: CVE-2025-5281 Inappropriate implementation in BFCache

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•19 views

Chromium: CVE-2025-5065 Inappropriate implementation in FileSystemAccess API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS6.9AI score0.00392EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•303 views

Chromium: CVE-2025-5064 Inappropriate implementation in Background Fetch API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS6.9AI score0.00307EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•15 views

Chromium: CVE-2025-5280 Out of bounds write in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.02249EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/29 6:55 p.m.•14 views

Chromium: CVE-2025-5063 Use after free in Compositing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.02967EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•3 views

Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow

...

6.5CVSS6.8AI score0.00407EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•5 views

Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination

...

6.5CVSS6.8AI score0.00379EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•1 views

Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

...

6.5CVSS7.2AI score0.0057EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•4 views

Rpm-ostree: world-readable /etc/shadow file

...

6.2CVSS6.3AI score0.00328EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•4 views

Integer overflow in PeCoffLoaderRelocateImage

...

5.9CVSS6.3AI score0.00373EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•6 views

Secrets leakage to telemetry endpoint via cache backend configuration via buildx

...

4.1CVSS7.2AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•4 views

A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512.

...

5.5CVSS4.5AI score0.00259EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•4 views

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.

...

5.3CVSS6.7AI score0.00529EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•5 views

An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.

...

6CVSS6.3AI score0.0029EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•6 views

PyTorch torch.mkldnn_max_pool2d denial of service

...

5.5CVSS5.5AI score0.00237EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•3 views

Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

...

5.5CVSS5.5AI score0.00338EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•6 views

iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return.

...

5.5CVSS5.5AI score0.0041EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•3 views

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

...

7.5CVSS6.8AI score0.0033EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/27 7:0 a.m.•5 views

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

...

7.5CVSS6.6AI score0.00527EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/22 7:0 a.m.•28 views

Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an authorized attacker to elevate privileges locally...

8.8CVSS8.7AI score0.00491EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 5:20 p.m.•29 views

Chromium: CVE-2025-4609 Incorrect handle provided in unspecified circumstances in Mojo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

9.6CVSS6.7AI score0.00375EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 5:20 p.m.•375 views

Chromium: CVE-2025-4664 Insufficient policy enforcement in Loader

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild...

4.3CVSS6.6AI score0.05329EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•1 views

Pcp: pmpost symlink attack allows escalating pcp to root user

...

4.4CVSS6.6AI score0.00288EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•6 views

A Stack Buffer Overflow vulnerability in zziplibv 0.13.77 allows attackers to cause a denial of service via the __zzip_fetch_disk_trailer() function at /zzip/zip.c.

...

7.5CVSS6.3AI score0.00604EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•3 views

NULL pointer dereference on specially crafted HTTP/2 request

...

7.5CVSS7.5AI score0.51208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•31 views

Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

7.8CVSS6.4AI score0.00705EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•3 views

Pcp: pmcd heap corruption through metric pmstore operations

...

5.5CVSS6.9AI score0.00261EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•3 views

An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.

...

5.5CVSS5.7AI score0.00317EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•5 views

OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.

...

7.8CVSS6.8AI score0.00518EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•3 views

A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution.

...

6.5CVSS6.3AI score0.00883EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•6 views

Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)

...

5.9CVSS5.8AI score0.00878EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•2 views

Regular Expression Denial of Service (ReDoS)

...

7.5CVSS6.7AI score0.0232EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 7:0 a.m.•5 views

Heap Buffer Overflow vulnerability in zziplib v0.13.77 allows attackers to cause a denial of service via the __zzip_parse_root_directory() function at /zzip/zip.c.

...

4.3CVSS5.6AI score0.00503EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/05/15 12:0 a.m.•5 views

CVE-2019-13045

...

8.1CVSS6.5AI score0.03333EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/05/15 12:0 a.m.•5 views

CVE-2017-5974

...

5.5CVSS5.2AI score0.01847EPSS
Exploits1
Total number of security vulnerabilities21767