Lucene search
K

22107 matches found

Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•10 views

Windows Telephony Service Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01563EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•25 views

Windows Telephony Service Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01067EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•10 views

Windows BitLocker Information Disclosure Vulnerability

...

4.2CVSS7.1AI score0.00699EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•9 views

Secure Boot Security Feature Bypass Vulnerability

...

6.8CVSS7.1AI score0.00757EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•27 views

Windows Digital Media Elevation of Privilege Vulnerability

...

6.6CVSS7.1AI score0.00744EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•25 views

Windows Digital Media Elevation of Privilege Vulnerability

...

6.6CVSS7.1AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•29 views

GDI+ Remote Code Execution Vulnerability

...

7.8CVSS7.1AI score0.00479EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•12 views

Windows Installer Elevation of Privilege Vulnerability

...

7.3CVSS7.1AI score0.00999EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•17 views

Secure Boot Security Feature Bypass Vulnerability

...

4.6CVSS7.1AI score0.00802EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•27 views

Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability

...

7.5CVSS8.1AI score0.0244EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•27 views

Windows Digital Media Elevation of Privilege Vulnerability

...

6.6CVSS7.1AI score0.00818EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•19 views

Windows Telephony Service Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01221EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/14 8:0 a.m.•22 views

Visual Studio Remote Code Execution Vulnerability

...

8.8CVSS7.1AI score0.01523EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/10 8:0 a.m.•4 views

Pam: libpam: libpam vulnerable to read hashed password

...

4.7CVSS6.6AI score0.00265EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/10 8:0 a.m.•3 views

runc can be confused to create empty files/directories on the host

...

3.6CVSS6.3AI score0.00317EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/09 8:0 a.m.•24 views

Azure Marketplace SaaS Resources Information Disclosure Vulnerability

Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network...

8.8CVSS6.8AI score0.0145EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/09 8:0 a.m.•23 views

Microsoft Purview Information Disclosure Vulnerability

A Server-Side Request Forgery SSRF vulnerability in Microsoft Purview allows an authorized attacker to disclose information over a network...

8.8CVSS6.8AI score0.24441EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/01/09 8:0 a.m.•3 views

Non-linear parsing of case-insensitive content in golang.org/x/net/html

...

7.5CVSS6.9AI score0.00856EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/01/08 8:0 a.m.•2 views

iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function.

...

7.5CVSS6.4AI score0.00908EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/12/28 8:0 a.m.•5 views

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.

...

9.1CVSS6.8AI score0.01192EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/27 8:0 a.m.•3 views

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

...

7.5CVSS6.8AI score0.00727EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/12/24 8:0 a.m.•6 views

Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library

...

7.4CVSS7.1AI score0.00551EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/21 8:0 a.m.•1 views

Denial of Service via crafted zip file in jaraco/zipp

...

6.2CVSS6.7AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/21 8:0 a.m.•8 views

`rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion

...

6.5CVSS5.8AI score0.0048EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/20 8:0 a.m.•4 views

Arbitrary command execution through gitRepo volume

...

8.1CVSS7.2AI score0.03001EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/20 8:0 a.m.•4 views

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.

...

8.4CVSS6.7AI score0.01557EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/12/20 8:0 a.m.•5 views

Misuse of connection.serverAuthenticate may cause authorization bypass in golang.org/x/crypto

...

9.1CVSS6.8AI score0.03092EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2024/12/20 8:0 a.m.•5 views

ssl fails to validate incorrect extened key usage

...

5.5CVSS6AI score0.00251EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 9:59 p.m.•57 views

Chromium: CVE-2024-12695 Out of bounds write in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00383EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/12/19 9:59 p.m.•27 views

Chromium: CVE-2024-12694 Use after free in Compositing

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00303EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 9:59 p.m.•17 views

Chromium: CVE-2024-12693 Out of bounds memory access in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00402EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 9:59 p.m.•22 views

Chromium: CVE-2024-12692 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.06087EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•3 views

GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability

...

6.3CVSS5.8AI score0.00633EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•5 views

Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method

...

5.5CVSS6.3AI score0.00298EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•7 views

Unbounded memory buffering in SelectorSocketTransport.writelines()

...

8.7CVSS7AI score0.0188EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•4 views

Pam: improper hostname interpretation in pam_access leads to access control bypass

...

7.4CVSS6.8AI score0.00798EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•3 views

Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root

...

7.8CVSS7.1AI score0.00287EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/19 8:0 a.m.•4 views

REXML denial of service vulnerability

...

5.9CVSS6.6AI score0.01205EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/14 8:0 a.m.•7 views

wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) 06df58f is vulnerable to NULL Pointer Dereference in function `block_type_get_result_types.

...

7.5CVSS5.8AI score0.00493EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•2 views

Reachable assertion in avahi_alternative_host_name

...

6.2CVSS6.4AI score0.00306EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•3 views

Reachable assertion in avahi_dns_packet_append_record

...

6.2CVSS6.4AI score0.00306EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•5 views

moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.

...

8.1CVSS7.2AI score0.00641EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•3 views

net: explicitly clear the sk pointer, when pf->create fails

...

7.8CVSS6.9AI score0.00231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•7 views

Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

...

9.6CVSS7.2AI score0.00861EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•10 views

virtio_pmem: Check device status before requesting flush

...

5.5CVSS6.8AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•4 views

moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.

...

8.8CVSS6.6AI score0.00779EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•4 views

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.

...

6.8CVSS6.2AI score0.00625EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•4 views

Reachable assertion in avahi_rdata_parse

...

6.2CVSS6.4AI score0.00306EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•2 views

Reachable assertion in avahi_escape_label

...

6.2CVSS6.4AI score0.00306EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/12/13 8:0 a.m.•5 views

Apache Arrow R package: Arbitrary code execution when loading a malicious data file

...

9.8CVSS7.6AI score0.02322EPSS
Exploits0
Total number of security vulnerabilities22107