Search

Expected end of text, found '.' (at char 36), (line:1, col:37)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (314197 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-55328 2025-10-14 7.8 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
CVE-2025-55326 2025-10-14 7.5 High
Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.
CVE-2025-55325 2025-10-14 5.5 Medium
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-55320 2025-10-14 6.7 Medium
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Configuration Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-55315 2025-10-14 9.9 Critical
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
CVE-2025-55248 2025-10-14 4.8 Medium
Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.
CVE-2025-55247 2025-10-14 7.3 High
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to elevate privileges locally.
CVE-2025-55240 2025-10-14 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-54603 2025-10-14 N/A
An incorrect OIDC authentication flow in Claroty Secure Access 3.3.0 through 4.0.2 can result in unauthorized user creation or impersonation of existing OIDC users.
CVE-2025-53782 2025-10-14 8.4 High
Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthorized attacker to elevate privileges locally.
CVE-2025-53768 2025-10-14 7.8 High
Use after free in Xbox allows an authorized attacker to elevate privileges locally.
CVE-2025-53717 2025-10-14 7 High
Reliance on untrusted inputs in a security decision in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
CVE-2025-53150 2025-10-14 7.8 High
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVE-2025-53139 2025-10-14 7.7 High
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-50175 2025-10-14 7.8 High
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVE-2025-50174 2025-10-14 7 High
Use after free in Windows Device Association Broker service allows an authorized attacker to elevate privileges locally.
CVE-2025-50152 2025-10-14 7.8 High
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-49708 2025-10-14 9.9 Critical
Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges over a network.
CVE-2025-48813 2025-10-14 6.3 Medium
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.
CVE-2025-48004 2025-10-14 7.4 High
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.