Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (1603 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-23458 1 Zscaler 1 Client Connector 2024-08-07 7.3 High
While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. This issue affects Zscaler Client Connector on Windows <4.2.0.190.
CVE-2024-23460 1 Zscaler 1 Client Connector 2024-08-07 6.4 Medium
The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS <4.2.
CVE-2023-20576 2024-02-13 7.7 High
A vulnerability was found in AMD hardware due to insufficient verification of data authenticity in AGESA. This issue may allow a local unauthenticated attacker to update SPI ROM data, potentially resulting in denial of service or privilege escalation.