Total
2926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21202 | 2025-01-15 | 6.1 Medium | ||
| Windows Recovery Environment Agent Elevation of Privilege Vulnerability | ||||
| CVE-2024-26203 | 1 Microsoft | 1 Azure Data Studio | 2025-01-15 | 7.3 High |
| Azure Data Studio Elevation of Privilege Vulnerability | ||||
| CVE-2025-21380 | 2025-01-15 | 8.8 High | ||
| Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network. | ||||
| CVE-2025-21340 | 2025-01-15 | 5.5 Medium | ||
| Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability | ||||
| CVE-2025-21213 | 2025-01-15 | 4.6 Medium | ||
| Secure Boot Security Feature Bypass Vulnerability | ||||
| CVE-2025-21405 | 2025-01-15 | 7.3 High | ||
| Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2025-21301 | 2025-01-15 | 6.5 Medium | ||
| Windows Geolocation Service Information Disclosure Vulnerability | ||||
| CVE-2025-21293 | 2025-01-15 | 8.8 High | ||
| Active Directory Domain Services Elevation of Privilege Vulnerability | ||||
| CVE-2024-43600 | 1 Microsoft | 1 Office | 2025-01-15 | 7.8 High |
| Microsoft Office Elevation of Privilege Vulnerability | ||||
| CVE-2024-49107 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-15 | 7.3 High |
| WmsRepair Service Elevation of Privilege Vulnerability | ||||
| CVE-2024-49105 | 1 Microsoft | 17 Remote Desktop, Windows 10 1507, Windows 10 1607 and 14 more | 2025-01-15 | 8.4 High |
| Remote Desktop Client Remote Code Execution Vulnerability | ||||
| CVE-2024-49068 | 1 Microsoft | 1 Sharepoint Server | 2025-01-15 | 8.2 High |
| Microsoft SharePoint Elevation of Privilege Vulnerability | ||||
| CVE-2024-43594 | 1 Microsoft | 3 System Center 2019, System Center 2022, System Center 2025 | 2025-01-15 | 7.3 High |
| Microsoft System Center Elevation of Privilege Vulnerability | ||||
| CVE-2023-28312 | 1 Microsoft | 1 Azure Machine Learning | 2025-01-14 | 6.5 Medium |
| Azure Machine Learning Information Disclosure Vulnerability | ||||
| CVE-2023-28246 | 1 Microsoft | 3 Windows 11 21h2, Windows 11 22h2, Windows Server 2022 | 2025-01-14 | 7.8 High |
| Windows Registry Elevation of Privilege Vulnerability | ||||
| CVE-2023-28300 | 1 Microsoft | 1 Azure Service Connector | 2025-01-14 | 7.5 High |
| Azure Service Connector Security Feature Bypass Vulnerability | ||||
| CVE-2024-11868 | 1 Thimpress | 1 Learnpress | 2025-01-14 | 5.3 Medium |
| The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.3 via class-lp-rest-material-controller.php. This makes it possible for unauthenticated attackers to extract potentially sensitive paid course material. | ||||
| CVE-2024-45326 | 2025-01-14 | 3.9 Low | ||
| An Improper Access Control vulnerability [CWE-284] in FortiDeceptor version 6.0.0, version 5.3.3 and below, version 5.2.1 and below, version 5.1.0, version 5.0.0 may allow an authenticated attacker with none privileges to perform operations on the central management appliance via crafted requests. | ||||
| CVE-2017-16766 | 1 Synology | 1 Diskstation Manager | 2025-01-14 | N/A |
| An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option. | ||||
| CVE-2025-0463 | 2025-01-14 | 6.3 Medium | ||
| A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0. It has been classified as critical. Affected is an unknown function of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1&related_module=Singin. The manipulation of the argument name leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||