Search

Expected end of text, found ':' (at char 29), (line:1, col:30)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (309372 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-54899 2025-09-12 7.8 High
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54898 2025-09-12 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54897 2025-09-12 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-54896 2025-09-12 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54895 2025-09-12 7.8 High
Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally.
CVE-2025-54894 2025-09-12 7.8 High
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2025-54111 2025-09-12 7.8 High
Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.
CVE-2025-54110 2025-09-12 8.8 High
Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-54106 2025-09-12 8.8 High
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-54102 2025-09-12 7.8 High
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-54101 2025-09-12 4.8 Medium
Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.
CVE-2025-54099 2025-09-12 7 High
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-54097 2025-09-12 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-54096 2025-09-12 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-54095 2025-09-12 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-53798 2025-09-12 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-53797 2025-09-12 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49734 2025-09-12 7 High
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
CVE-2025-10273 2025-09-12 3.5 Low
A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this vulnerability is an unknown functionality of the file /view/file.aspx. Such manipulation of the argument File leads to path traversal. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-4974 2025-09-11 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.