Search
Search Results (316071 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36584 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more | 2025-10-28 | 5.4 Medium |
| Windows Mark of the Web Security Feature Bypass Vulnerability | ||||
| CVE-2023-36761 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-28 | 6.5 Medium |
| Microsoft Word Information Disclosure Vulnerability | ||||
| CVE-2023-36802 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2025-10-28 | 7.8 High |
| Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||||
| CVE-2025-12342 | 1 Serdar Bayram | 1 Ghost Hot Spot | 2025-10-28 | 7.3 High |
| A flaw has been found in Serdar Bayram Ghost Hot Spot up to 20251014. The affected element is an unknown function of the file /Auth.php of the component Login. This manipulation causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-36874 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-28 | 7.8 High |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-36884 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-28 | 7.5 High |
| Windows Search Remote Code Execution Vulnerability | ||||
| CVE-2023-38180 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, Asp.net Core and 4 more | 2025-10-28 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-41763 | 1 Microsoft | 1 Skype For Business Server | 2025-10-28 | 5.3 Medium |
| Skype for Business Elevation of Privilege Vulnerability | ||||
| CVE-2023-24955 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-10-28 | 7.2 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2023-28229 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-28 | 7 High |
| Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-28252 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-28 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-29336 | 1 Microsoft | 5 Windows 10 1507, Windows 10 1607, Windows Server 2008 and 2 more | 2025-10-28 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2023-29357 | 1 Microsoft | 1 Sharepoint Server | 2025-10-28 | 9.8 Critical |
| Microsoft SharePoint Server Elevation of Privilege Vulnerability | ||||
| CVE-2023-29360 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-10-28 | 8.4 High |
| Microsoft Streaming Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-32046 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-28 | 7.8 High |
| Windows MSHTML Platform Elevation of Privilege Vulnerability | ||||
| CVE-2023-32049 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-10-28 | 8.8 High |
| Windows SmartScreen Security Feature Bypass Vulnerability | ||||
| CVE-2023-35311 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2025-10-28 | 8.8 High |
| Microsoft Outlook Security Feature Bypass Vulnerability | ||||
| CVE-2023-36025 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-28 | 8.8 High |
| Windows SmartScreen Security Feature Bypass Vulnerability | ||||
| CVE-2025-12344 | 1 Yonyou | 2 U8+, Yonyou | 2025-10-28 | 6.3 Medium |
| A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manipulation of the argument ts/sign leads to unrestricted upload. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-12216 | 1 Azure Access Technology | 2 Blu-ic2, Blu-ic4 | 2025-10-28 | N/A |
| Malicious / Malformed App can be Installed but not Uninstalled/may lead to unavailability.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. | ||||