Search

Expected end of text, found '.' (at char 42), (line:1, col:43)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (314706 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-48503 2 Apple, Redhat 8 Ipados, Iphone Os, Macos and 5 more 2025-10-18 8.8 High
The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.
CVE-2025-59286 1 Microsoft 3 365, 365 Copilot, 365 Copilot Chat 2025-10-18 6.5 Medium
Copilot Spoofing Vulnerability
CVE-2025-59272 1 Microsoft 3 365, 365 Copilot, 365 Copilot Chat 2025-10-18 6.5 Medium
Copilot Spoofing Vulnerability
CVE-2025-59252 1 Microsoft 3 365, 365 Copilot, 365 Word Copilot 2025-10-18 6.5 Medium
M365 Copilot Spoofing Vulnerability
CVE-2025-48813 2025-10-18 6.3 Medium
Use of a key past its expiration date in Virtual Secure Mode allows an authorized attacker to perform spoofing locally.
CVE-2025-59193 2025-10-18 7 High
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
CVE-2025-59192 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-10-18 7.8 High
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-59241 1 Microsoft 2 Windows 11 24h2, Windows 11 25h2 2025-10-18 7.8 High
Improper link resolution before file access ('link following') in Windows Health and Optimized Experiences Service allows an authorized attacker to elevate privileges locally.
CVE-2025-59199 2025-10-18 7.8 High
Improper access control in Software Protection Platform (SPP) allows an authorized attacker to elevate privileges locally.
CVE-2025-55695 2025-10-18 5.5 Medium
Out-of-bounds read in Windows WLAN Auto Config Service allows an authorized attacker to disclose information locally.
CVE-2025-10243 1 Ivanti 1 Endpoint Manager Mobile 2025-10-18 7.2 High
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVE-2025-10242 1 Ivanti 1 Endpoint Manager Mobile 2025-10-18 7.2 High
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVE-2025-55339 2025-10-18 7.8 High
Out-of-bounds read in Windows NDIS allows an authorized attacker to elevate privileges locally.
CVE-2025-50175 1 Microsoft 11 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 8 more 2025-10-18 7.8 High
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVE-2025-53150 2025-10-18 7.8 High
Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.
CVE-2025-58720 2025-10-18 7.8 High
Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally.
CVE-2025-53139 2025-10-18 7.7 High
Cleartext transmission of sensitive information in Windows Hello allows an unauthorized attacker to bypass a security feature locally.
CVE-2025-33073 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-10-18 8.8 High
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
CVE-2025-62640 2025-10-18 N/A
Not used
CVE-2025-62639 2025-10-18 N/A
Not used