Search

Expected end of text, found '.' (at char 14), (line:1, col:15)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (309085 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-54902 2025-09-09 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54899 2025-09-09 7.8 High
Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54898 2025-09-09 7.8 High
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54897 2025-09-09 8.8 High
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2025-54896 2025-09-09 7.8 High
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-54895 2025-09-09 7.8 High
Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally.
CVE-2025-54894 2025-09-09 7.8 High
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
CVE-2025-54111 2025-09-09 7.8 High
Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally.
CVE-2025-54110 2025-09-09 8.8 High
Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2025-54106 2025-09-09 8.8 High
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-54102 2025-09-09 7.8 High
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
CVE-2025-54101 2025-09-09 4.8 Medium
Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network.
CVE-2025-54099 2025-09-09 7 High
Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
CVE-2025-54097 2025-09-09 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-54096 2025-09-09 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-54095 2025-09-09 6.5 Medium
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-53798 2025-09-09 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-53797 2025-09-09 6.5 Medium
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-49734 2025-09-09 7 High
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally.
CVE-2025-9997 2025-09-09 N/A
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause command injection in BLMon that is executed in the operating system console when in a SSH session.