Search
Search Results (309018 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54905 | 2025-09-09 | 7.1 High | ||
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-54904 | 2025-09-09 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54903 | 2025-09-09 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54902 | 2025-09-09 | 7.8 High | ||
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54899 | 2025-09-09 | 7.8 High | ||
| Free of memory not on the heap in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54898 | 2025-09-09 | 7.8 High | ||
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54897 | 2025-09-09 | 8.8 High | ||
| Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-54896 | 2025-09-09 | 7.8 High | ||
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-54895 | 2025-09-09 | 7.8 High | ||
| Integer overflow or wraparound in Windows SPNEGO Extended Negotiation allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-10117 | 2025-09-09 | 3.5 Low | ||
| A weakness has been identified in SourceCodester Simple To-Do List System 1.0. Impacted is an unknown function of the file /fetch_tasks.php of the component Add New Task. Executing manipulation with the input <script>alert('XSS')</script> can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-54894 | 2025-09-09 | 7.8 High | ||
| Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-54111 | 2025-09-09 | 7.8 High | ||
| Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54110 | 2025-09-09 | 8.8 High | ||
| Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54106 | 2025-09-09 | 8.8 High | ||
| Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2025-54102 | 2025-09-09 | 7.8 High | ||
| Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-50586 | 1 Daycloud | 1 Studentmanage | 2025-09-09 | 6.5 Medium |
| StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF). | ||||
| CVE-2025-54101 | 2025-09-09 | 4.8 Medium | ||
| Use after free in Windows SMBv3 Client allows an authorized attacker to execute code over a network. | ||||
| CVE-2025-54099 | 2025-09-09 | 7 High | ||
| Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-54097 | 2025-09-09 | 6.5 Medium | ||
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-54096 | 2025-09-09 | 6.5 Medium | ||
| Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||