Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2383 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2021-31172 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 7.1 High
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-28478 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 7.6 High
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2021-26418 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-02-28 4.6 Medium
Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-38173 1 Microsoft 1 Edge Chromium 2025-02-28 4.3 Medium
Microsoft Edge for Android Spoofing Vulnerability
CVE-2023-36883 1 Microsoft 1 Edge 2025-02-28 4.3 Medium
Microsoft Edge for iOS Spoofing Vulnerability
CVE-2023-36769 1 Microsoft 1 Onenote 2025-02-28 4.6 Medium
Microsoft OneNote Spoofing Vulnerability
CVE-2023-35392 1 Microsoft 1 Edge Chromium 2025-02-28 4.7 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2023-29334 1 Microsoft 1 Edge Chromium 2025-02-28 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2023-24935 1 Microsoft 1 Edge Chromium 2025-02-28 6.1 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2023-24892 1 Microsoft 1 Edge Chromium 2025-02-28 8.2 High
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
CVE-2023-21794 1 Microsoft 1 Edge Chromium 2025-02-28 4.3 Medium
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2021-31209 1 Microsoft 1 Exchange Server 2025-02-28 6.5 Medium
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-31195 1 Microsoft 1 Exchange Server 2025-02-28 6.5 Medium
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-43201 4 Apple, Google, Planet Fitness and 1 more 4 Iphone Os, Android, Planet Fitness Workouts and 1 more 2025-02-28 8.8 High
The Planet Fitness Workouts iOS and Android mobile apps fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. Planet Fitness first addressed this vulnerability in version 9.8.12 (released on 2024-07-25) and more recently in version 9.9.13 (released on 2025-02-11).
CVE-2023-22943 1 Splunk 2 Add-on Builder, Cloudconnect Software Development Kit 2025-02-28 4.8 Medium
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
CVE-2023-1537 1 Answer 1 Answer 2025-02-27 9.8 Critical
Authentication Bypass by Capture-replay in GitHub repository answerdev/answer prior to 1.0.6.
CVE-2021-21548 1 Dell 3 Emc Unisphere For Powermax, Emc Unisphere For Powermax Virtual Appliance, Powermax Os 2025-02-26 7.4 High
Dell EMC Unisphere for PowerMax versions before 9.1.0.27, Dell EMC Unisphere for PowerMax Virtual Appliance versions before 9.1.0.27, and PowerMax OS Release 5978 contain an improper certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim’s data in transit.
CVE-2022-48349 1 Huawei 2 Emui, Harmonyos 2025-02-24 9.1 Critical
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability.
CVE-2023-1177 1 Lfprojects 1 Mlflow 2025-02-19 9.3 Critical
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1.
CVE-2022-46415 1 Dji 2 Spark, Spark Firmware 2025-02-19 9.1 Critical
DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to send many DHCP request packets.