Total
4109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35743 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-01-02 | 7.8 High |
| Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability | ||||
| CVE-2024-56803 | 2025-01-02 | N/A | ||
| Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. This attack requires an attacker to send malicious escape sequences followed by convincing the user to physically press the "enter" key. Fixed in Ghostty v1.0.1. | ||||
| CVE-2023-36049 | 2 Microsoft, Redhat | 18 .net, .net Framework, Visual Studio 2022 and 15 more | 2025-01-01 | 7.6 High |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2023-36437 | 1 Microsoft | 1 Azure Pipelines Agent | 2025-01-01 | 8.8 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36789 | 1 Microsoft | 1 Skype For Business Server | 2025-01-01 | 7.2 High |
| Skype for Business Remote Code Execution Vulnerability | ||||
| CVE-2023-36788 | 1 Microsoft | 10 .net Framework, Windows 10 1809, Windows 10 21h2 and 7 more | 2025-01-01 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2023-35333 | 1 Microsoft | 1 Pandocupload | 2025-01-01 | 8.8 High |
| MediaWiki PandocUpload Extension Remote Code Execution Vulnerability | ||||
| CVE-2023-21569 | 1 Microsoft | 1 Azure Devops Server | 2025-01-01 | 5.5 Medium |
| Azure DevOps Server Spoofing Vulnerability | ||||
| CVE-2023-24955 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2025-01-01 | 7.2 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2023-21553 | 1 Microsoft | 1 Azure Devops Server | 2025-01-01 | 7.5 High |
| Azure DevOps Server Remote Code Execution Vulnerability | ||||
| CVE-2024-49048 | 1 Microsoft | 1 Torchgeo | 2025-01-01 | 8.1 High |
| TorchGeo Remote Code Execution Vulnerability | ||||
| CVE-2024-43469 | 1 Microsoft | 1 Azure Cyclecloud | 2024-12-31 | 8.8 High |
| Azure CycleCloud Remote Code Execution Vulnerability | ||||
| CVE-2024-36694 | 2024-12-31 | 7.2 High | ||
| OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function. | ||||
| CVE-2024-29991 | 2024-12-31 | 5 Medium | ||
| Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | ||||
| CVE-2024-21378 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-12-31 | 8.8 High |
| Microsoft Outlook Remote Code Execution Vulnerability | ||||
| CVE-2024-21351 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-31 | 7.6 High |
| Windows SmartScreen Security Feature Bypass Vulnerability | ||||
| CVE-2024-13074 | 2024-12-31 | 3.5 Low | ||
| A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-12238 | 2024-12-31 | 6.3 Medium | ||
| The The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. | ||||
| CVE-2024-13069 | 2024-12-31 | 3.5 Low | ||
| A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-13017 | 2024-12-31 | 2.4 Low | ||
| A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/aboutus.php of the component About Us Page. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. | ||||